In cPanel & WHM 11.28, we introduced the Database Mapping feature (Main >> SQL Services >> Database Mapping). This feature lays the groundwork for more flexibility in how you name databases and database users.
In the past, cPanel has always prepended an account's username to any database name or database username created by the account (for example, a database might be named
user_dbname). This changes with the addition of the Database Mapping feature.
Database Mapping provides the following benefits:
- Accounts transferred from non-cPanel servers, such as those that run Plesk or Ensim, will no longer have the cPanel account name added as a prefix to the names of databases and database users. This means that applications such as blogs and forums should work with minimal or no changes after a transfer.
- Server owners can disable use of the database name prefix server-wide. If a server owner chooses this option, databases and database users will no longer be created with the cPanel account as a prefix (for example, a database could be named
user_dbase). This option is not reversible.
Both of the features above will make a server incompatible with older versions of cPanel if either of the folllowing is true:
- a non-cPanel account is transferred to an cPanel & WHM version 11.28 server, or
- the server owner opts to disable prefixing, in which case that server will not be able downgrade to cPanel & WHM version 11.28 later.
If you transfer an account from a cPanel system that does not use the database prefix to one that does (For example a cPanel & WHM version 11.28 server with prefixing disabled, to a cPanel & WHM version 11.28 server) will result in support issues. Databases and database users whose names lack the prefix will be unmanageable in the cPanel interface.
For more information about Database Mapping, see our Database Mapping white paper (PDF).
Prior to cPanel & WHM version 11.28, cPanel users were able to create a database via direct MySQL connections as long as the database was properly prefixed for the cPanel account (e.g.
However, in cPanel & WHM version 11.28, if the WHM administrator turns prefixing off, the grant statement that provides that permission will be removed. This will cause the cPanel account's MySQL user to not be able to create databases via direct MySQL connections. cPanel users will need to use the cPanel User Interface (UI) or API to create databases if prefixing has been disabled.
Removed phpMyAdmin User Modification Features
In cPanel & WHM 11.28, we removed some user modification features from
phpMyAdmin. The features we have removed include the following:
- The ability to add users
- The ability to delete users
- The ability to modify certain user properties, such as the hostname.
Server owners can now offer third-party webmail applications from the cPanel interface. This requires some Perl scripting ability.
LOCK Method for WebDAV
cPanel's Web Disk feature, provided by the
cpdavd service, is now fully compliant with the RFC 4918 Class 2 WebDAV standard.
This means that
cpdavd now provides full resource locking support, increasing the range of supported WebDAV clients significantly. Errors that previously occurred when users saved files via Microsoft® Office®, as well as seemingly random failures that perform bulk file operations from Mac OS® X Finder®, are alleviated with the implementation of a proper locking mechanism.
Changes to phpMyAdmin Authentication
cPanel & WHM version 11.28 substantially changes the way that
We have added a new phpMyAdmin authentication library, located at
/usr/local/cpanel/base/3rdparty/phpMyAdmin/libraries/auth/cpanel.auth.php. Its purpose is to allow for multiple types of authentication to
phpMyAdmin, as the user's
cpanel account does not necessarily have to have the same password for MySQL as it uses for system authentication.
When phpMyAdmin loads, it will now attempt to get authentication data from multiple sources. It will attempt a
mysql_connect() against the configured MySQL server for each source, until it finds the correct authentication information. The order of sources that it will attempt to load is:
- The user's system password.
- The user and password contained in
- If both of these fail, it will prompt for authentication with a login form.
As a result of this change, users should take note of the following information:
- When invalidated session data exists, it is possible for phpMyAdmin to have authentication issues. If you notice abnormalities in
phpMyAdmin, your fist step should be to clear the browser session data to attempt to resolve the issue.
- The Log out link in
phpMyAdminonly functions when the user has authenticated manually with a login form. The function of this Log out link is to remove and invalidate the temporary files, and redirect to the login page. If the correct login credentials are still available to
phpMyAdmin(in the user's system password via the environment, or in
~/.my.cnf), the login process will reconnect upon redirect. As a result, the Log out link will have no effect in this case.
User Interface Changes in WHM
Breadcrumbs now appear in all WHM screens. These are navigation links that appear at the top of each page.
In addition, WHM includes the following updates.
cPanel & WHM Configuration screens
WHM includes updates to the following interfaces:
- Basic cPanel/WHM Setup.
- Tweak Settings.
- Exim Configuration Editor.
Each interface has been changed in the following ways:
- It has been reorganized into tabs, making specific settings easier to find.
