Version Certification 2017 Study Guide

Prepare for the cPanel & WHM 2017 Version Certification exam, available only at this year's cPanel Conference in Fort Lauderdale, FL. Register free today by using discount code CERTIFIED.

Prepare for the Exam

Thinking about embarking on the first annual cPanel University Version Certification program? Here's where you should begin. Below you'll find a general summary of the changes and features involved with each of the four cPanel & WHM releases that may be covered on the Version Certification exam, available exclusively at the 2017 cPanel Conference in Fort Lauderdale, FL.

Before you get started, we want to equip you with a general summary of the kind of content you can expect to see. The exam questions will cover both the front-end and the back-end impact of the changes and implementations involved in each of the four versions included in the certification. The links below will provide you with some official documentation and change lists; however we always recommend doing some additional digging, through online communities, test environments, or by simply asking questions.

This basic study guide alone won't be enough to help you acquire this certification, but at the least it will give you a head start. It won't be impossible, but it certainly won't be easy. Take your time in preparation, and give it your best shot - we're looking forward to challenging you.

cPanel & WHM 60

Read the following topic list for a summary of the some of the Version 60 highlights that will be covered in exam.

  • AAAA Records
  • You can now add IPv6 address records in the Initial Setup Wizard, WHM's Basic WebHost Manager Setup, and the Edit Reseller Nameservers and Privileges interfaces.
  • cPanel Email Invitations
  • You can enable or disable new Subaccount invites from WHM's Tweak Settings >> System interface.
  • If invites are enabled, the cPanel sub-user creation interface will send an email with instructions to the user's Contact Email Address, when the "The user will set the account password" is selected.
  • We updated cPanel's User Manager interface to display an indicator if a Subaccount owns an active or expired invite.
  • "The Feature Spotlight"
  • Highlights cPanel's User Manager interface in cPanel.
  • System administrators can disable this via the cPanel Spotlight setting in WHM's Feature Manager interface.
  • Normally, the spotlight appears only the first time cPanel is used. If the user's Page Settings are reset, the spotlight will reappear.
  • Paper Lantern Management in WHM
  • WHM's Branding interface is now WHM's Customization interface.
  • UI Customization Improvements
  • cPanel interface sprites now use SVG format.
  • Wildcard SSL Handling
  • We added wildcard certificates to the cPanel Store in cPanel's SSL/TLS Wizard interface.
  • System administrators and resellers can manage availability, recommendations, and pricing of wildcard certificates in WHM's Market Provider Manager interface.
  • You should still install the wildcard SSL certificate once for each subdomain you wish to secure.
  • The base domain is secured in the SubjectAltName certificate attribute on wildcard certificates from most certificate authorities.
  • Support Tickets in WHM
  • You can create a cPanel support ticket directly from WHM's Create Support Ticket interface.
  • Includes automation for SSH authorization.
  • Let's Encrypt Provider
  • Let's Encrypt is a certificate authority.
  • The plugin adds the Let's Encrypt provider option to the AutoSSL interface.
  • You install the plugin via command line script.
  • Once installed, you only interact with the plugin through AutoSSL.
  • Let's Encrypt has different limits than Comodo (the default provider). For instance, you can only issue 20 certificates per registered domain each week with Let's Encrypt.
  • Let's Encrypt will set the common name to the domain's alias.
  • Service SNI & Domain TLS Changes
  • You cannot upgrade to cPanel & WHM version 60 if your web server does not support SNI.
  • SNI functionality is available for the cpsrvd daemon (cPanel, WHM, and Webmail logins and UI functionality), the cpdavd daemon (Calendar, Contacts, and Web Disk), Exim, and Dovecot services.
  • The Dovecot and Exim servers always enable Mail SNI. We removed all Mail SNI controls from user interfaces.
  • During the upgrade, servers will automatically copy current and valid certificates from the Apache SSL certificate storage to Domain TLS storage. Domain TLS does not copy expired or invalid certificates from Apache's SSL storage.
  • Apache's SSL certificate storage groups domains into virtual hosts, which the cPanel interface refers to as "websites."
  • You can find the Domain TLS files in /var/cpanel/ssl
  • MySQL 5.1 Deprecation
  • cPanel & WHM version 60 is the last version of cPanel & WHM to support MySQL® 5.1 or below.
  • You can not activate a remote MySQL profile if the server runs MySQL 5.1 or below.
  • X3 for cPanel Removal
  • New installations of cPanel & WHM will no longer include the x3 theme for the cPanel interface.
  • x3 theme-related interfaces and options have been removed from WHM.
  • File Manager Trash Handling
  • We added the Age of content to purge from users' File Manager Trash setting in the System section of WHM's Tweak Settings interface.
  • The .trash folders are in user home directories (/home/$USER/.trash)
  • A value of 0 configures the server to purge all files from every user's .trash folder, regardless of age.
  • Automatic trash removal occurs daily.
  • This can be done manually from the command line with /usr/local/cpanel/bin/empty_user_trash
  • PowerDNS & DNSSEC
  • You now have the option to choose the PowerDNS nameserver software in the Initial Setup Wizard or WHM's Nameserver Selection interface.
  • We now allow users to enable DNSSEC on servers configured with PowerDNS.
  • If you enable DNSSEC on any domains on your server, you will not be able to enable DNS clustering on that server.
  • Documentation Release Notes Change Logs Return to Top

