Many thanks for your patience today. We’re still working on this problem with cPanel+WHM.
There is a new security update that has been pushed out to all release tiers.
Changelog for cPanel+WHM 132.0.25:
- Security Case SEC-67580: Fix cPanel File Download Endpoint IDOR Vulnerability (CVSS Score: 6.5)
- Implemented CPANEL-47921: Added a new tweak setting to control web server log archive retention and a script to perform automated cleanup.
There may also be intermittent email issues, potentially due to the newly forced update to CSF (firewall).
ConfigServer Security & Firewall (CSF) 16.08-1:
"As of August 31, 2025, the developers of CSF (Way to the Web Limited) no longer maintain or support it. They have released CSF under the GPLv3 license.
On supported cPanel & WHM versions, WebPros International, LLC maintains its own version of CSF for security and stability updates only. WebPros do not provide help with CSF configuration or troubleshooting."
Engineers will continue investigating, with most focus on the email component which has just been raised.