Patching of vulnerable systems and the lifting of the port restrictions are well underway. However, this process will take some time as every server must be patched and its IP addresses reconfigured within the edge firewall.
Simultaneously, we are working on taking inventory of customers with cPanel VPS products that also must be patched and reaching out to customers as needed with further information.
We appreciate your continued patience and understanding of the need for the precautionary measures taken to preserve data security.
Posted Apr 29, 2026 - 20:30 UTC
Identified
A patch has been released, and our cPanel engineers are currently working to apply it to our shared cPanel servers before reversing our previous mitigation measures.
Once the issue has been marked resolved, VPS customers may apply the patch to their own servers using the WHM Software Update feature or by submitting a support request to have the team perform the update on their behalf.
Posted Apr 28, 2026 - 22:21 UTC
Investigating
cPanel has published a notice of a critical authentication vulnerability affecting supported versions of cPanel & WHM. As a precaution, we have temporarily restricted external access to cPanel and WHM ports 2083 and 2087 at the network edge while cPanel prepares a patch. cPanel identifies this firewall restriction as the current recommended workaround.
During this time, customers may be unable to access: • cPanel via ports 2082 and 2083 • WHM via ports 2086 and 2087 • Webmail via ports 2095 and 2096 • Webdisk via ports 2077 and 2078
In addition, service (proxy) subdomains may be impacted, including: • cpanel.yourdomain.com • whm.yourdomain.com • webmail.yourdomain.com • webdisk.yourdomain.com
These “proxy subdomains” are simply friendly shortcuts that redirect to your server’s login services (like cPanel or webmail) without requiring a port number. Because they ultimately rely on the same underlying access points, they may not function during this restriction.
This does not indicate an outage of hosted websites, email delivery, DNS, FTP, or database services. Those services are expected to continue operating normally.
We are monitoring cPanel’s patch release and will restore access once the vulnerability has been addressed and we have completed validation.