The cPanel Admin – We know stuff about cPanel.

How to Fix CSF/LFD “Excessive Resource Usage” Floods for PHP-FPM and dbus on AlmaLinux 9

nessa • March 5, 2026

If you have recently migrated to AlmaLinux 9 (or any RHEL 9 derivative) and run ConfigServer Security & Firewall (CSF) with Login Failure Daemon (LFD), you have probably noticed your inbox filling up with alerts like these: Time: Wed Feb 19 03:14:22 2025 Account: root Resource: Virtual Memory Size Exceeded: 384 > 256 (MB) Executable: […]

How to Fix CSF/LFD “Excessive Resource Usage” Floods for PHP-FPM and dbus on AlmaLinux 9 Read Post »

Security

Why AutoSSL Fails Under Cloudflare Proxy

nessa • March 2, 2026

If you manage domains behind Cloudflare’s proxy and run cPanel with AutoSSL, there’s a good chance you’ve woken up to an email like this: AutoSSL did not renew the certificate for “example.com”. You must take action to keep this site secure. DNS DCV: No local authority: “example.com”; HTTP DCV: “cPanel (powered by Sectigo)” forbids DCV

Why AutoSSL Fails Under Cloudflare Proxy Read Post »

MySQL

MariaDB Sandbox Mode Is Silently Breaking Your Database Migrations

nessa • February 28, 2026

If you have recently tried to migrate a cPanel server and watched every single database import fail with ERROR at line 1: Unknown command ‘\-‘, you are not alone. This error has been quietly biting sysadmins for the better part of a year, and cPanel still has not published a word about it. Here is

MariaDB Sandbox Mode Is Silently Breaking Your Database Migrations Read Post »

Uncategorized

Maildir to mdbox Conversion Silently Drops Emails for Date Ranges

nessa • February 27, 2026

If you have ever run a cPanel migration or triggered a mailbox format conversion in WHM and found that users are missing emails from specific date ranges, you are not alone. This is one of those issues that does not announce itself with a clear error. It simply leaves gaps in the mailbox, and unless

Maildir to mdbox Conversion Silently Drops Emails for Date Ranges Read Post »

PHP, Scripts

Bulk PHP-FPM Pool Tuner for Existing Accounts

nessa • February 26, 2026

WHM only applies PHP-FPM settings to new accounts, and as we know, the cPanel defaults may not be appropriate for higher-traffic sites. This script updates all existing accounts. #!/bin/bash # bulk-phpfpm-tuner.sh # Updates PHP-FPM pool settings for all accounts based on server RAM TOTAL_RAM_MB=$(free -m | awk ‘/^Mem:/{print $2}’) RESERVED_MB=2048 # Reserve for OS/MySQL ACCOUNTS=$(whmapi1

Bulk PHP-FPM Pool Tuner for Existing Accounts Read Post »

Fixes, Howto, PHP

PHP-FPM pm.max_children Reached on cPanel Servers

nessa • February 26, 2026

See Also: Bulk PHP-FPM Pool Tuner for Existing Accounts If you manage cPanel servers, you have almost certainly encountered this log entry at some point: [pool username] WARNING: server reached pm.max_children setting (5), consider raising it It looks simple enough. PHP-FPM is telling you it ran out of worker processes to handle incoming requests. But

PHP-FPM pm.max_children Reached on cPanel Servers Read Post »

Fixes, Scripts, Troubleshooting

The cPanel/WHM Autofixer

nessa • February 26, 2026

Cpanel 11.24 comes with an Autofixer that allows you to fix common problems that may prevent access to certain parts of your system.

The cPanel/WHM Autofixer Read Post »

Apache, Howto, Linux, Networking, Security

PCI DSS Compliance Cookbook for cPanel Servers

nessa • February 26, 2026

If you’re running cPanel servers that process, store, or transmit credit card data, or even connect to systems that do, PCI DSS compliance isn’t optional. It’s a requirement that carries real financial and legal teeth. With PCI DSS v4.0.1 now fully enforced (the March 31, 2025 deadline for all “best practice” requirements has passed), every

PCI DSS Compliance Cookbook for cPanel Servers Read Post »

Apps, Howto, Linux, Security

CSF Post-Shutdown Survival Guide: Migration & Configuration

nessa • February 11, 2026

For over a decade, ConfigServer Security & Firewall (CSF) was the undisputed firewall solution for cPanel/WHM servers. If you ran a shared hosting environment, a reseller setup, or even a standalone VPS with cPanel, CSF was almost certainly part of your security stack. Its WHM integration, Login Failure Daemon (LFD), and straightforward configuration made

CSF Post-Shutdown Survival Guide: Migration & Configuration Read Post »