cPanel & WHM 11.28 Release Notes
Last updated April 25, 2011.
These Release Notes
detail feature updates in cPanel & WHM version 11.28.
Related White Papers
With version 11.28, cPanel & WHM introduces the Database Mapping feature. This feature lays the groundwork for providing more flexibility in naming databases and database users.
In the past, cPanel has always prepended an account's username to any database name or database username created by the account (for example, a database might be named "user_dbname"). This changes with the addition of the Database Mapping feature.
In cPanel 11.28, Database Mapping provides the following benefits:
- Accounts transferred from non-cPanel servers, such as those running Plesk or Ensim, will no longer have the cPanel account name added as a prefix to the names of databases and database users. This means applications like blogs and forums should work with minimal (or no) changes after transfer.
- Server owners can disable use of the database name prefix server-wide. If a server owner chooses this option, databases and database users will no longer be created with the cPanel account as a prefix (for example, a database could be named "dbase" instead of "user_dbase"). This option is not reversible.
Both of the features above will make a server incompatible with older versions of cPanel. If either:
- a non-cPanel account is transferred to an 11.28 server, or
- the server owner opts to disable prefixing,
then that server will not be able downgrade to 11.28 later.
Transferring an account from a cPanel system that does not use the database prefix to one that does (e.g., cPanel 11.28 with prefixing disabled, to cPanel 11.28) will result in support issues. Databases and database users whose names lack the prefix will be unmanageable in the cPanel interface.
- Note: Databases created by cPAddons will always be named with a prefix, regardless of whether Database Mapping is turned on or off. The prefix will consist of the database username, followed by an underscore (
For more technical information about Database Mapping, see our Database Mapping white paper (PDF)
Prior to cPanel 11.28, cPanel users were able to create a database via direct MySQL connections as long as the database was properly prefixed for the cPanel account (e.g.
However, in version 11.28, if the WHM administrator turns prefixing off, the grant statement that provides that permission will be removed and the cPanel account's MySQL user will not be able to create databases via direct MySQL connections. cPanel users will need to use the cPanel UI or API to create databases if prefixing has been disabled.
Removed phpMyAdmin User Modification Features
We have removed some user modification features from phpMyAdmin in cPanel & WHM 11.28. The features we have removed include the ability to add users, delete users, and modify certain user properties, such as the hostname.
Server owners can now offer third-party webmail applications from the cPanel interface. This requires some Perl scripting ability.
For instructions, see Integrating Webmail Applications
LOCK Method for WebDAV
cPanel's Web Disk feature, provided by the
service, is now fully compliant with the RFC 4918 Class 2
This means that
now provides full resource locking support, increasing the range of supported WebDAV clients significantly. Errors that previously occurred when users saved files via Microsoft® Office®, as well as seemingly random failures performing bulk file operations from Mac OS® X Finder®, are alleviated with the implementation of a proper locking mechanism.
Changes to phpMyAdmin Authentication
cPanel & WHM 11.28 substantially changes the way that phpMyAdmin authenticates.
We have added a new phpMyAdmin authentication library, located at
. Its purpose is to allow for multiple types of authentication to phpMyAdmin, as the user's
account does not necessarily have to have the same password for MySQL as it uses for system authentication.
When phpMyAdmin loads, it will now attempt to get authentication data from multiple sources. It will validate the authentication data by attempting a
against the configured MySQL server for each source, until it finds the correct authentication information. The order of sources that it will attempt to load is:
- The user's system password.
- The user and password contained in
- If both of these fail, it will prompt for authentication with a login form.
As a result of this change, users should take note of the following:
- When invalidated session data exists, it is possible for phpMyAdmin to have problems authenticating. So, if the user notices abnormalities in phpMyAdmin, clearing browser session data should always be the first step in attempting to resolve the issue.
- The Log out link in phpMyAdmin only functions when the user has authenticated manually with a login form. The function of this Log out link is to remove and invalidate the temporary files, and redirect to the login page. If the correct login credentials are still available to phpMyAdmin (in the user's system password via the environment, or in
~/.my.cnf), the login process will reconnect upon redirect. As a result, the Log out link will have no effect in this case.
User Interface Changes in WHM
Breadcrumbs (navigation links that appear at the top of each page) now appear in all WHM screens.
In addition, WHM includes the following updates.
cPanel & WHM Configuration screens
WHM includes updates to the following interfaces:
- Basic cPanel/WHM Setup.
- Tweak Settings.
- Exim Configuration Editor.
Each interface has been changed in the following ways:
- It has been reorganized into tabs, making specific settings easier to find.
