Web Application-Specific Firewall Released

To maximize Web Application Firewall effectiveness (cover as many attacks as possible), yet minimize “false-positives” for them, our WAF is been automated to be more accurate.

This web application firewall auto-configurator generates a set of rules on a per-domain basis, taking into consideration the content management system (WordPress, Joomla, etc)), that you install on the website.  

It works in the background scanning domains for the installed CMS each day.

And once it is done, it completely rebuilds the configuration based on the detected software. 

The main benefits of this feature is a complete reduce in false-positive hits caused by rules designed for applications that aren’t installed on the web site.


For now, this feature is limited to customers in Portland, Oregon using the hostname: west.cpanel.


You Can Now Use Old PHP Version For Your Website

When a new account is provisioned on our system, it defaults to the latest upstream supported version.

At the time of this publication, the latest is PHP7.3.

Latest PHP versions are optimized:

- to speed up your website twice as fast than before,
- make the maintenance of large pieces of code by multiple developers significantly easier
- and give you the ability to write more robust applications by detecting early programming mistakes caused by passing values of the wrong types to and from functions.

But we know that each customer is uniquely different.

And each has different set of business needs that he or she is trying to solve.

One of the issues that 18% of our customer base (often developers) runs into is how to keep applications running old unsupported PHP online while they work behind the doors to upgrade their code.

To help with this challenge, we do offer multiple versions of PHP that a customer can select from.

When hosting your website or application with us, you can select and switch between PHP 4.4, 5.1, 5.2, 5.3, 5.4, 5.5, 5.6, and 7.0, 7.1, 7.2, 7.3 and whatever version that comes after these.

This unique needs also extends to the kind of extension that the customers wishes to use to optimize his or her web application.

That is why we also provide over 120 different PHP extensions that you can select from, giving you even greater control on what how to use PHP.

Our systems also ensure that each of these PHP version is updated fast to make the websites secure and your website visitors, happier.

Please note that the hosting packages that will enable you to run these upstream-unsupported PHP versions are uniquely different from our normal hosting packages.

If you are a new customer and wish to start off with these, all you have to do is to visit https://dashboard.webhostingmagic.com/cart.php?a=add&pid=6

The hosting plan gives you everything you need to host old PHP versions securely and highly scalable.

If you are an existing customer with a website that need to run old PHP, you can easily add this package to the new account.

We are always looking for ways to serve you better.

So please do let us know if there is a feature that you would want see by visiting https://webhostingmagic.com/feature-request.html

We Have Rolled Out New cPanel Features With 80

Web Hosting Magic has rolled these out to our cPanel customers exciting new features and improvements that came with cPanel version 80.

One-Click HTTPS Redirection of Websites

The importance of having an SSL for services and websites on your server cannot be understated.

It is for this reason why when you create a new website with Web Hosting Magic or migrate your websites to our system, we install an SSL to that website automatically.

However, there are times when resources on such website may not have been configured to serve via HTTPS.

As "how do I redirect traffic to the secure or HTTPS version of the URL" has been one of the most common support requests we get from our cPanel end-users is, we have added a new feature to make that redirection even easier.

Our server upgrades to cPanel version 80 brings a Force HTTPS Redirect toggle to cPanel's Domains interface at cPanel >> Home >> Domains >> Domains.

In the Domains interface in cPanel (Home >> Domains), there’s an option to enable Force HTTPS Redirection from the insecure version (HTTP) to the secure version (HTTPS) with a toggle switch.

When enabled, it automatically redirects website visitors who attempt to access the insecure version of a website (HTTP) to the secure version (HTTPS).

This information is stored in the account’s userdata files (/var/cpanel/userdata), and the redirection is built into the domain’s vhost configuration.

No more messing around with your .htaccess or deal with the risk that comes with editing the file manually or use WordPress plugins to redirect resources to HTTPS.

Please note that you can only enable redirection on main domains that also possess a valid SSL certificate.

Aliases (aka Parked Domains) will inherit their redirection status from their parent domain.

cPanel API Tokens

We added the Manage API Tokens interface to cPanel allowing cPanel users to issue API tokens.

Hosting resellers and third-party developers can now use these tokens to authenticate as the cPanel user and issue API calls.

You can find this cPanel >> Home >> Security >> Manage API Tokens.

SpamBox for new cPanel accounts

We are added a feature that simplifies the process of preventing spam in users' inboxes.

Each new account created now will have this created by default.

This makes the process of keeping spam out of your users' inboxes much easier.

Plus addressing mailbox creation

Our cPanel users can disable automatic mailbox creation for plus addressing in the Email Accounts interface found at cPanel >> Home >> Email >> Email Accounts.

The server still delivers plus address messages to the proper mailbox. The Automatically Create Folders setting only affects mailbox creation.

Webmail Roundcube Calendar

Webmail Roundcube interface found at Webmail >> Home >> Roundcube now ships with an internal calendar.

Roundcube's database stores the internal calendar's data.

As our cPanel customers, you can also add a CalDAV calendar to your Roundcube account.

Improved password strength check algorithm

Password strength check algorithm has now been improved to return lower scores for passwords with common dictionary words.

Using words found in the dictionary as password is really a very bad idea as it is often the first place that password crackers starts.

This feature allows you to define minimum strengths for passwords for all of cPanel & WHM's features that require password authentication.

The system rates password strength on a scale of 0 to 100, where 100 represents a very strong password.