cPanel & WHM Version 92 has been released, and brings a slew of great updates. Take a look at what is included, and then upgrade today!

Update cURL for EasyApache 4 and CentOS or CloudLinux 6.8

Fernando Arbulu Perrella shared this idea 4 years ago
Completed

This is a pressing matter, as new and old servers are migrating to the new EasyApache 4, if they are going to use SSL certificates, when using HTTPS:// cURL simple won't work!


The current cURL version is 7.19.7 for CloudLinux 6.8, and cURL lastest version https://curl.haxx.se is 7.50.1


The old EasyApache 3 had curlSSL which worked fine, so it's a really big problem!


Thanks in advance!

Best Answer
photo

We are planning to release cURL 7.53.1 to all EA4 systems on Tuesday, March 21. Please let us know how it's working for you!

Recap of the directions for any new folks:

In order to test this you need to be comfortable making manual edits on the command line.

1) Make a backup of your EA4 repo file:


  1. cp /etc/yum.repos.d/EA4.repo /etc/yum.repos.d/EA4.repo.bak

2) Edit the original (/etc/yum.repos.d/EA4.repo) file with your favorite command line editor, comment out the line that says "mirrorlist" and add in the appropriate baseurl line from below, depending on your operating system.


  1. CentOS 6 - 32bit: baseurl=http://ea4testing.cpanel.net/CentOS/6/EA4/i686/
  2. CentOS 6 - 64bit: baseurl=http://ea4testing.cpanel.net/CentOS/6/EA4/x86_64/
  3. CentOS 7 - 64bit: baseurl=http://ea4testing.cpanel.net/CentOS/7/EA4/x86_64/

3) Run a 'yum update'. If you already have one of our php-curl packages installed, it'll automatically update to the new one. If you don't you will need to install it it.

Your repo file will look something like this once you're done:


  1. root@cpanel [/etc/yum.repos.d]# cat /etc/yum.repos.d/EA4.repo
  2. [EA4]
  3. name=EA4 ( EasyApache 4 )
  4. baseurl=http://ea4testing.cpanel.net/CentOS/6/EA4/x86_64/
  5. #mirrorlist=http://httpupdate.cpanel.net/ea4-c$releasever-$basearch-mirrorlist
  6. gpgcheck=1
  7. gpgkey=https://securedownloads.cpanel.net/cPanelPublicRPMKey.asc
  8. enabled=1

* We need your feedback on if/how this works, and if it causes you any problems.

Please give it a look and let us know how it goes!

Comments (32)

photo
2

I agree. I just had the Yoast SEO wordpress plugin indicate to me on their license page that I was running an outdated cURL Version 7.19.7, which apparently was released on November 4th, 2009... really? Is there a good reason that such a very old version is being used? 7.48.0 os the latest from March of this year.


cURL changelog - https://curl.haxx.se/changes.html

photo
2

The main issue is that Centos 6's version has bugs with sni etc so PHP scripts need a more recent version than the on esupported by cPanel. Would it be possible for cPanel to somehow add Centos 7's curl version and package php to use it insteald of the default system one ?


We've already had to move some users from A Cloudlinux 6 server to a new Cloudlinux 7 one because of this.

photo
2

Yoast SEO and IPS 4.0 both report that cURL is out of date. IPS 4.0 is looking for at least version 7.36.

The server these both are running on is CloudLinux 6.8 and WHM 56.0 with EasyApache 4

photo
2

PayPal from now requires at least version minimum 7.43, this is starting to be really big progblem, any update on this ?

photo
1

Just update, this is revised, and not required for PayPal API etc., only TLS 1,2 and HTTP 1.1


But still it would be great to update this considering how old is.

photo
2

Good news for PayPal. When we worked with their API last year it would only work with CentOS 7's version. Other scripts like OwnCloud still require a curl version compatible with SNI which redhat 6's version isn't.

photo
2

My web site is also giving error on that, saying 7.19.7 is old. Why on earth weould you ship an outdated version of a software ? And it has tons of security problems: https://curl.haxx.se/docs/vuln-7.19.7.html


This needs to be updated soon!

photo
1

That's very odd, because EA currently ships with 7.38.0. If you have 7.19.7 installed then you might want to contact your webhost to see what would cause that. If you have root access you can run this command to check the current version on your server.


  1. /opt/curlssl/bin/curl --version

photo
1

They're talking about the one located here which is 7.19.7 under Centos 6.8



  1. /usr/bin/curl --version

photo
1

So, I guess the questions is, if there's a more recent one available, how come the php extension is using the older one and can that be changed?

photo
1

Yes. We are on CentOS 6.8 and it has 7.19.7. I will talk to my hosting provider.

photo
2

Oh, and let's not skip over that 7.38.0 is 2 years old and 14 releases behind as well.

photo
3

For sure! I've brought this up to the team that handles EasyApache and am hoping that we'll see some motion soon.

photo
1

I second this.

