NYhost updated all cPanel servers : Help Center

updated: May 14th, 2026 at 16:30 EST

Dear NYhosters,

We've patched all cPanel servers per emergency notices: https://support.cpanel.net/hc/en-us/sections/360007088193-Security (May 13th) also this: https://support.cpanel.net/hc/en-us/articles/40437020299927-Security-CVE-2026-29205-cPanel-WHM-WP2-Security-Update-May-13-2026 (May 14th, 2026)

We also updated Linux Kernels and default PHP 8.3 (ea-php83 and alt-php83). As a result, websites with outdated PHP scripts installed years ago, will produce various Apache errors ("500 internal server error", "service unavailable" etc.) However, your websites and data are fine (read below).

To resolve such errors, please follow these steps:

1. Check disk space usage. You must have sufficient disk quotas in order to run full cPanel backup via control panel. For example, if website is over 5000 MB, you need to assign at least 15000 MB, so 10000 will be free.

2. If you have enough disk space, please generate cPanel backup via cPanel > General full cPanel backup. You may also backup MySQL data bases (same cPanel Backup page).

3. Download cPanel backup and MySQL DBs to your PC.

NOTE: IF YOU REQUIRE ANY ASSISTANCE WITH "BROKEN" WEBSITE, PLEASE DROP A TICKET WITH DOMAIN OR LIST OF DOMAINS. WE'LL BRING THEM UP THEN PROVIDE UPGRADE INSTRUCTIONS. DO NOT ATTEMPT TO FIX WEBSITES UNLESS YOU ABSOLUTELY SURE WHAT TO DO NEXT.

4. Once you download backups to local computer, you may work with errors. Please check cPanel > Errors for some clues, check configuration files php.ini in root folder, inside public_html folder etc. You should also check .htaccess file, it may contain invalid directives, outdated values added many years ago and no longer supported. DO NOT CHANGE ANY CONFIGURATION FILES (unless you know what to do next).

5. Some websites, built on PHP, for example, WordPress, may produce 500 internal error. You need find working version of old PHP via cPanel > MultiPHP. For example, your website is running on "alt-php74". Downgrade to ea-php74, WAIT FOR 2 MINUTES, then check website. If website loads normally, YOU MUST UPGRADE WORDPRESS, install new theme, remove old themes, update all plugins or remove unused. Please don't forget to secure WordPress with free Wordfence Security Plugin then activate 2FA for all admins.

6. Once you complete upgrade, please try to revert back PHP version via cPanel > MultiPHP. Current stable PHP: 8.3 (ea or alt). When you apply new version of PHP, website will appear down for about 1-2 minutes. This is normal.

Once again, new cPanel no longer allows to run outdated scripts due to various security settings. If your PHP script installed years ago (and we've seen 10+ year old installations), it will fail within new environment. Please keep your PHP scripts, plugins and themes updated.

We do support all PHP versions for your convenience (depreciated alt-56, alt-70 etc). Please consider using PHP 8.3 (alt or ea). Old "EA" versions will be removed for good to prevent abuse. ALT (secured) will remain without PHP-FPM.

Finally, we've been asked WHAT IS GOING ON WITH CPANEL. Nothing really, AI botnets attacking cPanel 24/7. Vulnerabilities are being discovered within other control panels as well, regardless of OS (Windows/iOS/Linux).

From now on, cPanel security patches will be released on weekly basis.

THANK YOU!

All cPanel servers have been updated (addressed all recent CVEs) Print

Related Articles