This page was last updated on:
cPanel & WHM version 60 requires a web server that supports SNI (for example, Apache (httpd) 2.2.12, Litespeed 4.1, or Openlitespeed 1.4.12 or greater). You cannot upgrade to cPanel & WHM version 60 if your web server does not support SNI. Use WHM's EasyApache interface (Home >> Software >> EasyApache) to upgrade your web server.
cPanel & WHM version 60 is the last version of cPanel & WHM to support MySQL® 5.1 or below. Additionally, you will no longer be able to activate a remote MySQL profile if the server runs MySQL 5.1 or below.
We added wildcard certificates to the cPanel Store in cPanel's SSL/TLS Wizard interface (Home >> Security >> SSL TLS Wizard).
System administrators and resellers can manage availability, recommendations, and pricing of wildcard certificates in WHM's Market Provider Manager interface (Home >> Market >> Market Provider Manager).
As part of the implementation of wildcard SSL certificates, we added a Simple section to cPanel's SSL/TLS Wizard interface (Home >> Security >> SSL/TLS Wizard). It displays all of the account's domains in a single list. This section automatically determines the necessary number and arrangement of certificates to secure the domains that you select. It also adds a Resolve issues step that helps users to resolve issues, conflicts, or warnings.
If you prefer to order certificates by website (virtual host) list, click the Advanced tab on SSL/TLS Wizard interface (Home >> Security >> SSL/TLS Wizard). However, you cannot order wildcard certificates through the Advanced section.
We added information about how to create your own AutoSSL provider module.
We created the Domain TLS system to store and manage certificates for domains outside of Apache.
During the upgrade to cPanel & WHM version 60, servers will automatically copy current and valid certificates from the Apache SSL certificate storage to Domain TLS storage. Domain TLS does not copy expired or invalid certificates from Apache's SSL storage.
As users install, manage, and delete certificates through cPanel & WHM user interfaces or API calls, the system automatically performs the necessary updates to the Domain TLS index and certificate storage.
Currently, Domain TLS handles SNI functionality for the
cpsrvd daemon (cPanel, WHM, and Webmail logins and UI functionality), the
cpdavd daemon (Calendar, Contacts, and Web Disk), Exim, and Dovecot services. We plan to expand Domain TLS to handle SNI functionality for more services in future versions.
For more information, read our Domain TLS article.
The EasyApache 4 Migration interface (Home >> Software >> EasyApache 4) now displays your system's version of EasyApache and allows you to migrate from EasyApache 3 (EA3). You can also revert your system back to EA3 within the same interface.
cPanel & WHM now determines if any blockers will arise when you attempt to migrate to EasyApache 4 (EA4). We created a pre-flight check to inform you of any potential blockers before you experience them during migration. Based on your third party vendor, you may receive a blocker, warning message, or informational message. Each of these messages will provide information about the blocker or issue, and how to fix it.
In cPanel & WHM version 60, we enabled the ability to set up and manage MultiPHP FPM pools in WHM's MultiPHP Manager interface (Home >> Software >> MultiPHP Manager). These pool options enable site configuration and for PHP-FPM to handle any incoming PHP requests that their domain receives. PHP-FPM increases the performance of the site with additional server resources. WHM's MultiPHP Manager interface (Home >> Software >> MultiPHP Manager) now prompts a user to install specific packages if their system does not contain the appropriate FPM dependencies.
In cPanel & WHM version 60, we added the ability for you to create cPanel support tickets from WHM's Create Support Ticket interface (Home >> Support >> Create Support Ticket). This feature streamlines the ticket creation process, automates SSH authorization, and decreases the time required to open a support ticket. In addition, it attempts to identify your support ticket requirements and redirects you to the cPanel Customer Portal as necessary. This feature only allows you to create a ticket for the server in which you access the Create Support Ticket interface. To open a ticket about multiple servers, use the cPanel Customer Portal website.
