Page tree
Skip to end of metadata
Go to start of metadata

For cPanel & WHM version 68


When cPanel & WHM installs, cPanel-provided scripts become available in your server’s /usr/local/cpanel/scripts directory. To run a script, enter its location on the command line. For example, to run the update script, run the following command:



  • When you run a script, you must use the script's full file path even if you run the script in the /usr/local/cpanel/scripts directory.
  • Do not use scripts in the /usr/local/cpanel/scripts directory that we do not list in this document. You may damage your server if you run those unlisted scripts.


addpopAdds a POP account.

Creates metadata files for all backup types.

For more information, read our The backups_create_metadata script documentation.


This script locates a user's files in compressed, uncompressed, or incremental backups. The script returns all files in the backups in Comma Separated Value (CSV) format.


The format varies based on the backup type—incremental, compressed, or uncompressed.

For more information, read our The backups_list_user_files Script documentation.

build_maxemails_configSets limits on the amount of email that users can send from domains on your server. For more information about this script's limits, read our Mail Limiting Features documentation.

Checks user accounts for ~/.my.cnf files that do not work, and disable them. This script only returns output when it detects a bad .my.cnf file.


For more information, run the following command:

/usr/local/cpanel/scripts/check_users_my_cnf --help

Installs or updates a cPanel-signed hostname certificate. For more information, read our The checkallsslcerts Script documentation.


This script resides in the /usr/local/cpanel/bin directory.

chkmydnsPerforms a simple configuration check of MyDNS.

Removes various session files for the following applications:

  • phpMyAdmin
  • phpPgAdmin
  • Horde
  • Roundcube
  • SquirrelMail

Removes the following expired files:

  • cPanel Password Reset session and flood protect files.
  • cPanel Subaccount Invitation session and flood protect files.


For more information, run the following command:

/usr/local/cpanel/scripts/cleansessions --help


Removes any temporary wheel group users that are no longer necessary for cPanel Support's access to the server.


WHM's Grant cPanel Support Access ( WHM >> Home >> Support >> Grant cPanel Support Access ) and Create Support Ticket ( WHM >> Home >> Support >> Create Support Ticket ) interfaces can create temporary wheel users to allow cPanel Support access to your server.


Compares the contents of two CDB files. Specify the two CDB files that you wish to compare after the script.


For example, run the following command, where file1 and file2 represent the two files that you wish to compare:

/usr/local/cpanel/scripts/comparecdb file1 file2

Sets up your IPv6 firewall. Any user with root privileges can run this script. Run this script if either of the following statements are true:

  • You do not manage your IPv6 firewall rules with any other tools or utilities.
  • You cannot connect to your IPv6 addresses or IPv6-enabled websites on port 80.


  • The rules that this script creates remain active even if you reboot the server.
  • Due to the way in which CentOS 7, CloudLinux™ 7, and Red Hat® Enterprise Linux (RHEL) 7 manage firewalls, we do not recommend that you use this script if your server uses one of those operating systems. 

This script performs the following actions:

  • Opens port 22 for SSH.
  • Opens port 53 for DNS.
  • Opens port 80 for HTTP.
Converts a WHM user's access hash to an API token. For more information, read our The convert_accesshash_to_token Script documentation.




Converts mailboxes from mdbox format to maildir format. For more information, read our The Mailbox Format Conversion Scripts documentation.

Converts the Roundcube database from MySQL® to SQLite.


You may need to convert individual accounts, even after the database conversion. To convert individual cPanel accounts that use Roundcube to SQLite, add the username as the parameter:

/usr/local/cpanel/scripts/convert_roundcube_mysql2sqlite user
copy-etc-filesCreates customized copies of your /etc/bashrc, /etc/issue, and /etc/ files in the /etc directory.
cpbackupBacks up all accounts.
delpopRemoves a POP account.

Runs nightly and deletes messages from trash folders that are older than the Trash Expire Time value in WHM's Mailserver Configuration interface (WHM >> Home >> Service Configuration >> Mailserver Configuration). To activate this script, select the Auto Expunge Trash checkbox.

It also cleans out invalid usernames from the database tables.


Displays the contents of a CDB file. Specify the CDB file that you wish to view.


For example, run the following command, where file represents the file that you wish to view:

/usr/local/cpanel/scripts/dumpcdb file
easyapacheUpgrades and reinstalls Apache.

Purges files from .trash folders in user home directories that are older than the Age of content to purge from users' File Manager Trash setting in the System section of the WHM's Tweak Settings interface (WHM >> Home >> Server Configuration >> Tweak Settings).


  • This script runs as a part of the nightly maintenance script.
  • This script exists in the /usr/local/cpanel/bin/ directory.

