Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

cPanel trying to update over http?

Discussion in 'Security' started by dvk01uk, Mar 19, 2018.

Tags:
  1. dvk01uk

    dvk01uk Member

    Joined:
    Oct 20, 2007
    Messages:
    13
    Likes Received:
    0
    Trophy Points:
    51
    Why is Cpanel trying to update rpm over http. Surely this is a big security risk with the potential for fake updates to be inserted in the update chain
    Example from today's update log:
    Code:
    
    
    [2018-03-20 03:32:18 +0000] [/usr/local/cpanel/scripts/rpmup] http://85.13.201.2/cpanelsync/repos/CentOS/6/EA4/repodata/repomd.xml: [Errno 12] Timeout on http://85.13.201.2/cpanelsync/repos/CentOS/6/EA4/repodata/repomd.xml: (28, 'Operation too slow. Less than 1 bytes/sec transfered the last 30 seconds')
    
    [2018-03-20 03:32:18 +0000] [/usr/local/cpanel/scripts/rpmup] Trying other mirror.
    
    [2018-03-20 03:32:18 +0000] [/usr/local/cpanel/scripts/rpmup] http://85.13.201.2/cpanelsync/repos/CentOS/6/cPAddons/x86_64/repodata/repomd.xml: [Errno 14] PYCURL ERROR 56 - "Failure when receiving data from the peer"
    
    [2018-03-20 03:32:18 +0000] [/usr/local/cpanel/scripts/rpmup] Trying other mirror.
    
    [2018-03-20 03:32:18 +0000] [/usr/local/cpanel/scripts/rpmup] No Packages marked for Update
    
    
    
    and from previous update files

    Code:
    Fetching CPAN mirrors...Fetching http://httpupdate.cpanel.net/pub/CPAN/MIRRORED.BY
    
    http://httpupdate.cpanel.net/pub/CPAN/MIRRORING.FROM (connected:1).......(request attempt 1/12)...@185.69.232.245......receiving......request success......Done
    
    Three usable fallback mirrors located
    
    
    Fetching http://mirror.reismil.ch/CPAN/index.html (connected:1).......(request attempt 1/12)...Resolving mirror.reismil.ch...(resolve attempt 1/65)...@37.252.190.140......receiving......request success......Done 
    How do we force Cpanel /WHM to only update via HTTPS not insecure http
     
    #1 dvk01uk, Mar 19, 2018
    Last edited by a moderator: Mar 20, 2018
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,802
    Likes Received:
    1,896
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice