r/cpanel

▲ 2 r/cpanel

Is the Manage2 site down? Infinite reload and then Error 1015 rate limiting

This is even with a totally naked browser, with no anti-adware, anti-spyware, and anti-malware protections.

Somehow billing went through, but all cPanel services on my machine are now down due to nonpayment. So I need to sort this out, but I cannot log into the main cPanel account website even with a naked browser on a remote machine.

Confirmed: Machine not on the rate limited public IP, using Edge browser with zero plugins, using a correct login for the account, leads to a loginfailed query parameter and a perpetual cycling reload with an eventual Error 1015 Rate Limiting warning.

reddit.com
u/rekabis — 1 day ago
▲ 5 r/cpanel

Exclude autoconfig and autodiscover from AutoSSL

Does anyone know how one can exclude autoconfig and autodiscover for a domain.
I have removed them using Zone editor, but i keep getting SSL warnings daily as AutoSSL keeps requesting certificates for these hostnames and keeps updating the zone records.

I can't see anywhere where you can do this anymore. In previous versions of cPanel this was easy.

Help is appreciated

reddit.com
u/OutrageousCarry4906 — 3 days ago
▲ 7 r/cpanel

Combating email spoofing

Has anyone here were able to combat spoofed emails sent from your own address if the domain is using cPanel?

I understand that the domain has to be properly authenticated with spf, dkim, dmarc and bimi(as an extra security). Respectfully , I also am not looking for any advice on using external services such as Google workspace or O365 because I know they are really good at combating such spam.

I understand about training email filters or spam assassin to combat spam for incoming emails but the problem with spoofing is, anyone can simply modify the header to be abc@example.com to send it to abc@example.com from any IP or a cheap vps or from hacked sites.

This question is mainly for cPanel users who were able to successfully combat spoofing. I am working in the web hosting/sysadmin field from past 8 years but haven't been able to figure this out. I never had root access though.

Reporting sender IPs/domains to third party hosting providers is a nightmare in itself and takes up a lot of time.

Is there any setting in WHM or through root ssh access wherein if an email was sent from the same address, before delivering that message, cPanel performs the sending IP/domain/header checks and block such emails automatically?

Please do not bash me here because even though I have worked in this field for many years, I never had root access and looking at exim configurations, I am a bit scared to make any changes on my test vps running cPanel to break more email functionality.

I also know that we can use incoming email filters or third party inbound relay services like barracuda but I mainly want to know if there is any way I can protect the accounts from spoofing on a cPanel which doesn't use any kind of inbound spam filters.

Pros in this sub, have you found a way to combat this? Would really appreciate all of the helpful comments.

reddit.com
u/Safe_Mission_3524 — 4 days ago
▲ 12 r/cpanel

cPanel data collection

I was looking at data collection policies from cPanel : https://docs.cpanel.net/knowledge-base/cpanel-product/cpanel-analytics-the-data-we-use/

They collect panel use analytics and there's a config option to opt out of some of it, but another set of data "Configuration Analytics" you cant opt out of.

Included in the data you cant opt out of is:

domain: The name of the domain

traffic: The per‑country traffic statistics for the domain.

sent_emails: The number of email messages that the server sent from the domain.

delivered_emails: The number of email messages that the server delivered to local mailboxes on the domain.

This is for each domain configured on the server, not just the overall server host name.

They say elsewhere that "We have taken precautions to ensure that the data we collect is secure and does not contain private, personal, or security information." I think that means they don't consider the traffic data of the domains personal data and I agree given that it's not data about any individual . My understanding is that would mean there's no legal protection for what they do with that data

I can't see the need for the domain names much less with per‑country traffic statistics for improving cPanel.

I think that daily data feed for probably an 8 figure number of domains would have significant commercial value.

I can imagine that many businesses hosting on cPanel would not be happy to know that kind of data about their website was potentially being sold without their knowledge. Maybe it's finding its way to sites like similarweb and their competitors are accessing it. Who knows?

reddit.com
u/ollybee — 6 days ago
▲ 0 r/cpanel

This site can’t be reached Check if there is a typo in harper.

I get this message every time I try to upload the changes I make to my site in Sitejet.

Web Hosting Canada, CPanel and sitejet have been useless to help. They just say the site is working and close the ticket.

I can edit my site, but I get that message every time I try to upload it.

I'm not a massive tech guy, so I have no idea what's wrong or how to correct it.

I have no idea what "harper" is.

Any thoughts?

u/beanthepiggy — 8 days ago
▲ 4 r/cpanel

Intermittent ERR_CONNECTION_RESET for one Nepal client on Hetzner WHM/cPanel server

I run a WHM/cPanel server on Hetzner Bare Metal (Europe/Helsinki region) with hundreds of accounts. Most clients have no major issues, but one particular client in Nepal faces frequent ERR_CONNECTION_RESET ("This site can’t be reached / The connection was reset") multiple times a week or even per day.