    cPanel & WHM 62

    Read the following topic list for a summary of the some of the Version 62 highlights that will be covered in exam.

    • SSL & AutoSSL
    • Domain Verified certificates are the default certificate type offered by AutoSSL.
    • You can purchase OV and EV certificates through the interface.
    • If you choose to use OV or EV certificates, a new tab appears where you can enter the additional information needed for those certificate types.
    • Only root and root-enabled resellers can access the Manage AutoSSL interface in WHM.
    • AutoSSL polls for pending certificates every 5 minutes the first day, every hour the second day, and once a day after that.
    • The maximum length of the commonName field in an SSL certificate is 64 bytes.
    • Site Publisher Updates
    • Site Publisher now comes with 12 templates.
    • Site Template designers can use entered values in rendered JavaScript since they are JSON-safe values.
    • cPanel's Site Publisher interface now displays newer templates first, as determined by the creation date in the meta.json file.
    • Site Publisher template meta.json files can now include a date parameter to indicate the template's creation date.
    • OpenID Connect for Contact Information
    • cPanel updates empty email address fields from OpenID Connect
    • cPanel Zone Editor Interface Merging
    • We redesigned the Simple and Advanced Zone Editor interfaces into the new Zone Editor interface.
    • Both the Simple and Advanced zone editors will remain available in addition to the new Zone Editor interface.
    • The new Zone Editor interface's behavior depends on if the Advanced Zone Editor is enabled in the feature manager.
    • ModSec now uses SQLite
    • We updated WHM's ModSecurity Tools interface to use SQLite.
    • The new ModSecurity database can be found at /var/cpanel/modsec/modsec.sqlite
    • ModSec SDBM
    • The ModSecurity SDBM utility is installed on EasyApache 4 systems.
    • The ModSecurity SDBM utility purges expired entries from the /var/cpanel/secdatadir/ip.pag cache file to save disk space.
    • The ModSecurity SDBM utility is run nightly as part of upcp's maintenance phase.
    • Leechprotect Database Conversion
    • We updated the leechprotect service to use SQLite.
    • The new database can be found at /var/cpanel/leechprotect/leechprotect.sqlite
    • LTS Policy Adjustments
    • LTS will now go into effect from the date of a version's inception until March 31st of the following year.
    • We will provide LTS for version 62 until March 31st of 2018.
    • FileProtect
    • FileProtect became a tweak setting that defaults to on.
    • It protects public_html directories.
    • EasyApache 3 → EasyApache 4 Migration Logging
    • Every time the EasyApache 4 Migration runs, the system logs the configuration to a new unique file in the /usr/local/cpanel/logs/packman/ directory.
    • We implemented an Experimental Repository to allow users access to new features that are still in development. Install it with yum install ea4-experimental
    • We added the Symlink Protection option to the Global Configuration section of the Apache Configuration interface. This option enables the BlueHost Symlink Protection patch. EasyApache 4 installs the BlueHost patch by default, but does not enable it.
    • SourceGuardian for PHP 7 was added to EasyApache 4
    • IonCube 6 was added to EasyApache 4
    • PHP-FPM for Apache
    • Install PHP-FPM per php version in EasyApache 4 under PHP Extensions.
    • PHP-FPM is enabled through the Multi-PHP Manager.
    • PHP-FPM packages are named php##-php-fpm
    • PHP-FPM cannot be used if a virtual host is inheriting its PHP version.
    • FCGId now available
    • The mod_fcgid PHP Handler is now available in the Experimental Repository.
    • Once the experimental repository is installed, mod_fcgid will appear in the apache modules section of EA4
    • FCGId is not compatible with MultiPHP and does not use PHP-FPM settings.
    • MultiPHP Improvements
    • The interface now also displays what version of PHP a virtual host inherits, rather than just the word inherit.
    • When you change a virtual hosts's PHP version, the user interface notifies you of any other virtual hosts that may inherit these changes.
    • When you save changes in cPanel's MultiPHP INI Editor interface, the changes save to both the php.ini and user.ini files.
    • Globally Enabling SPF/DKIM
    • The new /usr/local/cpanel/scripts/enable_spf_dkim_globally script allows you to enable SPF and DKIM globally or for specified users.
    • The command /scripts/enable_spf_dkim_globally will not run without the -x option.
    • Existing DKIM and SPF records are not changed.
    • Defaults Adjustments
    • SPF is now enabled by default.
    • Always redirect to SSL Tweak Setting now defaults to On.

