Security and maintenance updates We released updated packages for EasyApache 4. This security and maintenance release addresses 6 CVEs in ea-nginx 1.29.7, 7 CVEs in ea-nodejs22 and ea-nodejs20, and 1 CVE in ea-nghttp2 (CVE-2026-27135). It …
Maintenance and security updates We released updated packages for EasyApache 4. This maintenance and security release includes security backports for ea-libcurl (4 CVEs from curl 8.19.0), version updates for ea-php84, ea-php85, and ea-ngin…
Package removal cleanup fix Fixed an issue where uninstalling cpanel-csf left the CSF plugin entry and LFD service status behind in WHM (CPANEL-51933). Also suppresses harmless errors on missing symlinks during upgrades. For a full list of…
Maintenance updates We released updated packages for EasyApache 4. This maintenance release includes bug fixes for ea-nginx and version updates for ea-nginx-njs, ea-memcached16, ea-ruby27-libuv, ea-nodejs22, and ea-nodejs20. For a full lis…
Package upgrade behavior fix Fixed an issue where upgrading cpanel-csf would overwrite custom csf-cron entries. For a full list of changes, read the ConfigServer Security & Firewall (CSF) change log.
Security and maintenance updates We released updated packages for EasyApache 4. This security release addresses 2 CVE vulnerabilities in ea-valkey72: CVE-2026-21863 (Remote DoS with malformed Valkey Cluster bus message) and CVE-2025-67733 …
Improved website publishing reliability Sitejet Builder now downloads the correct assets more reliably during website publishing. For a full list of changes, read the Sitejet Builder change log.
Maintenance updates We released minor UI fixes, updated the check interval for Pro plans, updated table comparisons, and updated translations. For a full list of changes, read the Site Quality Monitoring change log.
Important: * As of August 31, 2025, the developers of CSF no longer maintain or support it. They have released CSF under the <a href="https://www.gnu.org/licenses/gpl-3.0.en.html" target="_blank">GPLv3 license. *…
Maintenance updates We released updated packages for EasyApache 4. This maintenance release introduces ioncube15 as a new package (IonCube 15 with php8.5 beta support), updates Apache mod_qos (11.77 to 11.78), and adds historical CVE refer…
Important: * As of August 31, 2025, the developers of CSF no longer maintain or support it. They have released CSF under the <a href="https://www.gnu.org/licenses/gpl-3.0.en.html" target="_blank">GPLv3 license. *…
Maintenance updates We released updated packages for EasyApache 4. This maintenance release includes updates to Apache mod_qos (11.76 to 11.77), PHP 8.4 (8.4.17 to 8.4.18), PHP 8.5 (8.5.2 to 8.5.3), libuv for Ruby 2.7 (1.51.0 to 1.52.0), a…
Security and maintenance updates We released updated packages for EasyApache 4. This security release addresses 2 CVE vulnerabilities: CVE-2026-1642 (ea-nginx) involving SSL backend injection and CVE-2026-21876 (ea-modsec2-rules-owasp-crs)…
Security and maintenance updates We released updated packages for EasyApache 4. This security release includes 7 CVE fixes for OpenSSL 1.1.1 addressing heap buffer overflow, NULL pointer dereference, and ASN1 validation issues. The release…
Updated packages We released updated packages for EasyApache 4. This release includes updates for Apache HTTP Server mod_http2, WHM server status endpoint obfuscation, and updates to PHP 8.5.2, PHP 8.4.17, and PHP 8.3.30. For a full list o…
Note: WebPros International, LLC currently provides this feature in a limited release, with plans to expand its availability and functionality in future updates. Initial public release This is the initial public release of the Comet Backu…
Security and maintenance updates We released updated packages for EasyApache 4. This security release includes updates to Node.js 20.20.0 and Node.js 22.22.0 with fixes for CVE-2025-55132 (HTTP Request Smuggling vulnerability in permission…
Security updates We released updated packages for EasyApache 4. This critical security release includes updates to PHP 8.1, 8.2, 8.3, 8.4, and 8.5, addressing following three CVEs: * CVE-2025-14177 - Information leak in the getimagesize fu…
Security and maintenance updates We released updated packages for EasyApache 4. This security release includes a critical fix for an XSS and email injection vulnerability in the 404 error page (CPANEL-47168 / SEC-68753). The release also i…
Added CloudLinux 10 support We added support for the CloudLinux™ 10 operating system. For more information, read our System Requirements for CloudLinux installation guide. Added TuxCare ELS for PHP cPanel & WHM provides the most recent…