T
he world’s most popular (and expensive) web hosting panel is apparently vulnerable to anyone who decides to connect to your port 2087.
cPanel published a critical vulnerability on April 28th.
A security issue has been identified in the cPanel software affecting all currently supported versions relating to various authentication paths.
Disappointingly, that vulnerability alert used to have a lot more info. Now it just says “update”. Previously, it recommended blocking these ports if you can’t immediately update:
- 2083/2087 – SSL connections
- 2082/2086 – Non-SSL connections
- 2095/2096 – Webmail
- If webdisk is enabled, include 2077/2078
There’s no details on what the actual vulnerability, or any info in the cPanel forums’ security section.
But anyway…firewall those ports or upgrade!
Related Posts:
Get Shared Hosting for $2.40/YEAR from VisualWebTechnologies! Wow!
cPanel Forks CSF (ConfigServer Firewall) and Will Maintain the Product for Its Users
The Biggest Scams of the Biggest Web Hosts
CYBER MONDAY: Save on Cheap cPanel Shared Hosting and Cheap cPanel Reseller Hosting from VisualWebTe...
BLACK FRIDAY: FastNvme Has Awesome Prices on Shared ($2.50/YEAR) and Reseller ($14.50/YEAR) Hosting!
JetHost has Feature-Packed Deals on Cheap cPanel Shared Hosting in the US, Europe, and Asia!
raindog308 is a longtime community LETizen, technical writer, and self-described techno polymath. With deep roots in the *nix world, he has a passion for systems both modern and vintage, ranging from Unix, Perl, Python, and Golang to shell scripting and mainframe-era operating systems like MVS. He’s equally comfortable with relational database systems, having spent years working with Oracle, PostgreSQL, and MySQL.
As an avid user of LowEndBox providers, raindog308 runs an empire of LEBs, from tiny boxes for VPNs, to mid-sized instances for application hosting, and heavyweight servers for data storage and complex databases. He brings both technical rigor and real-world experience to every piece he writes.
Beyond the command line, raindog308 has a life-long love of German Shepherd Dogs, high-quality knives, target shooting, theology, tabletop RPGs, playing guitar, and hiking in deep, quiet forests.
His goal with every article is to help users, from beginners to seasoned sysadmins, get more value, performance, and enjoyment out of their infrastructure.
You can find him daily in the forums at LowEndTalk under the handle @raindog308.
Leave a Reply