Although, not sure if these versions are tied by design to what every vendor bundled with their OS versions.

photo
1

Yes please am have the same issue with EasyApache 4 and IPS form software since I also have curl 7.38.0 installed but it has to how easy apache 4 handles it with php.

photo
1

Yea, I'm showing cURL as being version 7.19.7 for PHP 5.6 on EasyApache4. Perhaps I have done something wrong? Is this what everyone else with EA4 and PHP 5.6 seeing?


I think a good solution would be to create an always up-to-date ea-curl RPM package that is required for ea-phpXX-php-curl. Set ea-curl to install at /opt/cpanel/curl and install a PHP cURL library based off of this.


Or is there some technical aspect that would prevent this from happening?

photo
1

Hello all


i face the same issue yesterday by upgrade from EA3 to EA4. To fixed the issue, i just reinstall libcurl and curl from Redhat Repository, so i got the latest version of curl, 7.50.1. You can find the latest version on curl official site, both of tarball or binary package

photo
1

Without recompiling, you will have tehm just sit on the server doing nothing...

photo
1

EA 4 use os repository, so curl 7.19.x will be use as default, so i think its not a bugs, EA4 used what the os version provide.

photo
1

And what about the OpenSSL version under Centos 6.8? 1.0.1e ftw? Is there any better version on CentOS 7 or in CloudLinux?

photo
1

I found out that the problem in my case was Mod ITK, it just won't work with cURL, except if you are not using SSL.


After i changed to Mod Prefork or Mod Worker, i tested with both, it worked fine.

photo
1

As a server administrator I feel like this needs to be higher on cPanel's priority list. I specifically purchased a server with a cPanel license in order to use it with Moodle, but Moodle requires a current version of cURL to work, and being forced to manually compile cURL myself on a cPanel server is counter to the reason I purchase a cPanel license.

Thank you for a fantastic product as cPanel is, but we need some latest software to run all modern web applications.

photo
1

This is one of the biggest problems with cPanel. Some software is there like for ages. Untouched. Waiting to explode like a time bomb...

photo
1

In this case I'm not sure bomb is accurate. With EA4 we're using the OS provided version of cURL, which still includes the security backports.

photo
1

if you want to get latest curl provide by os, you have to use centos 7.x. EA4 not same with EA3, you should know this first, EA3 compile package manually, EA4 use system package, so EA4 use what your os version provide. If you use centos 6, the curl version is too old, youneed to replace/reinstall from another repo, such as epel-release or others.

photo
3

Hi Everyone,


Thank you for the committed feedback you all have provided. We're going to be working on this soon. We don't have much development bandwidth right now, but once we get started on it, I'll provide an update.

photo
1

Hi,


We're starting to talk about this more and more, and I have a feeling we'll get started working on this within the next week or two. Some concerns we have are shipping the absolute latest CURL package available (7.52.1 at the time of writing this). We're going to start off by shipping CURL 7.38.0, which is the version that EA3 shipped. After a couple of weeks, if there's no major issues, we'll upgrade the CURL packages to the latest 7.52.x.


Thanks for your patience while we get this going!

photo
1

Ah good news! Thanks :)

photo
1

Any news on this?

(My WHMCS is complaining this version is out of date and has security issues)

photo
1

i also have this problem. WHMCS keep nagging me with the cURL version

photo
2

Nothing new yet! The team has *just* started work on it, but it's too early to provide an expected delivery date. As soon as we know more we'll be back to let you know!

photo
1

Yes, our system is also complaining. Thanks!

photo
1

any update on this? All live shipments (DHL, USPS...) and payments need the curlssl on php7 to work fine.

Any idea when the update will be ready?

photo
1

@Benny: Is there any ETA?

photo
1

also is there any work around meanwhile cPanel team working there ?

photo
2

No updates yet, but the team is still working on it. I can say that, unless we hit any snags or bumps we're getting quite close to done!

photo
1

thank you team! Keep up the good work!

photo
1

Back with good news! We have our first version of this ready for external testing, and we need your feedback. A few caveats:


  1. In order to test this you need to be comfortable making manual edits on the command line.
  2. The first version of the RPM we're providing brings libcurl back in line with what we were providing with EasyApache3 (7.38.0)
  3. If testing with this version goes well, and we get good feedback from users that are testing it in their environments, we want to upgrade it to the most recent version of libcurl (7.52.2) shortly thereafter.

If you're interested in giving this a look, below are your directions:

1) Make a backup of your EA4 repo file:


  1. cp /etc/yum.repos.d/EA4.repo /etc/yum.repos.d/EA4.repo.bak

2) Edit the original (/etc/yum.repos.d/EA4.repo) file with your favorite command line editor, comment out the line that says "mirrorlist" and add in the appropriate baseurl line from below, depending on your operating system.


3) Run a 'yum update'. If you already have one of our php-curl packages installed, it'll automatically update to the new one. If you don't you will need to install it it.