The cPanel interface now includes a Feature Spotlight feature that users will see when they log in to their cPanel accounts.
For more information, read our The cPanel Interface documentation.
The cPanel style system now supports minified CSS files. You can supply style CSS files as the
styles.css file, the
styles.min.css file, or both. We strongly recommend that you include both the
For more information, read our Guide to cPanel Interface Customization - The styles.css File documentation.
You now have the option to choose the PowerDNS nameserver software in the Initial Setup Wizard or WHM's Nameserver Selection interface (Home >> Service Configuration >> Nameserver Selection). PowerDNS offers high performance and built-in support for DNSSEC.
We now allow users to enable DNSSEC on servers configured with PowerDNS. DNSSEC adds security to the DNS protocol by enabling DNS responses that can be validated and verified. This function is not available on servers that belong to a DNS cluster. If you enable DNSSEC on any domains on your server, you will not be able to enable DNS clustering on that server.
WHM now offers context-sensitive documentation. At the top of each interface, click on the question mark icon () to view documentation relevant to the section. Additionally, you can click the lifesaver icon () on the right side of the interface and then click Documentation to reach the same page.
We added the Age of content to purge from users' File Manager Trash setting in the System section of WHM's Tweak Settings interface (Home >> Server Configuration >> Tweak Settings). This setting determines the minimum age of files for the system to automatically purge from the
.trash folders in user home directories. A value of
0 configures the server to purge all files from every user's
.trash folder, regardless of age.
This setting only purges files that users delete through cPanel's File Manager interface (Home >> Files >> File Manager).
We disabled the use of the Apache distiller
--update flag in EasyApache 4.
As of cPanel & WHM version 60, the Dovecot and Exim servers always enable Mail SNI. We removed all Mail SNI controls from user interfaces.
We also deprecated API functions or parameters within functions that control Mail SNI functionality, and we no longer use the
On new installations of cPanel & WHM, AutoSSL includes the cPanel (powered by Comodo) provider. An administrator can choose to enable AutoSSL in the feature showcase after cPanel & WHM version 60 is installed. Use WHM's Manage AutoSSL interface (Home >> SSL/TLS >> Manage AutoSSL) to manage or disable AutoSSL.
We changed the behavior of AutoSSL so that it no longer replaces certificates that it did not issue. This behavior prevents the unexpected replacement of Extended Validation (EV) and Organizational Validation (OV) certificates from a certificate authority (CA) by AutoSSL-provided certificates.
Previously, AutoSSL replaced any certificate that was invalid or less than 3 days from expiration.
However, if you wish to allow AutoSSL to replace certificates that it did not issue, select the Allow AutoSSL to replace invalid or expiring non-AutoSSL certificates. option in WHM's Manage AutoSSL interface (Home >> SSL/TLS >> Manage AutoSSL).
The system now automatically creates an Apache server alias for the
mail. subdomain for each domain, parked domain, and addon domain (but not subdomains). This allows the
For example, Apache will now respond to
mail.example.com as an alias for
example.com. However, Apache will not automatically respond to
mail.subdomain.example.com as an alias for the
www. subdomains must now pass a Domain Control Validation (DCV) check before cPanel's SSL/TLS Wizard interface (Home >> Security >> SSL TLS Wizard) automatically includes them in a certificate order. The previous behavior attempted to include all
www. subdomains in certificate purchases through the SSL/TLS Wizard interface. If the DCV check failed, you could not complete the purchase through the cPanel Store.
We also updated UAPI's
Market::request_ssl_certificates function so that the
subject_names parameter no longer automatically includes the corresponding
www. subdomain with every domain. If you wish to secure a
www. subdomain in a certificate that you will order through API automation, you must explicitly declare it within the
We now automatically update
.htaccess files to exclude DCV checks from HTTP redirections so that the DCV checks complete successfully. This resolves issues that some customers reported with AutoSSL and cPanel Market purchases.
