cPanel support gone bad

[JIKOmetrix]

Where do you post to discuss cPanel Support gone bad.
I opened a support ticket to fix and TLS issue and cPanel support broke my server when when they removed my SSL certificates without asking on a production server and replaced them with self-signed or let'f encrypt certs that throw security warnings.
I want to discuss this with someone at cPanel.
However, I'm NOT PAYING $65 to log a complaint.
Anyone know where to post?

 

[ankeshanand]

I don't think this is considered breaking the Server!
Yep, On Self Signed certs, There comes a Security warning which if you need to go ahead, you have to click on Proceed to Unsafe site but you can easily issue new SSLs to the Hostname.
Also, Self Signed Certs don't cause trouble in Receiving Emails and does the same work! and Don't even log a Complaint even if for free because this is not Breaking the Server!
You can still revert back to your Old SSL by going to WHM> Service SSL Certificates
May I know If you are totally new in Server Management?

 

[JIKOmetrix]

I'm not going argue semantics. I asked for support one issue and the support tech create a flood calls from customers who were getting security warnings.

For a seasoned tech like your self, a warning is just that. For non-tech people, they freak out and want to know if they have been hacked or what were they exposed to.

To non-tech people the server is BROKEN, They won't cross the line of warning presented.

Are you new to customer service? Are you aware that customers don't remember all the days servers are up and running smoothly and the work it takes to do this?? They only remember each time they had trouble like this.

Additionally, I asked where to post complaint. Are you able to provide direction?

 

[ankeshanand]

I am not aware of Any Complaint portal available by cPanel... Maybe @cPRex will be able to guide you.

It just takes 1min to fix the SSL error issue and unless there is something related to SSL, They won't just change the Hostname SSL as they are experts in their own Systems! From what I know, My Customers remember than all my Servers are running fine since 300 Days totally fine and For your clarity, I logged into my Server in June last just to Update it to Version 94!... I Don't think cPanel Servers ever require Maintainenece after they are secured!

 

[JIKOmetrix]

ankeshanand ... I know you mean well. The SSL issue was corrected.

You are making these comments like the broken SSL was only up for a one minute. We were flooded with calls.

That is the issue. Support kicked our server between the legs and left it with a bad certificate with out tell us they were changing the certificate.

The worst part is that the Certificate had nothing to do with the issue at hand. The support request was for Ciphers.

You seem to be well versed as an admin.

How do I disable Cipher Suite: TLS_DH_anon_WITH_AES_256_GCM_SHA384 in pure-ftpd?

I'm told by External Vulnerability and SSL Scan Report that this cypher should be disabled.

 

[ankeshanand]

As Far as I know, Just go to WHM > FTP Server Configuration and change it...
TLS Cipher Suite: HIGH
and Maybe, They were testing your Server for SSL Seeing TLS was involved!

 

[cPRex]

@JIKOmetrix - can you let me know the ticket number so I can look into this?

 

[JIKOmetrix]

As Far as I know, Just go to WHM > FTP Server Configuration and change it...
TLS Cipher Suite: HIGH
and Maybe, They were testing your Server for SSL Seeing TLS was involved!

Hello,

This is the current configuration that was tested "TLS Cipher Suite: HIGH".

I'm not sure how they would see the TLS_DH_anon_WITH_AES_256_GCM_SHA384 cipher specifically if "high" should exclude it?

 

[JIKOmetrix]

@JIKOmetrix - can you let me know the ticket number so I can look into this?

I'll warning you it is an ugly ticket. However, today is a new day and the server is back in its original state.

I've posted the same requested data above. However, the request was derailed when a cpanel tech decided to change the certificate on the server for a bad certificate when we were asking about ciphers.

I have since blocked access to the server. cPanel has not access to the server. The 3 people on the ticket have provided not information regarding the OP, as they were looking at the certificate issue created by cPanel support.

Id #94355755

It would be great if support can research the issue and provide direction. I will not give cPanel access to my servers again.

 

[cPRex]

Thanks for that - I see you've been in touch with one of our supervisors already through the ticket, so it's already been escalated. I do want to point out that there is never a charge to get in touch with our supervisors as you can ask for that in any ticket at any time if you feel things aren't going how you expect.

I can't really comment much more here since our supervisors are looking into it, but they plan to send another reply soon as we're reading through and investigating the ticket on our end.

 

[JIKOmetrix]

Thanks for that - I see you've been in touch with one of our supervisors already through the ticket, so it's already been escalated. I do want to point out that there is never a charge to get in touch with our supervisors as you can ask for that in any ticket at any time if you feel things aren't going how you expect.

I can't really comment much more here since our supervisors are looking into it, but they plan to send another reply soon as we're reading through and investigating the ticket on our end.

Yup, I know this now. Thanks for looking.

 

[JIKOmetrix]

So in case anyone wants to know the answer to "How do I disable Cipher Suite: TLS_DH_anon_WITH_AES_256_GCM_SHA384 in pure-ftpd?"

Change TLS Cipher Suite value to be HIGH:!ADH and save.

Booooom!!! and done. ;-)