- If offers radio "on/off" buttons instead of checkboxes.
- It attempts to warn the user if he or she tries to enter invalid data. In addition, any invalid data the user enters will be replaced by an acceptable value when the user clicks Save.
You can find a complete description of each updated interface in our WHM User Guide.
New Default Values
Default values for the following options on the Tweak Settings screen have changed:
- Enable HTTP Authentication now defaults to off.
- Require SSL now defaults to on.
The default value for the following setting on the Exim Configuration Editor screen has been changed:
- Reject mail for users over quota at SMTP time now defaults to on.
The default value for the following setting on the Basic cPanel/WHM Setup screen has been changed:
The minimum user ID value used when creating new accounts now defaults to 500.
A blank field is no longer a valid entry.
Changing the Default Apache Port in Tweak Settings
On the Tweak Settings screen in WHM, the server owner has long been able to change the port on which the Apache web server listens for requests.
While using this option to configure Apache to listen on a port other than the default has previously broken the functionality of various utilities on the server, with cPanel & WHM version 11.28, those failures no longer occur.
The utilities that now function with Apache listening on a non-default port are:
- The Apache Status page in WHM
Setting the Default Email Quota for New Accounts in Tweak Settings
Three new options on the Tweak Settings screen allow server owners to set up defaults for email quotas. Server owners can now:
- Specify available options for email quotas (user-defined, unlimited, or both).
- Specify the default user-defined quota value for new accounts.
- Specify which quota option (user-defined or unlimited) will be the default.
This setting was removed in cPanel & WHM version 11.28.74.
Choose MD5 Passwords in Tweak Settings
The Tweak Settings screen offers the following new option:
- Use MD5 passwords with Apache
Formerly, cPanel & WHM used the crypt password hashing function. Now, server owners can opt to use MD5 hashing instead.
Both crypt and MD5-encoded passwords can be any length. However, crypt only uses the first eight characters of the password for authentication.
The INFORMATION_SCHEMA View
In Tweak Settings, you can now enable the Use INFORMATION_SCHEMA option when you calculate disk usage. This can, however, degrade MySQL performance. This option is:
Sett the Maximum Number of cpsrvd Connections
Tweak Settings now allows you to specify the maximum number of connections
cpsrvd can have open at once with the Max cPanel/WHM/Webmail service handlers option.
Security Tokens Enabled by Default on New Installations
In cPanel & WHM version 11.28, new installations of cPanel & WHM will have Security Tokens enabled by default. You can enable or disable Security Tokens in WHM's Tweak Settings interface.
Systems that upgrade to cPanel & WHM version 11.28 will retain their configurations.
The Apache Global Configuration Screen
In cPanel & WHM 11.28, WHM's Apache Configuration interface (Main » Service Configuration » Apache Configuration » Global Configuration) now offers the following directives
Click a directive name in the following table to read Apache's documentation:
|StartServers||This directive sets the number of child server processes created when Apache starts up.|
|KeepAlive||This directive enables long-lived HTTP sessions, which allow multiple requests to be sent over the same TCP connection. This can speed up latency times for HTML documents with many images.|
|KeepAliveTimeout||This directive sets the number of seconds Apache will wait for a subsequent request before it closes a connection.|
|MaxKeepAliveRequests||This directive limits the number of requests a TCP connection can make when KeepAlive is on. Set this value to |
|TimeOut||This directive defines the amount of time Apache will wait for certain events before it fails a request.|
|ServerLimit||This directive sets the maximum configured value for the MaxClients directive for the lifetime of the Apache process.|
When the server owner uses the Tweak Settings screen to disable the
root and account owners' abilities to log in to cPanel user accounts, the List Accounts interface does not display the cPanel logo that links to users' cPanel accounts. This functionality has long been present in WHM.
Now, a notification appears to clarify the reason that cPanel user accounts are no longer available from List Accounts.
root user, the notification is as follows:
For resellers, the notification is as follows:
Modify an Account
cPanel & WHM version 11.28 includes two changes to the Modify an Account interface:
- Modification of a user's account will change the user's package to
undefinedpackage is a reserved package name that can contain different values for different users.
This screen now includes a setting for Max Relayed mails/hour/domain. This option sets a limit on the number of emails relayed per hour for the account's main domain only.
cPHulk Brute Force Protection
The daemon that provides the cPHulk Brute Force Protection feature (
cphulkd) now allows whitelisting of a range of IP addresses that arewritten in CIDR notation.