To allow users to purchase wildcard certificates, we modified the following WHM and UAPI functions:
These functions now can return the following values as necessary:
Also, if you maintain a Custom cPanel Market Provider module, you must use the
price_per_wildcard parameter in your
get_products_list subroutine to indicate wildcard products.
The system disables system and cPanel & WHM updates while there is an active session in the Transfer queue. This applies to both account transfers and configuration transfers.
We improved the account creation process performance due to more efficient handling of the BIND database. Also, we no longer use the operating system's
userdel routines. You will see significantly reduced creation times for accounts.
We changed the BIND deferred restart time option in the System section of WHM's Tweak Settings interface (Home >> Server Configuration >> Tweak Settings). This setting allows you to specify the time (in seconds) that the
dnsadmin service waits before it restarts BIND. The system silently discards additional restart requests in this time period. We recommend a setting between
600 seconds for busy servers and the default setting of
2 seconds on servers with few DNS changes.
We replaced WHM's Terminate Account interface (Home >> Account Functions >> Terminate an Account) and Terminate Multiple Accounts interface (Home >> Multi Account Functions >> Terminate Multiple Accounts) with the new Terminate Accounts interface (Home >> Multi Account Functions >> Terminate Accounts).
This interface allows you to easily select multiple accounts to terminate, and it requires multiple confirmations before it removes the accounts and their data. You can also abort the account termination process for accounts in the termination queue.
We converted the image type of interface elements in cPanel's interface to SVG format. This reduces the size of many user interface icons and increases the rendering speed.
svgfile is not available, cPanel will fall back to use the equivalent .
.svgimages for your cPanel plugin icons.
.svgimages for your custom-branded logos.
We expanded the Prevent nobody from sending mail option in the Mail section of WHM's Tweak Settings interface (Home >> Server Configuration >> Tweak Settings). It now includes email that scripts send through any loopback address.
In cPanel & WHM version 22.214.171.124, we changed the pending certificate polling frequency in WHM's AutoSSL feature (Home >> SSL/TLS >> Manage AutoSSL) to the following:
Age of certificate request
|Less than one day.||Once per five minutes.|
|Between one and two days.||Once per hour.|
|More than two days.||Once per day.|
In cPanel & WHM version 60, we added the ability for you to enable or disable new Subaccount invites from WHM's Tweak Settings - System interface (Home >> Server Configuration >> Tweak Settings). Previously, you could control this feature with the Reset Password for Subaccounts feature.
In cPanel & WHM version 60, we updated cPanel's User Manager interface (Home >> Preferences >> User Manager) to display an indicator if a Subaccount owns an active or expired invite.
In cPanel & WHM version 60, we updated the
upgrade_subaccount_databases script to run as a post-installation script, rather than as part of the
WHM's Branding interface (Home >> cPanel >> Branding) is now WHM's Customization interface (Home >> cPanel >> Customization).
In addition, this interface now includes the following new features:
The WHM interface now includes updated flat-style icons for its top-level navigation.
Theme and plugin developers can now target specific cPanel interfaces, specific Webmail interfaces, or all Webmail interfaces in their custom
Site Publisher template developers can now set defaults for specific template field types in the
meta.json file. For more information, read our Guide to Site Publisher Templates - The meta.json File documentation.
cPanel's Email Accounts interface (Home >> Email >> Email Accounts) now uses the
email_accounts appkey value. If you reference this interface's appkey in custom code, you must update it. For more information, read our Guide to cPanel Interface Customization - Appkeys documentation.
You can now specify cPanel & WHM version numbers without a major version number when you preconfigure the
/etc/cpupdate.conf file for a new cPanel & WHM installation. For more information, read our The cPanel Update Configuration File - cpupdate.conf and Installation Guide - Customize Your Installation documentation.
We simplified the configuration of namerserver address records in the Initial Setup Wizard and WHM's Basic WebHost Manager Setup interface (Home >> Server Configuration >> Basic WebHost Manager Setup). Additionally, you can now add IPv6 address records.
