16 comments

[ 2.5 ms ] story [ 47.9 ms ] thread
CPanel and hosters who use them are in big trouble now; there are millions of servers running them, many of them for decades. Their clients can run code as an user without much sandboxing/guardrails at all.
Ages ago I used php-nuke to manage my forum and it got hacked and I thought it would get taken seriously

Seeing these CPanel hacks remind me how old these codebases are and how much more vulnerability remain

Cpanel is Perl, not PHP. Probably the grayest of the gray beards. Perhaps not enough Perl Wizards left to maintain it nowadays.
well, any accounts running outdated workloads (could be anything LAMP-flavored) could be attack vectors, with the entire shared machine possibly compromised by any weak account due to these latest LPEs

these cPanel machines frequently run 4- or low-5-figure quantities of customer accounts, each with potentially multiple domains or CMS deployments, and not always the most technically-engaged customer base, so that's a lot of surface area to account for: how diligent can hosts realistically be about every WordPress plugin, every Drupal or Magento module, and so on?

(nb I don't like shared hosting and am not defending it, just addressing the reality of the long tail)

Wow, similar sentiments about this being a throw back. I’d rather roll my own almost everything these days, may not be as good, but certainly won’t be targeted exploited broadly.
Friendly reminder that there aren't that many ways for a normie to create their own (sub)domain with TLS and an email in under five minutes. That's cPanel for ya.
"AI safeguards" are not working I guess.. or maybe they're only working against those who'd like to secure their software.. good job Anthropic + OpenAI!
The AI safeguards are indeed a joke, you can get around their classifier by simply masking out all the unsafe words and it will happily work on your rootkit.
So CPanel's security is just as bad as their UI, who would have thought?
44,000 servers compromised? Sounds like somebody could've used a software building code
> CPanel

Now there's a name I haven't heard since the 2005 or so era.

How is that thing still around?

Next you're going to tell me people still run phpBB and vBulletin somewhere. And use FileZilla FTP. And manage their database with phpMyAdmin.

Most LAMP FOSS web apps have a long history of being hacked.

Is there any specific LAMP web app(s) that has a very good history of not being hacked?

I can't think of any readily but I imagine someone here knows one or two.

Not all webhosting companies are using cpanel. Cpanel increased their prices exponentially in the last few years.
We've been running Centminmod on our servers for years. Love the software. There is no fancy web UI but it does have CLI menus, etc... so, definitely not for the novice but it's really good at what it does. I'm not affiliated, just a happy customer:

https://centminmod.com/