1. rpvw

    cPanel Security Advisor

    Since upgrading from 58.0.25 to 58.0.26, the cPanel Security Advisor is taking much longer to complete. It used to run for 40 to 60 second, it is now taking up to six minutes. Not a huge problem, but it does encourage navigation away from the manager, and then going back and starting a...
  2. E

    Problem security access account email from webmail

    Hi all, i ask some help about a security problem. I have some servers with cpanel / WHM installed on them, i use as webmail classical client as Horde, Roundcube and Squirrelmail, i'm seeing that if i login into cpanel user account i can enter normally in every email account through webmail...
  3. coursevector

    Periodic security advisor notification usr/bin/needs-restarting

    I've been getting these for the past few weeks now coinciding with v56 pushing to STABLE tier (I believe). It is preceded by an abrt crash and then a notification that the server needs restarting. Why is this happening all of a sudden? I've had to restart the servers way more often than I should...
  4. T

    Security Advisor, grub.conf on Centos 7

    I am getting the following from the security advisor Current kernel version does not match the kernel version for boot. running kernel: 3.10.0-427.10.1.lve1.4.7.el7.x86_64, boot kernel: Reboot the system in the "Graceful Server Reboot" area. Check the boot configuration in grub.conf if the new...
  5. I

    Warning in Security Advisor: "Could not open /proc/3/smaps"

    I started receiving emails with new security advisor notification (please see screenshots) This is the version of the server: CENTOS 6.7 x86_64 standard - WHM 56.0 (build 14) How can I solve?
  6. G

    Security Advisor Kernel match

    Hi, I installed a new Cpanel server on CentOs 7.2 I installed all the system update and WHM 11.52.2 (build 5) When the system boot, grub choose the kernel 3.10.0-327.4.5.el7.x86_64 which seems to be the last available. If I run "uname -r" I gott the same version as booted but the securitu...
  7. A

    Security Token / x3 Theme

    I have a script that builds sites using a lot of automation. The issue that I have is that WHM recently updated to v 54, which removed x3 theme, and I think Security Token configuration. Is there a way to get x3 theme back? What changes to Security Tokens were made with v 54? Is there a way to...
  8. B

    The security token is missing from your request.

    "The security token is missing from your request." I get this message every time I type in my domain name and try to access my new website. I have searched all over the web for the solution and nothing has worked thus far. Any ideas? Thanks.
  9. postcd

    'openssl', version '1.0.1e', is out of date, and possibly a security risk.

    Hello, i have CentOS 6.7 and cpanel on it. from rkhunter i got this warning: Warning: Application 'openssl', version '1.0.1e', is out of date, and possibly a security risk. # openssl version OpenSSL 1.0.1e-fips 11 Feb 2013 WHM 11.52.0 (build 22) How should i safely fix it while not...
  10. postcd

    shell_exec() has been disabled for security reasons in /usr/local/cpanel/whostmgr/.../logger.php

    Hello, in root folder on WHM server i have "error_log" file which contains many log lines from today and many days before: PHP Warning: shell_exec() has been disabled for security reasons in /usr/local/cpanel/whostmgr/docroot/themes/x/xtra/functions/load/logger.php on line 76 Is it problem...
  11. R

    Mod Security audit_log

    Well, I saved moved the file to a backup, just to be safe. But I think there is something else going on. When I look at /usr/local/apache/logs/modsec_audit.log on this server it's empty. When I open that file on other servers where I am not getting this error it's full of directives/code.
  12. E

    How to Avoid Software Security Notice?

    I happened to install a Wordpress blog through Cpanel. However as the version updates did not happen for a few days after release, I manually upgraded the software by replacing the needed files. Now, even though my software version is updated, Cpanel keeps sending me these notices because we...
  13. C

    Having trouble running Java applet on SSH (Java security issue)

    Hello, I am new to this forum and this was the first time I was going to use SSH on cPanel. When I tried loading SSH on cPanel, I got an error from Java telling me that even though the domain name (my cPanel domain name) is listed on my exception list, "the application refers to resources on...
  14. W

    Somewhat a security issue

    Hi guys. Don't know how to describe this, but recently we saw some flaws on one our the sites the we have. So basically what's happened is that when you go to a link on the site, it shows up the page. But then when you delete part of the link and hit enter again, it shows up the index directory...
  15. I

    security policy error after password age change password (root)

    I have password expiration enforced after every 90 days and I got this message in cPanel's error_log after I changed my password: [2015-03-06 09:18:52 +0800] warn [Fileman::statfiles] Encountered error in Fileman::statfiles: The file “” is not available. securitypolicy: Called...
  16. G

    The security token is missing from your request.

    Hi, I was given help to set one up. I've done everything according to the directions I followed on I then accessed the webhostingpad. I've done the redirect and the final step - go back. When I try to log into the site I get thrown back to CPanel Accellerated 2 with the following...
  17. T

    [Case 180057] Enabling PasswordAge in the security policy can cause a 302 redirect loop

    FYI, If password change is disabled in Feature manager, turning on Main >> Security Center >> Configure Security Policies >> Security Policy Items >> Password Age causes following message and 302 redirect loop at cPanel login. (Maybe there should be a note in Security Policy Items UI about...