cPanel has published a notice of a critical authentication vulnerability affecting supported versions of cPanel & WHM. As a precaution, we have temporarily restricted external access to cPanel and WHM at the network edge while cPanel prepares a patch. cPanel identifies this firewall restriction as the current recommended workaround.
During this time, customers will be unable to access: • cPanel via ports 2082 and 2083 • WHM via ports 2086 and 2087 • Webmail via ports 2095 and 2096 • Webdisk via ports 2077 and 2078
In addition, service (proxy) subdomains may be impacted, including: • cpanel.yourdomain.com • whm.yourdomain.com • webmail.yourdomain.com • webdisk.yourdomain.com
These “proxy subdomains” are simply friendly shortcuts that redirect to your server’s login services (like cPanel or webmail) without requiring a port number. Because they ultimately rely on the same underlying access points, they may not function during this restriction.
This does not indicate an outage of hosted websites, email delivery, DNS, FTP, or database services. Those services are expected to continue operating normally.
We are monitoring cPanel’s patch release and will restore access once the vulnerability has been addressed and we have completed validation.