Server administrators can now view update blockers in the Upgrade Blockers section of WHM's Upgrade to Latest Version interface (Home >> cPanel >> Upgrade to Latest Version).
The EasyApache 4 interface now properly resolves dependencies when you select packages, and asks you to choose which you prefer to install when multiple conflicts exist.
We greatly improved the speed of the user interface and added the following cosmetic improvements:
ea-prefixes from the selectable package names, in order to make them easier to read.
We made several improvements and updates to the EasyApache 4 migration process.
EasyApache 3 profiles that contain Apache 2.2 are not compatible with EasyApache 4. We added warning messages to these profiles, and they will upgrade to Apache 2.4 when you install them.
EasyApache 4 attempts to migrate the
php.ini files on the system to an EasyApache 4-compatible format. In order for a user's
php.ini file to migrate successfully, all of the following must be true:
.htaccessfiles must exist in the user's home directory.
.htaccessfile must contain a properly-configured
suPHP_ConfigPathdirectory must contain a
php.inifile that the
suPHP_ConfigPathdirective specifies must exist in the user's home directory.
If the migration completes successfully, the system renames the original
php.ini file to
php.ini.ea3.bak. The converted file does not retain comments from the original
For more information, read our The EasyApache 3 to EasyApache 4 Migration Process documentation.
We reworked the
ea-php-cli package to provide a new
/usr/bin/php binary. This better emulates the behavior of EasyApache 3. For more information, read our EasyApache 4 and the ea-php-cli Package documentation.
New installations of cPanel & WHM will no longer include the x3 theme for the cPanel interface. When you upgrade to cPanel & WHM version 60 or higher on existing installations, we will not automatically remove the files for the x3 theme. However, we no longer support the x3 theme, and cannot guarantee that this theme will continue to function in future versions.
RSsetting now defaults to
We have removed the following x3 theme-related interfaces and options from WHM:
Certain x3-related options from WHM's Feature Manager interface (Home >> Packages >> Feature Manager)
Legacy x3-related features may continue to display in this interface, some of which may display with the Legacy label.
In cPanel & WHM version 60, we removed the Permit Security Advisor State Change setting from WHM's Tweak Settings interface (Home >> Server Configuration >> Tweak Settings)
cPanel & WHM version 60 includes the following third-party applications:
cPanel & WHM uses the following operating system-provided third-party applications:
DNSSEC::disable_dnssec— This function disables DNSSEC on the domain.
DNSSEC::enable_dnssec— This function enables DNSSEC on the domain.
DNSSEC::fetch_ds_records— This function fetches the DS records on a domain.
DNSSEC::set_nsec3— This function configures the domain to use NSEC3 semantics.
DNSSEC::unset_nsec3— This function configures the domain to use NSEC semantics.
Market::get_all_products— Wildcard certificate and redirection parameters.
SSL::mail_sni_status — Mail SNI is always enabled.
SSL::enable_mail_sni — Mail SNI is always enabled.
SSL::disable_mail_sni — Mail SNI is always enabled.
SSL::rebuild_mail_sni_config — Mail SNI is always enabled.
SSL::is_mail_sni_supported — Mail SNI is always enabled.
— This function retrieves a nameserver's IPv4 and IPv6 addresses.
get_market_providers_product_metadata— Wildcard certificate and redirection parameters.
get_adjusted_market_providers_products— Wildcard certificate and redirection parameters.
get_market_providers_products— Wildcard certificate and redirection parameters.
enable_mail_sni— Mail SNI is always enabled.
disable_mail_sni— Mail SNI is always enabled.
rebuild_mail_sni_config— Mail SNI is always enabled.
mail_sni_status— Mail SNI is always enabled.
installssl— Mail SNI is always enabled.
is_sni_supported— Mail SNI is always enabled.
lookupnsips— This function retrieves a nameserver's IPv4 and IPv6 addresses.