- If offers radio "on/off" buttons instead of checkboxes.
- It attempts to warn the user if he or she tries to enter invalid data. In addition, any invalid data the user enters will be replaced by an acceptable value when the user clicks Save.
You can find a complete description of each updated interface in our WHM User Guide.
New Default Values
Default values for the following options on the Tweak Settings
screen have changed:
- Enable HTTP Authentication now defaults to off.
- Require SSL now defaults to on.
The default value for the following setting on the Exim Configuration Editor
screen has been changed:
- Reject mail for users over quota at SMTP time now defaults to on.
The default value for the following setting on the Basic cPanel/WHM Setup
screen has been changed:
- The minimum user ID value used when creating new accounts now defaults to 500. Leaving this field blank is no longer a valid entry.
Changing the Default Apache Port in Tweak Settings
On the Tweak Settings
screen in WHM, the server owner has long been able to change the port on which the Apache web server listens for requests.
While using this option to configure Apache to listen on a port other than the default has previously broken the functionality of various utilities on the server, with version 11.28, those failures no longer occur.
The utilities that now function with Apache listening on a non-default port are:
- The Apache Status page in WHM
Setting the Default Email Quota for New Accounts in Tweak Settings
Three new options on the Tweak Settings
screen allow server owners to set up defaults for email quotas. Server owners can now:
- Specify available options for email quotas (user-defined, unlimited, or both).
- Specify the default user-defined quota value for new accounts.
- Specify which quota option (user-defined or unlimited) will be the default.
- Note: This setting was removed in version 11.28.74.
Choosing MD5 Passwords in Tweak Settings
The Tweak Settings
screen offers the following new option:
Use MD5 passwords with Apache
Formerly, cPanel & WHM used the crypt password hashing function. Now, server owners can opt to use MD5 hashing instead.
Both crypt and MD5-encoded passwords can be any length; however, crypt only uses the first 8 characters of the password for authentication.
Using the INFORMATION_SCHEMA View
In Tweak Settings
, you can now enable the system to use the INFORMATION_SCHEMA view when calculating disk usage. This can, however, degrade MySQL performance. This option is:
Use INFORMATION_SCHEMA to acquire MySQL disk usage
Setting the Maximum Number of cpsrvd Connections
now allows you to specify the maximum number of connections
can have open at once. This option is:
Max cPanel/WHM/Webmail service handlers
Security Tokens Enabled by Default on New Installations
Beginning with version 11.28, new installations of cPanel & WHM will have Security Tokens enabled by default. You can enable or disable Security Tokens in WHM's Tweak Settings
Existing cPanel & WHM systems upgrading to 11.28 will retain their existing configurations.
The Apache Global Configuration Screen
The Apache configuration interface in WHM at Main » Service Configuration » Apache Configuration » Global Configuration
now offers the following directives (click a directive name to read Apache's documentation):
|| This directive sets the number of child server processes created when Apache starts up.
|| This directive enables long-lived HTTP sessions, which allow multiple requests to be sent over the same TCP connection. This can speed up latency times for HTML documents with many images.
|| This directive sets the number of seconds Apache will wait for a subsequent request before closing a connection.
|| This directive limits the number of requests a TCP connection can make when KeepAlive is on. Setting this value to
0 specifies that you do not wish to limit KeepAlive requests.
|| This directive defines the amount of time Apache will wait for certain events before failing a request.
|| This directive sets the maximum configured value for the MaxClients directive for the lifetime of the Apache process.
When the server owner uses the Tweak Settings
screen to disable root and account owners' abilities to log into cPanel user accounts, the List Accounts
screen does not display the cPanel logo linking to users' cPanel accounts. This functionality has long been present in WHM.
Now, a notification appears to clarify the reason cPanel user accounts are no longer available from List Accounts
For the root user, It reads:
Root access to users' cPanel accounts has been disabled in Tweak Settings (System).
For account owners, it reads:
Reseller access to users' cPanel accounts has been disabled in Tweak Settings (System).
Modify an Account
As of version 11.28, WHM includes 2 changes to the Modify an Account
- Modifying a user's account will change the user's package to
undefined package is a reserved package name that can contain different values for different users.
- This screen now includes a setting for Max Relayed mails/hour/domain. This option sets a limit on the number of emails relayed per hour for the account's main domain only.
- If you previously used the
build_maxemails_config script to set different limits for each domain, this field will display the limit assigned to the primary domain for the account.
cPHulk Brute Force Protection
The daemon that provides the cPHulk Brute Force Protection
) now allows whitelisting of a range of IP addresses written in CIDR notation.
