Security
- Unable to include or exclude domains from AutoSSL using SSL/TLS Certificates interface
- AutoSSL Problems error appears in the account interface
- Roundcube vulnerabilities prior to version 1.6.14.
- AutoSSL certificates are not installed automatically on new domains
- SSL/TLS Status page does not show
- cPanel fails to automatically start after setting update-crypto-policies --set FUTURE
- cPanel SSL/TLS error :: SSL certificate orders require the subscription type
- The cPanel-CSF package cannot unlink webmin, csfwebmin.tgz, or uninstall.sh
- [AutoSSL] Local HTTP DCV error 404 (not found) - Incorrect DNS
- [AutoSSL] Local HTTP DCV error 404 (not found) - IPv6 Record Issue
- [AutoSSL] Local HTTP DCV error 404 (not found) - .htaccess directives
- ClamAV cannot be installed on an Ubuntu 24 server
- SSLv3 is still a selectable option for SSL Minimum Protocol setting on v132.
- What are the minimum SSL protocol versions that Dovecot 2.4 accepts?
- Local Privilege Escalation Vulnerability using the Team Manager API CVE-2025-66429
- WP2: Enabling "Limit logins to verified IP addresses" option results in "Two-Factor Authentication" prompt.
- Team member password change by email blocked by cPanel password change feature being disabled
- AutoSSL fails with PKCS#1 1.5 is disabled as it is known to be vulnerable to marvin attacks
- How can I include and exclude domains for AutoSSL via the command line
- Webmail does not login to inbox after enabling two-factor authentication
- Unable to export private GnuPG secret key when using non-default server locale.
- AWStats vulnerability PTT-2025-021
- Error when using API function: “500 Security Policy requires exec termination.”
- Imunify360's Exim+Dovecot brute-force attack protection module erroring due to latest dovecot updates
- Two-factor Authentication (2FA) is reported as removed when using Team User.
- Security Advisor reports MySQL is configured to listen on all interfaces when using Imunify360 to close all ports except specified
- Does cPanel have any plans regarding the closure announcement of ConfigServer Services?
- How to stop ImunifyAV
- Rules are added to cpanel-dovecot-solr firewall chain each time service is restarted
- Service subdomains can still be accessed when port is blocked