Enables SPF and DKIM for every cPanel user on the server, and then creates SPF and DKIM records for all of these users' domains. For more information, read our Enable DKIM SPF Globally documentation.


Adjusts the permissions on cPAddon-specific files that contain sensitive information. This scripts only adjusts cPAddons that support the tighter security model that we introduced in cPanel & WHM version 64.


Certain cPAddons possess security-sensitive files, such as files that contain passwords in clear text. cPAddons that exist on the servers that do not use the mpm-itk , mod_ruid2 , or mod_suphp modules require additional file permission adjustments to prevent security issues between users. For security reasons, we do not recommend that you install any cPAddons on shared hosting servers without one of these modules.

eximstats_spam_checkScans the eximstats database and counts the number of emails that every domain on the server has sent in the previous hour. If a domain has exceeded a preconfigured threshold of 500 unique outbound messages (excluding mailing lists), the system will log an alert.
exportmydnsdbExports zones from MyDNS for use with BIND and NSD.
fixmailinglistpermsRepairs permissions for all mailing list files and directories.
gather-update-logsSends update logs to cPanel, Inc. for analysis.
hookExecutes any hooks that the system would normally call in the specified context.
importmydnsdbImports zone information from BIND and NSD into MyDNS.
Enables Internet Message Access Protocol (IMAP) Full-Text Search (FTS) Indexing (powered by Solr), which provides fast search capabilities for IMAP mailboxes. For more information, read our The install_dovecot_fts Script documentation.

Installs a cPanel plugin. For more information, read the  Guide to cPanel Plugins  documentation.


Due to the permissions that the /usr/local/cpanel/scripts/install_plugin script requires in order to access the necessary files, only the root user can run this script successfully.

installpostgresInstalls PostgreSQL®.

Installs Ruby.


We deprecated this script in cPanel & WHM version 66. 


Checks how long a script's current PID has run, and can notify a WHM user or kill the process. For more information, read our The is_script_stuck Script documentation.


This script resides in the /usr/local/cpanel/bin directory.


Performs system updates, and terminates the processes that you specify in WHM's WHM Scripts interface (WHM >> Home >> System Health >> Background Process Killer).


This script runs as a part of the /usr/local/cpanel/scripts/upcp script.

manage_greylistingManages the cPanel Greylisting service. For more information, read WHM Scripts documentation.

Converts legacy cPAddon WordPress® installations to the RPM-based WordPress cPAddon.


The RPM-based WordPress cPAddon version 1.1.2 installs this script.

modsec_vendorLists, adds, removes, or updates ModSecurity™ vendors.

Updates the theme for specific accounts on the server.


For more information, read The modify_accounts Script  documentation or run the following command: 

/usr/local/cpanel/scripts/modify_accounts --help

Updates the theme for specific packages located on the server.


For more information, read The modify_packages Script documentation or run the following command: 

/usr/local/cpanel/scripts/modify_packages --help

Runs any scripts found in the /var/cpanel/on_boot  or  /usr/local/cpanel/bin/on_boot  directories when the server boots.


Any scripts that you add to the /var/cpanel/on_boot and /usr/local/cpanel/libexec/on_boot will automatically run on all system reboots.

For more information, read our The onboot_handler Script documentation.
php_fpm_configInstalls configuration files when you manually edit the PHP-FPM configuration files.
phpextensionmgrManages PHP extensions.
pkgacctHandles cPanel packages. For more information, read our The pkgacct Script documentation.
process_site_templatesProcesses template files and user-provided data to create a Site Publisher website.
purge_modsec_logRemoves stale records from the modsec database.

Automates the installation of CPAN modules.

rebuild_dbmapRebuilds a user's corrupted database map.

Manages your server's default PHP version and PHP handlers in EasyApache 4. For more information, read our The rebuild_phpconf Script documentation.


This script exists in the /usr/local/cpanel/bin/ directory.

rebuild_available_rpm_addons_cacheRebuilds the available RPM-based cPAddons cache in the /var/cpanel/available_rpm_addons.cache file.
rebuild_whm_chromeRebuilds the PHP cache of the WHM interface's chrome.
removeacctRemoves a cPanel account.

Restarts a service. For more information, read our How to Restart Services documentation.

We currently provide restart scripts for the following services (replace the asterisk (*) in restartsrv_* with the desired item below):


Restarts the Apache web server.


Restarts the BIND nameserver software.


Restarts cPanel’s TailWatch log processing service.


Restarts the ClamAV antivirus software.


Restarts the cpanellogd daemon.


Restarts cPanel’s WebDAV server.


Restarts cPHulk.