You can find the graphical interface for whitelisting IP addresses at cPHulk Brute Force Protection
>> Trusted IPs
Resellers with access to the WHM Terminate an Account
screen are no longer presented with the option of terminating their own WHM account.
WHM also includes the following new interfaces:
- Configure Security Policies — See Security Policy changes below for more information.
- Security Questions — See Security Policy changes below for more information.
- Database Map Tool — This allows a server owner to confer access to a database, via cPanel, to 2 or more cPanel users.
- Disable Database Prefix — This allows a server owner to disable database prefixes as described in the Database Mapping section above.
WHM will no longer include the following interfaces:
- Interactive Knowledge Base
- x3 Skin Migration Wizard
Changes to the WHM Interface Template
With this release, WHM begins its migration to a template-based interface, using Template Toolkit
. In the future, a template-based WHM interface will offer benefits including the ability for users to:
- Create custom branding or translation for WHM.
- Take advantage of an easier system for building WHM skins.
WHM 11.28 simply provides the foundation for these capabilities, which will become available in the near future.
More information about the progress of this templating process will appear in the release notes of future versions of WHM, when applicable.
User Interface Changes in cPanel
The following cPanel screens have changed:
- FTP Accounts is now easier to use.
- Disk Space Usage is now easier to use.
- Change Password? now lets the cPanel account owner click a checkbox to apply the password change to the MySQL database owner (DBOWNER) account as well.
You can read a complete description of each interface in the cPanel User Guide
cPanel also includes a new Security Policy
screen. See Security Policy changes
below for more information.
Security Policy Changes
Server owners can now:
- Set a maximum password age for the server's cPanel, WHM, and webmail interfaces. Once the password reaches the specified age, it must be reset.
- Note: This policy will only apply to system accounts, not virtual accounts (such as webmail accounts).
- Define their own security policies. See the Security Policy white paper (
.pdf) for more details.
- Choose to only allow verified IP addresses to access the server's cPanel, WHM, and webmail interfaces.
For a complete description of the interfaces where the user configures these options, see the following documents:
A new screen in WHM entitled Configure Security Policies
allows server owners to apply a maximum age to WHM, cPanel, and webmail passwords. The server owner can also opt to specify maximum password ages for XML API requests and DNS cluster requests.
Once a password has reached the specified age, the account owner must change the password.
The maximum password age is 1,095 days.
Limit Logins to Verified IP Addresses
This feature allows server owners to turn on source IP checking for the WHM, cPanel, and webmail interfaces. Server owners can also opt to check source IPs for XML API requests and DNS cluster requests. They may enable this feature on the Configure Security Policies
Source IP checking requires users who attempt to access WHM, cPanel, or webmail to either:
- have their IP addresses listed on the Manage Access IPs screen in the appropriate interface, or
- successfully answer security questions to gain access to the WHM, cPanel, or webmail interface.
cPanel and webmail users can enter security questions and answers, as well as authorize IP addresses, on the cPanel Security Policy
In addition to Database Name Mapping
, version 11.28 provides the following improvements to the process of transferring accounts from non-cPanel servers:
- WHM now accepts usernames up to 16 characters in length for transferred accounts.
- Mail groups are now migrated from Parallels® Plesk® panel accounts.
- Ensim® accounts are transferred using the Ensim account's username rather than the word "site" followed by a number.
- MySQL for accounts transferred from Ensim will no longer automatically stop and start.
Horde Groupware Webmail Edition
cPanel now provides Horde Groupware Webmail Edition, which allows for sharing of calendars, contacts, and tasks. cPanel's switch to Horde Groupware Webmail will provide you with the most up-to-date Horde modules. Learn more about Horde Groupware Webmail Edition at Horde's website
Benefits of this Horde client include:
- It provides a streamlined update process, since you no longer have to track updates for each component.
- It will allow cPanel to provide future Horde updates in a more timely manner.
- It fixes longstanding bugs and problems present in older Horde releases.
You can also customize Horde Groupware Webmail Edition
- We do not support downgrading from Horde Groupware Webmail Edition 1.2.7 to older releases.
Attempting to use and configure new mail notifications in Horde Groupware Webmail Edition may cause Safari® on Mac OS® X to become unresponsive. This is due to the way information is passed between Safari® and QuickTime® on OS X.
Faster Incremental Backups
In testing, cPanel 11.28 has shown incremental backup times ranging from 1.7 times to over 10 times faster than previous versions. This happens due to optimizations made to the code, and because databases are now backed up only if they have changed.
