All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Are some hosting companies using "fake" Cpanel licenses?
Hi everyone!
I was searching for a cPanel license for one of my VPSs, but we all know that it has a large cost depending on the number of accounts and so on. The thing is, I just did a Google search for "Cpanel licenses," sometimes including the words "cheap" or "free," and I was concerned by the results. Some of the pages I could find with a not very professional design are selling even WHCMS licenses for a very cheap price, the same as cPanel licenses.
Also, I have noticed that some of the solutions they offered are not "self-hosted," mostly for WHCMS, which also claim my attention. Just in case someone is searching for licenses, I think some of them are not even legal. Better not to buy it
Now my question is: in the case of for example buying cheap shared hosting with cPanel, how can we ensure that it is legit cPanel software?
Comments
https://verify.cpanel.net/app/verify?
I found that, but actually, you do not know the server IP until you buy the hosting package.
What you could do is use a subdomain finder if you know the domain the server is linked to and then check the IP on the licencing system?
Whereas cheaper cPanel hosting does still exist there are some dodgier companies that will cut costs this way, maybe try checking the reviews too?
@Sapcedor :
you are right
for multi ip servers, you may mostly not be able to verify the license at the panel providers site
but with those cheap/shared/cracked licenses, they always have many back door entries to the server
so basically your server is in a compromised state and at mercy of the shared/cheap/cracked license provider
moreover any host/hosting-provider, who would keep reputation and data at priority, will never risk his/her data along with the customers data in mercy of or at hands of any 3rd party/intruder
so the net result is, it all looks cool and fancy and money saving, but none use it
also with more than a handful providers providing directadmin for free, why would any one risk data and reputation by doing any shaddy practise
and the same for cracked whmcs and free blesta and clientexec from so many vps providers
A lot of these old license selling websites appear to have been abandoned before the big cPanel and WHMCS license changed. Most of them might not even deliver a product if you purchase, they may just be barely surviving in a state of broken automation. Like there's no way this is anything but a scam or an abandoned website: https://licenses.center/cheap-cpanel-license/
It’s pirated. It’s still very much possible to “null” cpanel licenses.
Francisco
Indeed those are pirated. I'm willing to bet the flat that they list as the address at the bottom of the page has literally nothing to do with the operation. Or at least there's enough plausible deniability that they can keep the heat away while still passing on "interesting" letters to the real brains.
Yeah, concerning how this is affecting the clients, who does not know that they are using shared hosting under a nulled cpanel?
Truthfully most shared users are borderline tech illiterate, so they don't know what to look for.
cPanel operates the same, it isn't like features are missing or things like that.
Francisco
Looking at the complexity of the "how not to get scammed" "tips" from the various holiday scam avoidance webinars that hit my inbox this time of year... Most people would never bother to care.
Like seriously, one this week was "If you get an urgent bank notice from a bank that isn't your bank, ignore it. Definitely do not click whatever link is in it. And if you must for some reason, most certainly don't try to log in. You don't bank there after all!" -.-
It's a shame to see that cPanel can't check whether the IP on cpanel.lisc if it corresponds to the server's public ip address.
Accidentally got hands in to the source code of those so called licensing systems. It's basically issuing trial licenses on multiple proxies and using them on the machine.
there are not fake cpanel licenses as such, but yes as fatgrizzly said, one can tamper the source code of it and use it.
If not fake, then what are they?
A hacked (modified) version of the cPanel software where the license checks have been removed? No doubt it is being run by a "DMCA-ignored" hosting provider.
It modifies it client side, uses sed to edit a few binaries. to prevent provider takedown notices, they setup a real DNSONLY license(free)
I reached out to cPanel's Sec team with full dumps of the licensing source code, Never got a reply nor the method was patched.
These are nulled licenses, shouldn't be used, at all. It's using some sort of proxy for updates, hence why these are still working, it's a very advanced way to do it.
Though, never trust these licenses.
You work at Cloudlinux right? Just read the code of their so called Cloudlinux's licensing system and it seems fairly easy. I am not willing to try that on my system. Can I email you or somewhere to chat on to explain you this?
Would really be helpful for the entire hosters community if you can patch this up.
Hey!
Yes I do, I've PM'ed you my email, thank you in advance!
@Sapcedor
Try out https://verify.cpanel.net/app/verify
Sent you an email! Hoping for a good response from the Cloudlinux team. I can also give you a helping hand in Imunify360 and Kernelcare if you can direct me to the right person!
Heads up anyone offering these softwares. You can PM me with your email in your business domain and I would be happy to help.
But for a few software (not gonna mention which ones), I am sorry your software is so shit that it's able to issue trial licenses on same ip over and over.
Being handled - thank you so much!
If the method gets patched, I'm already expecting a bunch iranians throwing hate and mailbombing me
you are correct its Iranians behind it.
Due to OFAC. Saw a Iranian dude asking for help in cPanel. All of his licenses were pirated. And Turkish guy hitting me up to buy cracked license on Whatsapp and showing free DNSOnly as proof.
How do you propose to stop the proxy? What about things like yumdownloader? And license check can easily be removed, same as callback.
They don't really use a legit license to proxy stuff, for Cloudlinux it was a simple fix which I've proposed. I can't mention it out yet.
Don't ban me cause I am not here for selling purposes. But grizzly you proposed very old method(v6) which almost every provider dropped including me, yes if you can patch it with help of them then only some small providers will collapse. Imunify360 like software needs nothing to patch and no need proxy for lifetime activation. Even cloudlinux also can be cracked very easily even without a proxy.
these files are very old v6 files most of them are already patched or stop working like Cpanel locked to 30 accounts and others as well so big providers no longer use this method so I don't think it's worth wasting time patching these things.
Licensing mechanisms are hard to develop and harder to maintain. Better is to go to the court in case of serious piracy. Those "dmca free" nullers are cocroaches not worth the time for mega corp like cpanel.