Protect Your Servers: A Step-by-Step Patch Guide for cPanel & WHM Vulnerabilities

By

Introduction

Security flaws in hosting control panels can leave servers exposed to serious attacks. Recently, cPanel and WHM addressed three vulnerabilities that could allow attackers to escalate privileges, execute arbitrary code, or crash services. If you manage a cPanel server, acting quickly is essential. This guide walks you through the process of applying the latest security patches to keep your hosting environment safe.

What You Need

• Root or sudo access to your cPanel/WHM server
• SSH client (e.g., Putty, Terminal)
• WHM login credentials (admin user)
• A backup of your current configuration (recommended)
• Stable internet connection
• At least 30 minutes of maintenance window

Step-by-Step Patch Process

Step 1: Identify Your Current Version

Before updating, check which cPanel & WHM version you’re running. Log into WHM as root and look for the version number at the bottom of the interface. Alternatively, you can run this command in SSH:

/usr/local/cpanel/cpanel -V

Compare the output with the latest release notes on cPanel’s changelog. If your version is older than the patched release (e.g., 11.112.x or later for the CVE fixes), proceed to the next step.

Step 2: Backup Your Server

Always create a full backup before applying critical updates. Use WHM’s Backup feature or run a manual backup via SSH:

rsync -avz /home /var/cpanel /etc /backup/

This ensures you can restore quickly if anything goes wrong. Verify the backup completes without errors.

Step 3: Access WHM Update System

Log into WHM as root. Navigate to Home > Server Configuration > Update Preferences. Ensure the update tier is set to RELEASE (or CURRENT for early adopters). Then go to Home > Software > System Update to see available updates. Click Check for Updates.

Step 4: Apply the Security Patches

In the System Update interface, you’ll see a list of packages marked as updates. Look for cPanel and WHM (or cpanel RPM). Click Update Now or select all updates and apply. The process may take 10–20 minutes. You can also update via SSH with:

/scripts/upcp --upgrade

This command downloads and installs the latest cPanel & WHM build, including the three vulnerability fixes (CVE-2026-29201 and others).

Step 5: Verify the Update Installation

After the update finishes, confirm the new version is installed by checking the version number again:

/usr/local/cpanel/cpanel -V

Cross-reference with the patched version listed in the cPanel security announcements. Also, visit WHM > Server Information > System Health to ensure all services are running.

Step 6: Test Core Functionality

Log into WHM and cPanel as a test user. Check these critical functions:

• Email delivery (send a test message)
• DNS resolution
• FTP/WebDAV access
• PHP processing
• Database connections

If any service fails, consult the Troubleshooting Tips section below.

Step 7: Review Logs for Errors

Examine the update log for any warnings:

tail -n 100 /var/log/cpanel_upgrade.log

Check Apache and MySQL logs for unexpected errors:

tail -n 50 /usr/local/apache/logs/error_log
journalctl -u mariadb -n 30

Resolve any issues immediately.

Tips for a Smooth Patch Process

1. Use a Staging Environment

If possible, apply the patch to a non-production server first. This helps you catch conflicts without impacting live websites.

2. Schedule During Low Traffic

Run the update during a maintenance window (e.g., early morning) to minimize disruption.

3. Monitor Third-Party Plugins

Some custom plugins may break after a cPanel upgrade. After patching, check all installed add-ons in WHM’s Plugins section.

4. Keep Credentials Secure

During the update, protect your root password and SSH keys. Never share them via unencrypted channels.

5. Enable Automatic Updates

To reduce future manual work, set WHM to Auto-Update under Update Preferences. Choose the RELEASE tier for stable security patches.

6. Document Your Changes

Record the version before and after the patch, along with any modifications you make. This helps during future audits.

Conclusion

Applying the latest cPanel and WHM patches is a critical step in securing your server against privilege escalation, code execution, and denial-of-service attacks. By following this guide, you’ve not only fixed the three known vulnerabilities but also strengthened your overall cybersecurity posture. Remember to maintain regular backups and stay subscribed to cPanel security announcements. For further reading, visit the official cPanel Changelog.

Need Help?

If you encounter any difficulties during the update, contact your hosting provider or consult the cPanel forums.

Related Articles

• A Comprehensive Guide to Installing Windows 11 KB5083631: New Features and Fixes
• Last-Gen Apple Powerhouses Mac Pro M2 and Mac Studio M2 Face Dwindling Stock Amid Upgrade Uncertainty
• New in Swift 6.3: Cross-Platform Builds, Community Updates, and More (March 2026)
• Rust 1.95.0 Rolls Out with Compile-Time Configuration Macro and Enhanced Pattern Matching
• Rust's Mortar Mayhem and Workbench Revolution: July Update Breakdown
• Unlock Maximum Power: How to Upgrade Your Bosch E-Bike with Performance Upgrade 2.0
• A Step-by-Step Guide to Understanding the Risks of a National Digital ID Scheme
• Apple's Big Plans: MacBook Ultra, Vision Pro Shift, and Foldable iPhone Ultra