Skip to main content

Old cpanel vulnerable?

Comments

3 comments

  • cPanelMichael
    Hello :) It's not feasible to use a version of cPanel that is no longer supported. The LTS release for cPanel version 11.30 is: 11.30.8.0 With no license, your best option is to backup the accounts and manually restore them on a new server without cPanel installed. Thank you.
    0
  • seancho
    [quote="cPanelMichael, post: 1721122">Hello :) It's not feasible to use a version of cPanel that is no longer supported. The LTS release for cPanel version 11.30 is: 11.30.8.0 With no license, your best option is to backup the accounts and manually restore them on a new server without cPanel installed.
    Thanks. So, just to clarify, cPanel 11.30.3.5 is vulnerable to attack, even without an installed license? Given that this is a full-time production server, I don't know that the client wants to start from scratch with a new server install. Is there no way at all to disable cpanel so that it can be rendered invulnerable to attack? I don't want to use it - completely disabled would be fine. Seems like there should be a way to stop anyone, local or remote, from connecting to it, render core files inoperable, or something, but I'm just not very familiar with the inner workings of cPanel, or the possible exploits of these older versions.
    0
  • cPanelMichael
    Several security releases have been issued since that version. You can find a list of the targeted security release announcements at: [url=http://cpanel.net/category/security/]Security | cPanel You must format the partitions and reinstall the operating system in order to fully uninstall cPanel due to the nature of how cPanel integrates itself very deeply into the OS. Thank you.
    0

Please sign in to leave a comment.