This page was last updated on:  



Upgrade blockers


If a system is running MySQL 5.0 or below, an upgrade to cPanel & WHM 11.40 will be blocked. In order to upgrade your cPanel & WHM installation to version 11.40, the version of MySQL must be 5.1 or higher. 

New features


In 11.40, we added the ability to assign IPv6 addresses to accounts. The root user can create an IPv6 address range and assign IPv6 addresses in that range to accounts. 

API Shell

In 11.40, we have added the API Shell interface, which allows you to run API function calls interactively within the interface.

 This feature uses live data from your server. API function calls may change or delete data on your server, which can cause your server to fail. Read the documentation for a function call thoroughly before you use it in the API Shell, a script, or through any other method.

For more information, read our API Shell for WHM and our API Shell for cPanel.

Use of 1:1 NAT

In 11.40, WHM allows the installer to detect whether your server is on a NAT-configured network. If the installer detects a NAT-configured network, your server will configure itself for NAT mode and attempt to automatically map local IP addresses to public IP addresses.

For more information, read our 1:1 NAT documentation. 

HTML editor

In 11.40, cPanel's File Manager feature offers a more modern HTML editor. The editor allows users to easily access and edit their HTML files from the File Manager feature. Users can also insert the images they have saved through the File Browser feature. The new editor has replaced the legacy product, WysiwygPro.

To integrate the HTML editor into your branded theme, read our Guide to HTML Editor Integration.

For more information, read our documentation about the HTML Editor HTML editor. 

Security Advisor

In 11.40, we have added the  Security Advisor feature, which runs a security scan on your cPanel & WHM server and advises you how to resolve any security issues that it finds.

We have also updated the Security Advisor in WHM to version 1.03.

For more information, read our Security Advisor documentation.

Session Generator

In 11.40, when root and resellers in WHM access cPanel accounts through List Accounts or the new create_user_session WHM API function call, the Internal Session Tool generates a temporary user and session. This allows third-party applications with WHM access, either through access hash or password, to log into cPanel accounts without the need to store their account password.

For more information, read our API Authentication documentation. 

Account plans now support an extension model

Package extensions allow third-party developers to add custom fields for non-standard variables to packages. This data is stored in both the package data files and the subsequent account data files. Template Toolkit files allow third-party developers to customize the way their variables appear in the WHM interface.

WHM users can view and modify package extension settings from the following interfaces:

For more information, read our Package Extensions documentation.

When you upgrade to 11.40, cPanel & WHM will rename any existing packages that are currently named extensions. The new name will be  package.extensions.random_number , where  random_number  is generated based on your process ID. New packages cannot be named extensions. 

Removal of missing package extensions

You may remove uninstalled or missing extensions from package and account files.

WHM will allow loading of custom CSS in the UI

Admins will now have the ability to further customize the look and feel of the WHM UI using custom CSS in cPanel & WHM version 11.40.

New Backup files are available as downloads in cPanel

If the new Backup Configuration system has been enabled by the web host, cPanel users can download a compressed copy of all of their website’s files.

System Improvements

General Improvements

Longer User Names

In 11.40, cPanel & WHM allows resellers to disable database prefixing and create accounts with user names that are up to 16 characters long. Once database prefixing is disabled, the following interfaces allow use of user names up to 16 characters in length:

Improved account and package interfaces

The following user interfaces have been restyled:

Dovecot upgraded to 2.2

Dovecot has been upgraded to version 2.2 in cPanel & WHM version 11.40. This will allow the Trash and Deleted Messages to be auto-expunged, providing improved performance and better disk space management.

TaskQueue Improved

TaskQueue, the in-product task queuing system, now uses the version provided upon CPAN. The ability to defer jobs has also been added.

Logaholic updated

Logaholic has been updated to version 4.0.5.

Apache SpamAssassin

The Razor2::Client::Agent is now provided with Apache SpamAssassin.

Spamd Startup

The Spamd Startup plugin is now a standard part of cPanel, and will no longer display as part of the Manage Plugins interface. You can now configure startup settings for the Apache SpamAssassin daemon (spamd) through the Spamd Startup Configuration interface in WHM at Home >> Email >> Spamd Startup Configuration.

Anonymous FTP disabled in new installations

FTP services have undergone the following improvements:

Improved Update Preferences interface

Improvements to the Update Preferences interface guide the user towards update and upgrade paths that are attainable (i.e. prevents a user from selecting an older version, representing a downgrade). 

Upgrade improvements

The following changes were made with regard to the update and upgrade processes for cPanel & WHM servers:

Improvements to the upcp script

The upcp script has undergone the following improvements:

Improved automatic upgrades

To reduce support ticket influx, automatic upgrades to subsequent major versions of cPanel & WHM will not always take place immediately. In certain scenarios, cPanel & WHM will apply a zero-to-three-business-day delay before your automatic upgrade takes place.

cPanel & WHM will apply a delay if all of the following are true:

  1. You are on the RELEASE or STABLE tier.
  2. You do not run the upgrade interactively.
  3. Your current version is only one major version away from the target major version.
  4. You do not run the upgrade with the Force option.