Users will see this improvement during the second backup after upgrading.
ext4 File System Support
cPanel & WHM now supports the ext4 file system on CentOS and RedHat® Enterprise Linux® versions 5 and higher. However, CentOS and RedHat do not yet support quotas on ext4. This means you are not yet able to use quotas and ext4 with CentOS or RedHat.
Scripts Removed from the /scripts Directory
The following deprecated scripts have been removed from the
directory in cPanel & WHM 11.28:
Additionally, version 11.28 removes the
directory from the server. All modules formerly contained by this directory will now reside in
Any application or script that relies upon that directory or the modules contained within will not function in this version. This change effectively discontinues the use of the
Perl module namespace in favor of the
Scripts Added to the /scripts Directory
This script is available at
It will check user accounts for
files that do not work, and rename them. By default, the script only returns output when it detects a bad
For more information, run
This script is available at
It will compare the contents of 2 GDBM
To use this script, run
/scripts/comparegdbm $file1 $file2
are the full paths to the files you wish to compare.
cphulkd Configuration Files
configuration files have moved.
In version 11.28, the system checks these new locations first. It checks legacy file locations as a failover.
| New location
| Old location
|| This presence of this flag file indicates that cPHulkd is enabled. You can enable or disable cPHulkd in WHM at Main >> Security Center >> cPHulk Brute Force Protection.
| New location
| Old location
|| This file is cPHulkd's general configuration file. It contains a number of settings that you can configure from within the WHM interface.
Note: Old configurations will not automatically migrate from /var/cpanel/cphulk.conf to /var/cpanel/cphulkd/conf until you re-save your configuration.
| New location
| Old location
|| This file stores the password cPHulkd uses to connect to MySQL.
| New location
| Old location
|| The presence of this file enables debug logging for cPHulkd. cPHulkd's log files are /usr/local/cPanel/logs/cphulkd_errors.log and /usr/local/cpanel/logs/cphulkd.log.
Storing Data in the Userdata Cache Instead of the Apache Configuration File
In cPanel & WHM 11.28, two scripts have changed to write account-specific information to—and retrieve it from—the userdata cache at
, rather than the Apache configuration file (
Those scripts are:
/scripts/fixsubconf (this script has been moved to
We recommend that you store userdata in the appropriate
directory, rather than the
file. Otherwise, these scripts will not access the updated information.
chkservd Recognizes Alternate SSH Ports
In the past, if you configured SSH to listen on a port other than the default (port 22), the
service did not recognize this change. As a result, the WHM Service Status
screen would falsely show SSH as non-operational, and
would attempt to restart it every 5 minutes.
In this release,
now scans the SSH configuration file and recognizes the port on which SSH listens, alleviating these problems.
Optimizations to the
process, used to perform account backups and transfers, has been optimized. Specifically, we have reduced the number of times the process forks, which will lower the amount of resources it consumes and speed up its performance.
restoreaccount XML and JSON API Function
In this version, we've added the ability to restore an account from a backup remotely, via our XML API or JSON API.
function takes the following required variables as input:
user (string) — The name of the user whose account you wish to restore.
type (string) — The type of backup to restore; either
Sample API calls:
- XML API:
- JSON API:
For more information about formatting and using XML and JSON API calls, please see our XML and JSON API documentation
Task Queue Manages Additional Apache Restarts
Use of the task queue
has expanded in cPanel 11.28 to manage Apache restarts triggered by the following tasks:
- Create a New Account (WHM)
- Modify Account Properties (WHM)
- Terminate an Account (WHM)
- Upgrade/Downgrade an Account (WHM)
- Change Site's IP Address (WHM)
- Copy an account from another server (Transfers area in WHM)
- Add or remove an addon domain (Addon Domains area in cPanel)
- Create or remove a subdomain (Subdomains area in cPanel)
- Create or remove a parked domain (Parked Domains area in cPanel; Park a Domain in WHM)
For these functions, the task queue will cause Apache to restart in the background. This provides the WHM or cPanel user with a more responsive interface.
Resolved Issue that Prevented Disabling Apache Restarts
In previous versions of cPanel & WHM, disabling Apache restarts would sometimes prove ineffective, resulting in the system attempting to restart a disabled Apache, and failing. In the process, the system would also disable any other services running on port 80.
cPanel & WHM 11.28 resolves this problem. Creating one of the following files will successfully disable Apache restarts and allow services on port 80 to continue running:
Upgraded Third-Party Applications
Upgraded versions of the following third-party software applications have been integrated into this version of cPanel & WHM.