You can find the graphical interface for whitelisting IP addresses in WHM's cPHulk Brute Force Protection interface (Main >> Trusted IPs >> cPHulk Brute Force Protection)
Resellers with access to the WHM Terminate an Account interface can no longer terminate their own WHM account.
cPanel & WHM version 11.28 also includes the following new interfaces:
- Configure Security Policies — See Security Policy changes below for more information.
- Security Questions — See Security Policy changes below for more information.
- Database Map Tool — This allows a server owner to confer access to a database, via cPanel, to two or more cPanel users.
- Disable Database Prefix — This allows a server owner to disable database prefixes as described in the Database Mapping section above.
In cPanel & WHM version 11.28, we removed the following interfaces:
- Interactive Knowledge Base
- x3 Skin Migration Wizard
Changes to the WHM Interface Template
In cPanel & WHM version 11.28, WHM begins its migration to a template-based interface with the Template Toolkit. In the future, a template-based WHM interface will offer the ability for users to:
- Create custom branding or translation for WHM.
- Take advantage of an easier system for building WHM skins.
cPanel & WHM version 11.28 provides the foundation for these capabilities, which will become available in the near future.
User Interface Changes in cPanel
In cPanel & WHM 11.28, the following cPanel interfaces have changed:
- FTP Accounts is now easier to use.
- Disk Space Usage is now easier to use.
- Change Password now lets the cPanel account owner click a checkbox to apply the password change to the MySQL database owner (DBOWNER) account as well.
Security Policy Changes
As of cPanel & WHM version 11.28, server owners can:
- Set a maximum password age for the server's cPanel, WHM, and webmail interfaces. Once the password reaches the specified age, it must be reset.
- Define their own security policies. See the Security Policy white paper (
- Choose to only allow verified IP addresses to access the server's cPanel, WHM, and webmail interfaces.
In cPanel & WHM version 11.28, we added a new interface in WHM called Configure Security Policies (Main >> Security Center >> Configure Security Policies). This interface allows server owners to apply a maximum age to WHM, cPanel, and webmail passwords. The server owner can also opt to specify maximum password ages for XML API requests and DNS cluster requests.
Once a password has reached the specified age, the account owner must change the password.
The maximum password age is 1,095 days.
Limit Logins to Verified IP Addresses
This feature allows server owners to turn on source IP checks for the WHM, cPanel, and webmail interfaces. Server owners can also opt to check source IPs for XML API requests and DNS cluster requests. They may enable this feature in the Configure Security Policies interface.
Source IP checks require users who attempt to access WHM, cPanel, or webmail to do one of the following:
- Have their IP addresses listed on the Manage Access IPs screen in the appropriate interface, or
- Successfully answer security questions to gain access to the WHM, cPanel, or webmail interface.
cPanel & WHM version 11.28 provides the following improvements to the process of transferring accounts from non-cPanel servers:
- WHM now accepts usernames up to 16 characters in length for transferred accounts.
- Mail groups are now migrated from Parallels® Plesk® panel accounts.
- Ensim® accounts are transferred with the Ensim account's username rather than the word "site," followed by a number.
- MySQL for accounts transferred from Ensim will no longer automatically stop and start.
Horde Groupware Webmail Edition
As of cPanel & WHM version 11.28, cPanel now provides Horde Groupware Webmail Edition, which allows you to share calendars, contacts, and tasks. cPanel's switch to Horde Groupware Webmail will provide you with the most up-to-date Horde modules. For more information, visit Horde's website.
Benefits of the Horde Groupware client include the following:
- It provides a streamlined update process, since you no longer have to track updates for each component.
- It will allow cPanel to provide future Horde updates in a more timely manner.
- It fixes longstanding bugs and problems present in older Horde releases.
You can also customize Horde Groupware Webmail Edition.
- We do not support a downgrade from Horde Groupware Webmail Edition 1.2.7 to older releases.
- Any attempts to use onfigure new mail notifications in Horde Groupware Webmail Edition may cause Safari® on Mac OS® X to become unresponsive. This is due to the way information is passed between Safari® and QuickTime® on OS X.
Faster Incremental Backups
cPanel & WHM version 11.28 has shown incremental backup times ranging from 1.7 times to over 10 times faster than previous versions. This happens due to optimizations made to the code, and because databases are now backed up only if they have changed.
ext4 File System Support
In cPanel & WHM 11.28, we enabled support for the ext4 file system on CentOS and RedHat® Enterprise Linux® versions 5 and higher. However, CentOS and RedHat do not yet support quotas on ext4. This means you are not yet able to use quotas and ext4 with CentOS or RedHat.