The length of your delay is randomly selected. For example, if the new major version is detected on a Friday, the upgrade will not take place until the following Monday, Tuesday, or Wednesday. 

Mailing List Delegation

In 11.40, the cPanel interface now allows account owners to log into Mailman automatically to manage mailing lists. However, if the password is still necessary if the administrator uses email or goes to the Mailman URL directly to manage a mailing list.

Also, the cPanel interface allows mailing list owners to delegate administrative access to specified users.

Finally, we have added columns for access level and administrator email addresses to the table of mailing lists in the cPanel interface

For more information, read our Mailing Lists documentation.

cPanel Plugin File Generator

In 11.40, we incorporated the cPanel Plugin Install File Generator on our website into the WHM interface.

For more information, read our cPanel Plugin File Generator documentation.

Updates to Tweak Settings

Two default archive settings for cPanel have been added to Tweak Settings:

The ifconfig and netstat Commands

The ifconfig and netstat commands do not work well with large numbers of IP addresses bound to a server. Use the ip and ss commands for better performance.

Improved cron job configuration

The CronConfig plugin is now a standard part of cPanel and will no longer display as part of the  Manage Plugins  interface. You can now configure cPanel cron jobs through the  Configure cPanel Cron Jobs  interface in WHM at Home >> Server Configuration >> Configure cPanel Cron Jobs.

Improved dynamicui options

The new touch option for dynamicui.conf allows you to configure icons to only appear in the cPanel interface if the specified touch file is present in the /var/cpanel/dynamicui/ directory. 

Improved ClamAV Scanner

ClamAV Scanner is now a standard part of cPanel, but will still display as part of the Manage Plugins  interface.

Jailshell Improvements

Users with jailshelled terminal accounts will now have the ability to utilize commands that were previously unavailable, such as crontab and passwd.

If you use a utility that monitors system changes (for example, CSF or LFD), you may see the following alert after you upgrade cPanel & WHM to 11.40:

The following list of files have FAILED the md5sum comparison test. This means that the file has been changed in some way.
This could be a result of an OS update or application upgrade. If the change is unexpected it should be investigated:

/bin/crontab: FAILED
/bin/passwd: FAILED

This is a false positive warning. /bin/crontab and /bin/passwd are two symlinks that cPanel uses to link to the CentOS files in the /usr/bin directory. These symlinks allow jailshelled environments to access both crontab and passwd.

For more information, read our VirtFS documentation.

Updated Service SSL Certificate interfaces

Usability improvements have been made to the Manage Service SSL Certificate interfaces providing easier key and certificate creation and improved certificate management.

Small screen autoscroll

In 11.40, we have corrected an issue where error messages and notifications on small-screen display appear outside of the visible display window. The interface will now automatically scroll as necessary.

PostgreSQL Synchronize Grants button

Some versions of PostgreSQL are ANSI SQL-92 compliant and do not support recursive grants, In 11.40, we have added a Synchronize Grants button to the PostgreSQL interface that refreshes the grants to the database.

For more information, read our PostgreSQL Databases documentation.

Legacy MySQL password issue

In 11.40, servers with legacy MySQL passwords were unable to connect to remote MySQL servers.

This issue has been resolved.

Synchronize MySQL Password

In 11.40, we updated the Password Modification and List Accounts interfaces in WHM and the Change Password interface in cPanel. The Synchronize MySQL Password option will only appear if the user has a .my.cnf file in their home directory.

cpsess_tool improvements

In 11.40, we have rewritten the cpsess_tool so that it properly disconnects from MySQL and PostgreSQL. This eliminates the frequent disconnection debug messages in the logs.

Certificate Request validation

In 11.40, cPanel & WHM now allows all characters in the Company Name and Company Division text boxes of the Certificate Signing Requests interface. However, special characters may not be allowed by some certificate authorities. Contact your certificate authority to confirm that they are acceptable. 

Single Sign On session log

In 11.40.1, we have added more information to the session log for the Internal Session Tool and Single Sign On.

For more information, read our API Authentication documentation.

Jailshell permissions and remount for Mailman directories

In and newer versions of cPanel & WHM, jailshelled mounts that contain Mailman directories are now mounted with read and write permissions. This will allow for mod_ruid2 compatibility with Mailman. The upgrade will unmount all jailshells and then remount them if they are active.

Removed Items 

Legacy File Manager's HTML editor

The HTML editor has been removed from the Legacy File Manager feature.

Java Telnet Application

The ancient JTA has been removed.


scripts/uf has been removed from the product.

pre-cPAddon Addons

These pre-cPAddon addons have been removed:

New and Modified API calls

New UAPI Calls

Modified UAPI Calls 

New API Calls

Modified API Calls