Author Archives: AndrewT

New cPanel Theme: Jupiter

cPanel’s latest theme, Jupiter, is now available on all of our servers. It is the default for all newly created packages and you can edit your existing packages to use it if so desired.

Although their development path isn’t particularly clear, you’ll notice this theme closely resembles the Glass style that was recently released for the Paper Lantern theme. They are instead moving forward with this new theme, Jupiter, and will be removing Paper Lantern entirely in Spring of 2022.

While this new theme is functional, there are a couple of things you should be aware of.

  • Customization is limited. Additional capabilities will be added in future releases.
  • The CloudLinux Resource Usage section is not currently present. This should start showing up within the next few weeks as updated stable builds of their lvemanager package are published.

In addition to this cPanel theme, they are reportedly working on a version of Jupiter for WHM as well, slated for release in cPanel version 100. Below is a low resolution teaser image that they sent out showing this.

A new look to WHM would certainly be welcome but we’ll have to wait and see for sure what their plans are. In the meantime, check out the cPanel theme and let us know what you think!

cPanel 96: New Glass Style & Updated DNS Zone Manager

With cPanel version 96 now installed on all of our servers, we wanted to take a quick moment and highlight a couple of the included changes.

New Glass Style for Paper Lantern

A new style, named Glass, has been added to the Paper Lantern theme. This is basically just a more lightweight, minimalistic version of the existing Basic style. Upon first look you might even wonder why none of the icons loaded but rest assured that is intentional.

While cPanel has tried to force this as the default for all new cPanel accounts, we’ve instead reverted back to the Basic style to avoid any confusion. You can easily change styles at any time via the “Change Style” link in cPanel. If you would like to set a default style at the WHM reseller level you can do that as well via Customization -> Customize Style in WHM.

DNS Zone Manager

A couple of very important improvements were made to WHM’s recent addition, the DNS Zone Manager. It now has the ability to manage multiple records at the same time and the ability to change a record’s type. The lack of these two capabilities had really limited the usefulness of this functionality up until now.

With the DNS Zone Manager now being more functional, the legacy “Edit DNS Zone” functionality has been removed entirely in cPanel 96. The Edit MX Entry interface has also been removed and replaced with an Email Routing Configuration page that replicates the same Email Routing functionality that is available within cPanel.

While not groundbreaking by any means, these changes may alter your workflow a little bit. If you have any questions about the new interfaces or require any other assistance please don’t hesitate to reach out to us.

Clientexec 7 & WHMCS Price Increases

WHMCS is a popular web hosting billing platform and like cPanel, is a WebPros brand. Earlier this month, WHMCS sent out notifications concerning upcoming price increases effective July 1st. Instead of a flat fee, WHMCS license pricing is now based on the number of active clients and starts at $18.95 per month for up to 250 clients, $29.95 for up to 500 clients and $44.95 for up to 1,000 clients.

For those familiar with WebPros, this was not a surprise. Since 2017, WebPros has been adding web hosting related brands to their portfolio and altering their pricing structures to be considerably more costly to their user base. This includes changing cPanel license pricing from a flat fee to per cPanel account, which has increased our own cPanel licenses costs by 900%.

Given that cPanel pricing has increased significantly each of the past two years, it would not be unexpected to see further WHMCS price increases in the future. Growing frustration industry wide has led to many abandoning WebPros brands entirely. It’s difficult to trust a business with this pattern of behavior.

Fortunately for WHMCS users, there are alternatives available. One of these is Clientexec, which we have offered for $4.00 per month for the past 15 years. With Clientexec 7 coming this quarter, now is a great opportunity to take advantage of this very attractive discounted pricing.

Clientexec 7 will feature a completely refreshed admin area, client area and order forms utilizing Bootstrap for a fully responsive experience. It will also include a new, fully fledged affiliate system. Further details concerning the upcoming improvements can be found on their coming soon page here. For those looking to migrate their WHMCS data over to ClientExec, documentation concerning this process is available here.

If you would like to add a Clientexec license to your account or need any assistance getting it setup please submit a ticket via our portal and we’ll be happy to help.

PHP 8.0 Now Available

We’re pleased to announce that PHP 8.0 is now available on all of our servers. You can easily change the PHP version per cPanel account via the “Select PHP Version” option in cPanel.

PHP 8.0 comes with numerous improvements and new features such as:

  • Union Types
  • Named Arguments
  • Match Expressions
  • Attributes
  • Constructor Property Promotion
  • Nullsafe Operator
  • Weak Maps
  • Just In Time Compilation

Additional information concerning the version 8.0 release can be found on PHP’s website here and the migration guide is also available. Please consult these for a detailed list of new features and backward incompatible changes. For third party applications, it’s best to confirm that they support PHP 8.0 before making the switch. However, if you run into any issues you can quickly and easily revert back to your prior version.

Please note that only a limited number of extensions are currently available for PHP 8.0. We will continue to make new ones available as soon as they are offered. We now offer secure versions of PHP 5.4 through 8.0 which are all easily selectable from within cPanel. Version 7.4 is now the default for all new cPanel accounts while existing accounts will continue to retain their prior settings.