Scripts Removed from the /scripts Directory
The following deprecated scripts have been removed from the
/scripts/ directory in cPanel & WHM version 11.28:
In cPanel & WHM version 11.28, we removed the
/scripts/cPScript directory from the server. All modules that were formerly contained by this directory will now reside in
Any application or script that relies upon that directory or the modules contained within will not function in this version. This change effectively discontinues the use of the
cPScript Perl module namespace in favor of the
Cpanel namespace (
Scripts Added to the /scripts Directory in cPanel & WHM 11.28
This script is available at
It will check user accounts for
~/.my.cnf files that do not work, and rename them. By default, the script only returns output when it detects a bad
For more information, run
This script is available at
It will compare the contents of two GDBM files.
To use this script, run
/scripts/comparegdbm $file1 $file2
$file2 are the full paths to the files you wish to compare.
cphulkd Configuration Files
cphulkd configuration files have moved.
In cPanel & WHM version 11.28, the system checks these new locations first. It checks legacy file locations as a failover.
|Description||This presence of this flag file indicates that cPHulkd is enabled. You can enable or disable cPHulkd in WHM at Main >> Security Center >> cPHulk Brute Force Protection.|
This file is cPHulkd's general configuration file. It contains a number of settings that you can configure from within the WHM interface.
|Description||This file stores the password cPHulkd uses to connect to MySQL.|
|Description||The presence of this file enables debug logging for cPHulkd. cPHulkd's log files are |
Storing Data in the Userdata Cache Instead of the Apache Configuration File
In cPanel & WHM version 11.28, we changed two scripts to write account-specific information to—and retrieve it from—the
userdata cache at
/var/cpanel/userdata, rather than the Apache configuration file (
Those scripts are:
/scripts/fixsubconf(this script has been moved to
We recommend that you store
userdata in the appropriate
/var/cpanel/userdata directory, rather than the
httpd.conf file. Otherwise, these scripts will not access the updated information.
chkservd Recognizes Alternate SSH Ports
In the past, if you configured SSH to listen on a port other than the default (port 22), the
chkservd service did not recognize this change. As a result, the WHM Service Status screen would falsely show SSH as non-operational, and
chkservd would attempt to restart it every five minutes.
In cPanel & WHM version 11.28,
chkservd now scans the SSH configuration file and recognizes the port on which SSH listens, which alleviates these problems.
Optimizations to the
In cPanel & WHM version 11.28, we improved the
pkgacct process. We have reduced the number of times the process forks, which will lower the amount of resources it consumes and speed up its performance.
restoreaccount XML and JSON API Function
In cPanel & WHM version 11.28, we've added the ability to restore an account from a backup remotely, via our XML API or JSON API.
restoreaccount function takes the following required variables as input:
user(string) — The name of the user whose account you wish to restore.
type(string) — The type of backup to restore; either
Sample API calls:
- XML API:
- JSON API:
Task Queue Manages Additional Apache Restarts
Use of the task queue has expanded in cPanel & WHM 11.28 to manage Apache restarts that are triggered by the following tasks:
- Create a New Account (WHM)
- Modify Account Properties (WHM)
- Terminate an Account (WHM)
- Upgrade/Downgrade an Account (WHM)
- Change Site's IP Address (WHM)
- Copy an account from another server (Transfers area in WHM)
- Add or remove an addon domain (Addon Domains area in cPanel)
- Create or remove a subdomain (Subdomains area in cPanel)
- Create or remove a parked domain (Parked Domains area in cPanel; Park a Domain in WHM)
For these functions, the task queue will cause Apache to restart in the background. This provides a WHM or cPanel user with a more responsive interface.
Resolved Issue that Prevented Disabling Apache Restarts
In previous versions of cPanel & WHM, disabling Apache restarts would sometimes prove ineffective, resulting in the system attempting to restart a disabled Apache, and failing. In the process, the system would also disable any other services running on port 80.
cPanel & WHM version 11.28 resolves this problem. When you create one of the following files, Apache's restarts will successfully disable and allow services on port 80 to continue to run the following:
Upgraded Third-Party Applications
In cPanel and WHM version 11.28, we integrated upgraded versions of the following third-party software applications:
|Application||New version included in cPanel 11.28||More information|
|phpMyAdmin||3.3.7 (Requires MySQL 5 or higher)||phpMyAdmin release notes|
|Horde Groupware Webmail Edition||1.2.7||Horde Groupware Webmail Edition|