The site loads fine for me and most other users. It often becomes accessible again after some time. The same client also gets complaints from his customers about the site being down intermittently.

I’ve already ruled out server-side blocks: CSF/LFD, firewall, iptables — everything checked and client IP is whitelisted. No blocks found.

My questions:

  • Is this primarily an ISP routing/peering issue on the Nepal → Europe path (temporary route flapping that auto-resolves)?
  • What else could cause this? MTU? Specific peering problems with Nepali ISPs (WorldLink/NTC)?

Other clients in Nepal face it occasionally, but this one is hit hardest. Appreciate any insights from people running international servers or dealing with South Asian connectivity.

Thanks!

reddit.com
u/Ok-Gate9450 — 10 days ago
▲ 0 r/cpanel

Spaceship Hosting blamed CPU usage, then several of my websites lost their files. Has anyone experienced this?

I'm posting this because I genuinely want to know if anyone else has experienced something similar with Spaceship Hosting.

I host multiple WordPress websites on my account.

The problems started with repeated Cloudflare 522 Connection Timed Out errors. Several websites became unavailable, so I contacted Spaceship support.

The first explanation I received was that my account had reached a CPU limit. The support agent suggested optimizing my websites or upgrading my hosting plan.

However, after I checked the cPanel Resource Usage, the numbers didn't seem to support that explanation:

  • Average CPU usage was around 2–5%
  • CPU limit was 200%
  • RAM usage was only around 50–65 MB out of 3 GB
  • I/O usage was extremely low
  • Very few CPU faults were recorded

When I pointed this out, the explanation changed.

The support agent later clarified that the CPU event and the missing website files were actually two separate issues, and also admitted they could not determine which process caused the CPU event because they don't have access to that information. They said the case would be escalated to a manager.

The most concerning part is that several of my websites suddenly started showing "Index of /", and I discovered that website files had disappeared. This is a much more serious issue than a temporary CPU spike.

At the moment I'm waiting for the senior team to investigate and explain:

  • Why did multiple websites lose their files?
  • Do the server logs show what happened?
  • Was this caused by a server-side issue?
  • Can they restore everything from backup?

I'm not trying to attack the company. I simply want a proper technical explanation based on server logs rather than assumptions.

Has anyone here experienced websites suddenly losing files on Spaceship Hosting or receiving similar explanations?

I'd really appreciate hearing your experiences before I decide whether to migrate all of my websites elsewhere.

reddit.com
u/logodisgne — 11 days ago
▲ 37 r/cpanel+1 crossposts

Questions about all these .htaccess files.

Hi, everyone.

My website has had recurring 404 errors for a while and I used to do a temporary daily fix of resaving the permalink settings in my Wordpress account. Quick and easy fix, but clearly not effective if the problem is occurring daily. Hence, I went with the next option - repairing and saving the .htaccess file in my hosting account.

First issue I found was that the .htaccess file was over 500kb in size, but repairing the code brought that back down to a sensible 200+kb size, So far, so good. HOWEVER, the hosting folder also has a bunch of .htaccess type files that, to me, should be there (see screenshot). I'm no genius web developer (just a humble illustrator running her own portfolio website) so I didn't want to go on a deletion spree without advice.

What should I do? Leave them as is, or cull everything .htaccesswhatever that is NOT the actual .htaccess file?

Edit: Whoops, I should have said 200+ BYTES, not kb. It went from 500+kb to 200+BYTES. My bad. Sorry for the added confusion in something that already has me scratching my head.

u/01IdleRaSS876 — 14 days ago
▲ 8 r/cpanel

cpanel maintained csf/lfd - ssh login alert email

It appears a subtle change in the /var/log/secure log format stops csf/lfd from sending ssh login alert emails upon ssh logins with the almalinux 9.8 / cloudlinux 9.8 upgrade.

Will cpanel update the regex to account for the slight ssh login log line difference so ssh login alert email function will work again?

(I see they did so for imap/pop3 login format change at https://docs.cpanel.net/release-notes/configserver-security-firewall-csf-release-notes/#configserver-security--firewall-csf-1620-1 )

reddit.com
u/Gulf-of-Mexico — 11 days ago
▲ 6 r/cpanel

Login theme

Anyone else having a recent issue where WHM and CPanel are loading an old legacy theme on the login screen? Just started happening this morning. Tried updating and rebooting but it didn’t resolve it.

u/grdrummerboi — 13 days ago
▲ 4 r/cpanel

First hosting with cPanel

Probably going to be moving my site(s) from my own server to external hosting, and I'm seeing cPanel a lot. I looked it up, looks fine, certainly better than having to configure apache by hand. Question is: I need environment variables defined in the site config (not in .htaccess.) Can cPanel do that? How granular is the control anyway?

reddit.com
u/mapsedge — 13 days ago