    Documentation Release Notes Change Logs Return to Top

    cPanel & WHM 64

    Read the following topic list for a summary of the some of the Version 64 highlights that will be covered in exam.

    • EasyApache 4 Migration Script Improvements
    • If your system runs CloudLinux, the migrate_ea3_to_ea4 script downloads and runs CloudLinux's EasyApache 4 migration script.
    • The migration script is /scripts/migrate_ea3_to_ea4
    • The migration script copies the /usr/local/lib/php.ini file to the /opt/cpanel/ea-php??/root/etc/php.d/local.ini file and to all installed ea-php versions on your server.
    • The migration script comments out extension directory directives to avoid complications.
    • EasyApache 4 Improvements
    • The EasyApache 4 Recommendations system provides security and configuration information that might affect the packages that you choose to install.
    • The php-tidy packages are now available for all supported operating systems.
    • The EasyApache 4 WHM interface now attempts to automatically correct yum cache issues.
    • We added the ability to upload custom profiles in the EasyApache 4. They are stored in /etc/cpanel/ea4/profiles/custom
    • Multi-year SSL Certificate Availability
    • cPanel Market providers may now provide two-year and three-year certificates.
    • SecurityAdvisor link for KernelCare Purchasing
    • Ace Editor
    • We updated the editor in cPanel's File Manager interface to use Ace Editor for the Code Editor.
    • phpMyAdmin updated
    • We updated the version of phpMyAdmin that the system provides from 4.0.10 to 4.6.6.
    • cPanel Dark & Light Themes Included
    • The cPanel interface now ships with the Light and Dark styles for the default cPanel theme (Paper Lantern).
    • The Light and Dark styles have mobile support.
    • Multi-year SSL Certificate Availability
    • cPanel Market providers may now provide two-year and three-year certificates.
    • ModSecurity OWASP Rule Updates
    • AutoSSL Domain Sorting
    • The sort order first selects FQDNs that are listed in the virtual host’s current SSL certificate.
    • Next comes the primary domain with it's www and mail subdomains.
    • Full sort algorithm can be found in the SSL FAQ.
    • The sort order ensures that the system adds the domains that customers will most likely visit to the certificate first, if the certificate reaches the domain limit.
    • The AutoSSL sort algorithm will select a domain of 64 bytes or fewer to enter in the commonName field of the SSL certificate if such a domain exists on the virtual host.
    • Account Suspension Management in the UI
    • PHP Settings Changes
    • We now automatically adjust the default PHP version memory_limit directive when you set up cPanel & WHM. If you have less than 1GB of ram, we set it to 32M, between 2 an 4 GB RAM we set it to 64M, and over 4GB of RAM we set the memory_limit directive to 128M.
    • PHP sessions are now saved by default in the /var/cpanel/php/sessions directory.
    • WHM DynamicUI System
    • WHM's Home interface now uses a dynamicui.conf file to control the features that it displays.
    • This file exists as the whostmgr/docroot/themes/x/dynamicui.conf file.
    • WHM's dynamicui system resembles cPanel's dynamicui system, but the two files are not currently interchangeable.
    • When you upload custom WHM themes they must contain the appropriate dynamicui.conf file.
    • Themes that include the removed command2 file will not upload properly via WHM.
    • MultiPHP INI Editor Improvements
    • We updated cPanel's ultiPHP INI Editor to also write to the user's php.ini file.
    • We applied filtering to ensure that cPanel's MultiPHP INI Editor does not write invalid directives to php.ini files, .user.ini files, and .htaccess files.
    • MultiPHP Manager Improvements
    • When you change the System Default PHP version, the system now warns you which virtual hosts this will effect.
    • We added an Owner column to the MultiPHP Manager to show the account owner.
    • New Icons & Feature Names
    • To clarify the relationships between feature list options and their associated cPanel interfaces and features, we have renamed many options in WHM's Feature Manager interface.
    • In the most recent versions of cPanel & WHM, we replaced many WHM feature and section icons. cPanel & WHM version 64 completes these updates and ensures that all of WHM's features and sections use their new icons.
