cPanel and Webmail temporarily unavailable

Our technicians have confirmed that the patch has been applied and the issue is resolved. We want to thank our clients for the patience they've had whilst our team was working on this resolution.

If you have further issues please don't hesitate to contact us.

Our team has now patched every server we have access to.

For all managed servers, you have been updated to the patched version and there is nothing to worry about. This was completed as soon as the patch became available and in advance of our automated patching schedule. In addition, to prevent any malicious use we blocked network access to cPanel ports globally until the patches completed.

There are a small number of servers where we do not have access to apply this patch, in most cases where the server is self-managed and the customer retains root access.

To prevent abuse of the exploit, we have also now globally disabled cPanel access for any server NOT running the following secure versions:

• 11.86.0.41
• 11.110.0.97
• 11.118.0.63
• 11.126.0.54
• 11.130.0.19
• 11.132.0.29
• 11.136.0.5
• 11.134.0.20

If you have a cPanel server with us and your cPanel reports as unlicensed, it will almost certainly be because we have taken it offline for your own security.

Your websites, DNS, and emails continue to operate, but webmail, cPanel, and WHM access is unavailable to keep you protected.

If you’re having trouble accessing or updating cPanel/WHM/webmail please contact us and we can work with you to gain access and apply patches and/or other measures necessary to ensure your system is updated.

Unfortunately this is a worldwide issue affecting every cPanel server online, so we are acting on the side of caution to ensure the safety and security of your server.

Patches are currently being deployed across our servers and affected systems, and access to cPanel is beginning to recover. Login functionality has already returned to normal for some customers.

While some clients may still experience login issues, we encourage you to reach out to our friendly support team for assistance.

We’d like to reassure you that website availability, as well as services such as DNS and email, remain active and are operating as expected. Thank you again for your patience. If you have any questions or need support, our team is available 24/7—please don’t hesitate to get in touch

The root cause of this incident has been identified as an issue originating from cPanel and is outside of our direct control. It has impacted cPanel users globally across all vendors.

cPanel have released a patch to address the problem, and our team is actively applying this update across affected systems as a Priority 1 task. We are continuing to make steady progress toward full resolution.

Importantly, your website availability and core services remain fully operational. This issue is limited to cPanel access only. Sending and receiving emails, as well as website functionality, should continue to operate normally during this time.

We are here to help you through this and will continue to provide updates as progress is made and will confirm once full access has been fully restored.

Thank you for your patience and understanding while we work closely with our upstream provider to resolve this matter.

We were made aware of a possible authentication vulnerability with the cPanel control panel system which was responsibly disclosed to cPanel and on their advice we have blocked access to cPanel and WHM on all managed systems while they release an update. This has taken the cPanel interface offline intentionally while a patch is released.

We expect to be back online within a couple of hours. Apologies for the inconvenience, but your security is our top priority. Your website, emails and other services are not affected.