cPanel recently released a notice that all of the following versions of cPanel are vulnerable to a new issue found
11.54.0.4 & Greater
11.52.2.4 & Greater
11.50.4.3 & Greater
11.48.5.2 & Greater
You should update cPanel to the latest version to ensure you are protected from this. You can update cPanel via SSH or WHM.
If you are trying to redirect from www.yourdomain.com to www.yourdomain.com/subdirectory/ this requires a special .htaccess config to avoid creating a loop. You can use the following in the .htaccess of the main site. Replace yourdomain.com with your own website, and replace newfolder with the name of the folder you want to redirect to.
RewriteEngine on
RewriteCond %{HTTP_HOST} ^(www.)?yourdomain.com$
RewriteCond %{REQUEST_URI} !^/newfolder/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /newfolder/$1
RewriteCond %{HTTP_HOST} ^(www.)?yourdomain.com$
RewriteRule ^(/)?$ newfolder/index.php [L]
cPanel has offered 2 options for pop/imap mail software for several years. But now Courier is being deprecated and cPanel is now requiring all servers to be upgraded to Dovecot.
You may have received the following notice:
The cPanel & WHM update cannot proceed because the following service has been deprecated: Courier You have 27 day(s) and 23 hour(s) until we remove Courier and replace it with Dovecot. To continue using Courier, you must change your Update Preferences in WHM to Long Term Support (LTS). By switching to LTS, you will not receive new features and eventually will stop receiving security updates. cPanel & WHM version 11.52 will be the last LTS version to support Courier. For more information about Long Term Support: https://go.cpanel.net/longtermsupport
To be able to continue receiving updates and stay current with the latest features of cPanel, it’s best to switch now to Dovecot.
This can easily be done in WHM, go to the link ‘Mailserver Selection’, then on that page click the button next to Dovecot, and click Save at the bottom.
It will automatically switch and convert the entire server. There should be no downtime and no lost mail. Users should not notice any difference and should be completely seamless.
Yet another glibc vulnerability has been detected on Feb 17, 2016 which effects:
Red Hat Enterprise Linux 6 & 7
CentOS 6 & 7
CloudLinux 6 & 7
(It also effects non-cpanel operating systems Debian Squeeze, Wheezy, Jessie, Ubuntu 12.04 & 14.04)
To patch your server, type:
yum clean all
yum -y update glibc
For more technical information on this vulnerability, please see:
http://www.kb.cert.org/vuls/id/457759
https://googleonlinesecurity.blogspot.be/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html
https://access.redhat.com/errata/RHSA-2016:0176
cPanel Server Management 