    • API Tokens Introduced
    • On upgrade, the /usr/local/cpanel/scripts/convert_accesshash_to_token script is run to convert any existing access hashes into tokens.
    • We added the Manage API Tokens interface to WHM. This interface allows you to create, revoke, and list API Tokens for cPanel users and third-party developers.
    • We also added the Manage API Tokens interface to cPanel DNSONLY.
    • API tokens allow cPanel users and third-party developers to run API functions as a WHM account owner via a key hash.
    • We added the --skipapitokens argument to the /usr/local/cpanel/scripts/pkgacct script. This argument allows you to exclude API tokens when you create a cpmove archive for an account.
    • API token creation and revocation (removal) is logged to /var/cpanel/accounting.log
    • Successful API token calls are logged to /usr/local/cpanel/logs/api_tokens_log
    • Make certain that you save your API token in a safe location on your workstation. You cannot access the token after you navigate away from the interface or refresh the API Tokens table.
    • WHM Plugin Wrapper System
    • WHM plugins now open in a new browser window by default.
    • WHM now includes a wrapper system that plugin developers can access in their custom interfaces.
    • AutoSSL Proxy Subdomain Support
    • AutoSSL adds proxy subdomains to automatically generated SSL certificates.
    • Tweak for Hostname SSL Handling
    • We added the Replace SSL certificates that do not match the local hostname option to the Domains section of WHM's Tweak Settings interface.
    • This setting instructs the checkallsslcerts script to replace any SSL certificates that do not match the hostname of the server with a cPanel-signed certificate. This includes wildcard certificates.
    • Legacy Backup Deprecation Warning and Migration Tools
    • We will completely remove the Legacy Backup system in a future version.
    • The Legacy Backup is officially deprecated, and will not show up at all on fresh 64 installations.
    • The Backup System Migration tool walks users through the migration process with the click of a button in WHM.
    • Legacy to New system migration script - /scripts/convert_and_migrate_from_legacy_backup
    • RPM-based Wordpress cPAddon
    • When you install WordPress through cPAddons with the RPM, it allows you to update WordPress through its own administrative interface.
    • You cannot use the cPAddons interface to upgrade your legacy Wordpress instances to the RPM-based Wordpress installations.
    • TCP Fast Open Support
    • TCP Fast Open is available for the cpsrvd and cpdavd services when enabled in the kernel on CentOS 7 systems.
    • iOS Push Support
    • Customers who receive mail from their cPanel-hosted email accounts can use push notifications rather than polling on Apple devices.
    • The use of Apple Push Notifications requires the installation of an apple-provided SSL certificate, and can be managed from the Manage Service SSL Certificates interface in WHM.
    • An APN certificate can be used on more than 1 WHM server. However the reverse is not true, as only one APN can be used at a time on each WHM server.
    • iContact Support Updates
    • The pluggable iContact feature allows you to send server alert notifications to custom destinations.
    • DMARC Support in cPanel UI
    • You can configure Domain-based Message Authentication, Reporting, and Conformance (DMARC) records for your domains in cPanel's Zone Editor interface.
    • Eximstats Database Conversion
    • The new SQLite database will reside in the /var/cpanel directory to keep the database on the same partition as the /var/lib/mysql directory.
    • The /scripts/slurp_exim_mainlog script will re-import your /var/log/exim_mainlog data. Your eximstats data and the Mail Delivery Report data will be unavailable while this import occurs.
    • If the SQLite database becomes corrupt or unreadable, the system will automatically remove the old database and create a new one.
    • The system retains a maximum of three broken databases so that server owners can attempt to fix the corrupted databases.
    • Apache Solr Integration for Dovecot Search Handling
    • IMAP Full-Text Search Indexing (powered by Solr) provides fast search capabilities for Internet Message Access Protocol (IMAP) mailboxes.
    • Additional Tweak Settings Additions & Changes