Critical WP File Manager Plugin Vulnerability

The WordPress plugin File Manager contains a critical vulnerability that is actively being exploited by attackers to compromise WordPress sites. We saw a handful of these incidents on September 1st as the attacks were just starting to ramp up and a few more since then. Fortunately, in these cases the solution has been relatively simple: restore from a prior backup and delete the plugin.

This particular vulnerability has been present in the plugin since version 6.4, which was released in May. It was patched with the release of 6.9 on September 1st.

Due to the rate at which these attackers were occurring, we have proactively identified every single instance of a vulnerable version of this plugin being used on our servers and have removed it. Since this plugin merely offers a file management interface within the WordPress admin section, removing it doesn’t impact the functionality of the website. Users are welcome to re-install the latest version of this plugin if so desired.

This particular incident does bring to light an important topic though. It is best practice to use as a few plugins as possible, those that aren’t needed should be deleted (not just deactivated). There is certainly an argument to be made that a file manager plugin like this should never be installed but even if you disagree with that, there really isn’t strong justification for keeping a plugin like this installed beyond its intended use. It just allows another possible point of entry for attackers to exploit should a vulnerability be found.

Please keep this in mind as you continue to develop and secure your WordPress instances. If we can help in any way, please drop us a ticket and we’ll be happy to do so.

Cloning Scripts With Softaculous

The ability to clone scripts within Softaculous is a valuable and often overlooked feature. It can quickly and easily provide a safe place for you to test updates or create an up-to-date development environment.

To start the cloning process, you’ll want to go to the All Installations section of Softaculous. For each installation you’ll then see the clone option.

Upon selecting clone, you’ll be prompted to configure where you would like to clone the installation to. We highly recommend creating a separate subdomain for this that is outside of the current site’s document root. This helps to avoid any cross contamination between the two sites, particularly as it relates to custom .htaccess settings. Continue reading

Beta: Dathorn WordPress Scanner

WordPress is not only the most popular script that we host, it is also most frequently targeted by attackers. While critical vulnerabilities in the WordPress core are relatively rare, they are fairly common in plugins and themes. It is important that these items are always kept updated to help prevent a compromise.

This can be a confusing process because the WP admin interface may not accurately portray certain situations. For example, if you’ve installed a plugin or theme outside of the WordPress repository, it may always show no updates being available even though that is not the case. The WP admin interface also doesn’t warn when something hasn’t received an update in a while, indicating it may no longer be actively maintained. These are both scenarios that require special attention but are easily overlooked.

Further, if a WordPress is compromised due to a vulnerability it can be very difficult to get the site back online in a secure state. Typically, we recommend a complete fresh re-install because there is no easy way to tell what attackers may have modified or left behind. Last modified dates on files can’t even be trusted once an account has been compromised. Continue reading

More Than Just Webmail

An often overlooked feature of cPanel is the webmail interface, which offers far more than just a place to view your email. It is a very powerful tool that allows email users to fully manage their own email accounts. The interface was recently updated in cPanel 84 and includes a few new features as well.

From within webmail you can view device configuration information, setup filters or forwarders, change your password, configure spam filtering, manage disk usage and even track delivery of emails.

This can be a tremendous time saving tool for both you and your clients because it empowers email users to manage their own account. Simply send them to /webmail on their domain and they can login with their own email address and password.

PHP 7.4 Now Available

PHP 7.4 was released last month and is now available on all of our servers! As with prior versions, you can easily change the PHP version per cPanel account via the “Select PHP Version” option in cPanel.

PHP 7.4 comes with numerous improvements and new features such as:

The migration guide is available in the PHP Manual. Please consult it for the detailed list of new features and backward incompatible changes. For 3rd party applications, it’s best to confirm that they support PHP 7.4 before making the switch. However, if you run into any issues you can quickly and easily revert back to your prior version.

Node.js Now Available!

We’re very pleased to announce that Node.js applications can now be deployed on all of our servers. This functionality is available within cPanel via the “Setup Node.js App” link that can be found under the software section. Upon selecting the “Create Application” button you’ll see the screen below.

When creating an application you have the following options available to you:

  • Node.js Version – We currently offer the latest LTS (12.x) and prior LTS (10.x) versions. More can be added as needed though currently we plan to stick with the LTS releases (even version numbers). The desired version can be changed for any application at any time.
  • Application Mode – Simply select Development or Production based on your needs.
  • Application Root – This defines the file system path for the application, relative to the cPanel account’s home directory. If the cPanel user was “node” then entering “app” in this field would create the application at /home/node/app.
  • Application URL – This configures the URL to be used with the application. If left blank, it will configure the root (sub)domain to load the application.
  • Application Startup File – This defines your application startup file and will default to app.js if left blank.

You can also choose to define a passenger log file and setup custom environment variables if desired. Once you’ve created the application, you can visit the URL you configured for the application and see a basic test page like the one below.

Now that you have created an application, you can continue to manage it via cPanel. This includes restarting it, changing the Node.js version, switching between Development and Production, etc.

We know that many of you have been looking forward to this functionality and we’re eager to hear your feedback. Please let us know what you think here or via a ticket!