Binds or rebinds the server's IPv6 addresses. Run this script with the --list flag to list all of the server's bound IPv6 addresses.


Restarts the cpsrvd daemon.


Restarts the crond daemon.


Restarts the dnsadmin daemon.


Restarts the Dovecot mail server.


Restarts the Exim mail exchanger.


Restarts the Exim mail statistics tracker.

ftpd or ftpserver

Restarts the configured FTP service (ProFTPd or Pure-FTPd).


Restarts the Apache web server.


Restarts the IMAP server (Dovecot).


Restarts the super-server daemon that manages Internet services.


Restarts the IP address aliasing software.


Restarts Mailman.


Restarts the MyDNS server.


Restarts the MySQL database server.


Restarts the BIND nameserver software.


Restarts the NSD nameserver daemon.


Restarts the passive OS fingerprinting service.

postgres or postgresql

Restarts the PostgreSQL database service.


Restarts the ProFTPd server daemon.


Restarts the Pure-FTPd server daemon.


Restarts the queueprocd daemon.


Restarts the open-source log forwarder daemon.


Restarts the Apache SpamAssassin™ daemon.


Restarts the Secure shell daemon.


Restarts the Log forwarder daemon.


Restarts cPanel’s TailWatch log processing service.


Restarts the Apache Tomcat service.


EasyApache 3 does not support Tomcat for new installations. EasyApache 4 does not support Tomcat and we do not plan to provide support in the future. 


Restarts the open-source super-server daemon.

restorepkgRestores a package. For more information, read our The restorepkg Script documentation.
rpmupUpdates system software for all users.
runstatsonceUpdates statistics for all users.
runweblogsUpdates statistics for a user.
securemysqlSecures a cPanel account's MySQL® configuration. For more information, read our The securemysql Script documentation.

Adjusts the memory_limit directive for all versions of PHP installed in the /opt/cpanel/ directory based on the server's available memory. For more information, read WHM's MultiPHP INI Editor documentation. 


  • This script only applies to systems that run EasyApache 4.
  • You must use the --run flag.

Configures a server's Secure Socket Layer (SSL) and Transport Layer Security (TLS) cipher suites and protocols:

  • Web Disk (cpdavd).
  • The cPanel server (cpsrvd).
  • The Dovecot mail server (dovecot).

For more information, read our The set-tls-settings Script documentation.


This script resides in the /usr/local/cpanel/bin directory.

setupftpserverAllows you to switch between FTP servers.
setup_greylist_dbCreates the greylist SQLite database and allows you to add common email services to the trusted hosts list.
setup_modsec_dbCreates the modsec MySQL database and user.

Allows you to switch between mail servers.


We removed the Courier mail server in cPanel & WHM version 54. cPanel & WHM only ships with the Dovecot mail server.

setupnameserverAllows you to switch between DNS servers.
slurp_exim_mainlogImports exim mainlog data into the eximstats database.
suspendacctSuspends an account.
try-laterExecutes a user-defined check command at a specified interval. If the check command returns an error, it retries as often as the max-retries parameter allows. When the check succeeds, a user-defined action command runs. You can use this script with the following options:


Allows you to specify a delay (in an interval other than minutes) after which to run the check and action commands. If you set this option, then the try-later command will pass directly to the at command. To learn more about the at command, visit its man page.


Runs when the check command succeeds.


Runs the action command when retries are exhausted.


Determines whether the action command will run.


Allows you to specify a delay (in minutes) after which to run the check and action commands. This value defaults to 5. If you set this option, then it overrides the --at option.


Displays a brief help message.


Allows you to specify the maximum number of retry attempts before you run the action command. This value defaults to unlimited.


Skips the initial check command.
uninstall_pluginUninstalls a cPanel plugin. For more information, read our Uninstall Plugins documentation.

Restores a service account to an unlinked state.


For more information, run the following command:

/scripts/unlink_service_account --help

unsuspendacctUnsuspends an account.
*upUpdates a service. We currently provide several scripts that use this format to update a service.


Updates the cPAddons scripts.


Updates the current version of PHP.


Updates the suPHP tool to handle PHP requests.
Updates cPanel & WHM.
upcp-runningSpecifies whether a upcp command runs. This information displays in text output and the script's exit value. By default, a zero exit value signals that the target upcp command currently runs.


Displays a brief help message.


Exits with a non-zero error value (1) if the target upcp command currently runs.

Verifies and upgrades the Subaccount database table schemas for each cPanel account.


For more information, run the following command:

/usr/local/cpanel/scripts/upgrade_subaccount_databases --help
wwwacctAdds a cPanel account. For more information, read our The wwwacct Script documentation

Additional documentation