    Documentation Release Notes Change Logs Return to Top

    cPanel & WHM 66

    Read the following topic list for a summary of the some of the Version 66 highlights that will be covered in exam.

    • Rsync & Remote Incremental Backup Support
    • You can now set up your backups to use Rsync as a remote destination.
    • Remote incremental backups are now supported, and require the use of the Rsync transport method.
    • Application Manager cPanel Interface
    • We added the Application Manager interface to the cPanel interface.
    • This interface allows you to quickly deploy and easily maintain Ruby applications using Phusion Passenger to your cPanel accounts.
    • Ruby & Passenger Support
    • You must install the ea-ruby24-mod_passenger Apache module before this interface appears.
    • You must choose between the old Ruby on Rails and the new Ruby with Passenger methods server wide.
    • We added the Ruby via Passenger profile customization option to WHM's EasyApache 4 interface.
    • AutoSSL Domain Exclusion
    • We added the ability to exclude individual domains from AutoSSL via cPanel's SSL/TLS Status interface.
    • Excluded domains are stored in: /var/cpanel/ssl/autossl/excludes/$USER.json
    • AutoSSL Queue Storage Format Changes
    • This was done to improve the speed and memory usage on servers with a large number of domains.
    • The new file can be found at /var/cpanel/autossl_queue_cpanel.sqlite
    • EasyApache 4 Profile Management Changes
    • We updated the EasyApache 4 interface to include the a Save as profile and Upload a profile options.
    • Profiles are uploaded to /etc/cpanel/ea4/profiles/custom
    • Deleting profiles is done from the command line by removing the .json file from the above location.
    • Include Handling during EA3 → EA4 Migrations
    • After your system successfully builds EasyApache 4, the system copies your Apache include file data from the /usr/local/apache.ea3/conf/userdata/ directory to the /etc/apache2/conf.d/userdata/ directory.
    • The system checks the syntax of each file for EasyApache 4 compatibility after it moves it. If the file is not compatible, then the system deletes it from the EasyApache 4 destination directory and continues the copy process.
    • PHP ini File Handling Changes
    • We removed the use of local.ini files in EasyApache 4.
    • WHM's MultiPHP INI Editor interface now saves changes to the php.ini file rather than the local.ini file.
    • Google Drive Support in Backups
    • You can now set up your Google Drive™ account with backups as a remote destination.
    • Configuration details for Google Drive backups are stored in /var/cpanel/backups/
    • Interface Updates for Frames Removal in WHM
    • WHM now has no frames or framesets.
    • Without frames, each page now has a direct url that shows in the browser's address bar.
    • WHM interfaces that open in frames and iframes now hide WHM's left navigation menu by default.
    • Plugin developers must now explicitly include the WHM header and footer template files in custom interface files.
    • WHM Interface to Globally Enable DKIM/SPF
