When using cPanel/Sectigo as the SSL provider for AutoSSL, you may occasionally see this error in the autossl log: The “cPanel (powered by Sectigo)” provider cannot currently accept incoming requests. The system will try again later. This error seems to be caused be incorrect permissions in /var/cpanel/ssl/domain_tls/. You can fix this with the following command:…
Read more
Having SSL problems? One of the most common issues our team handles is related to websites not properly displaying over HTTPS, whether it be the website either not loading entirely, or just not showing the green padlock: If you’re sure that the SSL certificate is installed properly, but your site isn’t showing as secure, there…
Read more
Update! cPanel supports LetsEncrypt, but you just need to install the plugin for it to work. To do this, run: /scripts/install_lets_encrypt_autossl_provider Once installed, Let’s Encrypt will appear in WHM’s Manage AutoSSL interface (Home >> SSL/TLS >> Manage AutoSSL) where you can enable the provider. At the time of this writing, LetsEncrypt is in public beta…
Read more
Note: This is an update from our 2011 post. If you’ve taken a peek at your PCI scan results lately, you may have noticed that your scan provider is now requiring OpenSSH 6.6 or higher due to CVE-2014-2532 – a version that is not currently available in the CentOS 5 or 6 repositories. A Yum update isn’t going…
Read more
UPDATE 6/18: Shortly after this was posted and one of the major hosting companies I’m affiliated with removed BetterLinux from their servers due to stability problems, BetterLinux announced that they are shutting down, effective July 1st. Customers ask us all the time whether they should use CloudLinux or BetterLinux on their servers, and what differences exist…
Read more
The latest security buzz this month is about the SSLv3 POODLE vulnerability, and how SSL version 3.0 is now officially designated as insecure, joining its predecessors versions 1.0 (unreleased) and 2.0. This effectively concludes the life cycle of the SSL protocol in favor of TLS. This post will give you a brief overview of what POODLE…
Read more
Web hosts often shy away from the idea of allowing SSH access to their clients on shared servers, typically due to security concerns bred by the hosting industry. Some of the largest providers, however, are now offering SSH to make their services more functional for advanced users, so now we are often asked whether allowing SSH as a feature is a…
Read more
cPanel 11.44 introduces a new feature fresh from their feature request system that now allows server administrators to deploy the configuration of one server to multiple servers in what the they call a “configuration cluster”. It will start by offering this capability to just the cPanel update preferences, but will eventually be expanded to work with…
Read more
Over the past few days, we have received an overwhelming number of questions about the OpenSSL Heartbleed bug and how cPanel system administrators should be handling this. First of all, if you haven’t read Codenomicon’s write-up on the bug, which thoroughly explains what it is, you should look visit heartbleed.com. Because their website already covers…
Read more
Us administrators eventually come to the realization that when you have a wildcard SSL certificate for 40 subdomains, you can’t practically have separate IPs and cPanel accounts for all of them. If you have a wildcard SSL certificate for all your su cheap kamagra bdomains, you can easily install the certificate on a single IP…
Read more