    • We added the Enable DKIM SPF Globally interface to automatically create DKIM and SPF records for all accounts on the server.
    • If a domain currently possesses an SPF record, the system will append the appropriate IP address from the /var/cpanel/mainip file to the existing record.
    • The system will not modify existing DKIM records.
    • Errors in the process will be logged to /usr/local/cpanel/logs/error_log
    • cPHulk Database Conversion
    • We updated the cPHulk service to use SQLite.
    • The new database is located at /var/cpanel/hulkd/cphulk.sqlite
    • The upgrade automatically converts existing cPHulk databases from MySQL to SQLite.
    • Any existing MySQL databases will remain on the server after the upgrade.
    • MariaDB 5.2 Upgrade Availability
    • We added the ability to upgrade to MariaDB 10.2.
    • phpMyAdmin Updated
    • We updated the version of phpMyAdmin that the system provides from 4.6.6 to 4.7.0.
    • Changed cPanel Contact Information Restrictions
    • You can now use a domain hosted by the account for the contact information address, although we still warn against it.
    • PHP-FPM Defaults on New Accounts
    • We added the System PHP-FPM Status option in WHM's MultiPHP Manager. If this is enabled, new domains will use PHP-FPM by default.
    • We added the Convert all Accounts to PHP-FPM option in WHM's MultiPHP Manager interface to convert all of the server's domains and their subdomains to PHP-FPM with a single click.
    • The system uses the /usr/local/cpanel/scripts/php_fpm_config script with the --convert_all flag to convert all accounts to PHP-FPM.
    • We added the System PHP-FPM Status option in WHM's MultiPHP Manager. If this is enabled, new domains will use PHP-FPM by default.
    • If System PHP-FPM Status is on, the PHP version is now set specifically to the system default on account creation, instead of starting out as inherited from the system default.
    • Introduction of Wordpress Manager Plug-in
    • The Wordpress Manager Plug-in allows you to manage the WordPress installations on your cPanel account.
    • This interface will not appear until you install the RPM-based WordPress® cPAddon.
    • Access Hashes Disabled by Default
    • To enable accesshash keys on a cPanel & WHM server, navigate to the Security section of WHM's Tweak Settings interface and set the Allow deprecated WHM accesshash authentication setting to On.
    • This setting defaults to Off.
    • New Notification Types
    • SSH Configuration Error: The system detects an error when attempting to change the sshd_config file.
    • We added the cPHulk Database Integrity Notices alert to WHM's Contact Manager interface. Your server generates this alert when cPHulk detects SQLite database corruption.
    • Outgoing Email Threshold Exceeded: A domain exceeds the daily emails sent threshold defined by the Number of emails a domain may send per day before the system sends a notification. option in WHM's Tweak Settings interface (a new setting that defaults to unlimited).
    • New UAPI & WHMAPI1 Calls

    Documentation Release Notes Change Logs Return to Top