Your repo file will look something like this once you're done:


  1. root@cpanel [/etc/yum.repos.d]# cat /etc/yum.repos.d/EA4.repo
  2. [EA4]
  3. name=EA4 ( EasyApache 4 )
  4. baseurl=http://ea4testing.cpanel.net/CentOS/6/EA4/x86_64/
  5. #mirrorlist=http://httpupdate.cpanel.net/ea4-c$releasever-$basearch-mirrorlist
  6. gpgcheck=1
  7. gpgkey=https://securedownloads.cpanel.net/cPanelPublicRPMKey.asc
  8. enabled=1

Two things, though:

* We need your feedback on if/how this works, and if it causes you any problems. We realize that this version is not the most recent version, but we're trying to take the safest route first.

* Once we have feedback, and have a chance to react to any bugs, we'll be able to upgrade to the latest version.

Please give it a look and let us know how it goes!

photo
2

Thanks Benny,


This worked fine, there was issues with the EA3 with the versions of TLS throwing issues, upgraded this out to EA4 and made the changes above and it provisioned without issues and WHMCS finally gives the green light :)

photo
1

Thank you! That's exactly what I wanted to hear.

photo
1

do the cloudlinux also use this method?

photo
1

Do same applicable on cloudLinux ?

photo
1

No, unfortunately. CloudLinux is downstream from us, so they they'll update their RPMs once we get these into production.

photo
1

i did exactly what you said but the curl version is still: curl-7.29.0-35.el7.centos.x86_64

message after yum install curl:

Package curl-7.29.0-35.el7.centos.x86_64 already installed and latest version

photo
1

Hi,


The package we build is 'ea-libcurl', and if you install / or have installed 'ea-php##-php-curl', it'll upgrade with yum update. If it didn't, there might be an issue preventing the update.

photo
1

I am on Centos 7, php 7. Any idea what could be the problem?

photo
1

Howdy,


That's still the wrong package, you're wanting to install ea-libcurl. If you can't find that package with yum, then Yum can't find the 'ea4testing.cpanel.net' mirror =, or it's misconfigured.


If you want to hop on IRC, I can assist you with this. I'm 'Perk' on freenode, found in #cpanel.

photo
1

Thanks, Benny! Followed your instructions exactly and had no problems at all (CentOS 7). It now shows curl 7.38.0 as promised. No errors, no glitches, smooth on the first try.

Not sure if this makes a difference to anyone, but just before doing this upgrade, I first checked for updates in EA4 in WHM and installed a kernel upgrade, then did a graceful reboot before proceeding with the curl change.

photo
1

Great to hear, thanks!

photo
2

Hi,


Thanks for the great feedback! I'm going to upgrade this package to 7.53.1, as that's the latest available.


I'll update this feature request once we get it merged and tested via the team, so y'all can test this out for us.


Thanks!

photo
2

I also followed your instructions and it worked without any issues. That was really easy :)

photo
1

Hi,

We've updated ea-libcurl to 7.53.1, which brings it inline with the latest available, and pushed these repos to ea4testing. For those who have tested 7.38.0, please 'yum update' to get the updates, and let us know how it goes!

photo
1

We are planning to release cURL 7.53.1 to all EA4 systems on Tuesday, March 21. Please let us know how it's working for you!

Recap of the directions for any new folks:

In order to test this you need to be comfortable making manual edits on the command line.

1) Make a backup of your EA4 repo file:


  1. cp /etc/yum.repos.d/EA4.repo /etc/yum.repos.d/EA4.repo.bak

2) Edit the original (/etc/yum.repos.d/EA4.repo) file with your favorite command line editor, comment out the line that says "mirrorlist" and add in the appropriate baseurl line from below, depending on your operating system.


  1. CentOS 6 - 32bit: baseurl=http://ea4testing.cpanel.net/CentOS/6/EA4/i686/
  2. CentOS 6 - 64bit: baseurl=http://ea4testing.cpanel.net/CentOS/6/EA4/x86_64/
  3. CentOS 7 - 64bit: baseurl=http://ea4testing.cpanel.net/CentOS/7/EA4/x86_64/

3) Run a 'yum update'. If you already have one of our php-curl packages installed, it'll automatically update to the new one. If you don't you will need to install it it.

Your repo file will look something like this once you're done:


  1. root@cpanel [/etc/yum.repos.d]# cat /etc/yum.repos.d/EA4.repo
  2. [EA4]
  3. name=EA4 ( EasyApache 4 )
  4. baseurl=http://ea4testing.cpanel.net/CentOS/6/EA4/x86_64/
  5. #mirrorlist=http://httpupdate.cpanel.net/ea4-c$releasever-$basearch-mirrorlist
  6. gpgcheck=1
  7. gpgkey=https://securedownloads.cpanel.net/cPanelPublicRPMKey.asc
  8. enabled=1

* We need your feedback on if/how this works, and if it causes you any problems.

Please give it a look and let us know how it goes!

photo
1

Hi! Is this stable enough? How many installs have been tested?


Consider this is a serious component as most ecommerce sites depend upon it to process payments.

photo
1

Howdy Marcelo! This was the primary concern for us. It sounds like 7.38 works well enough, but that's still way behind the latest version available, and vulnerable to some CVE's. I hope that we'll have enough testing here to let us know if it's safe enough to publish to all customers.


Worst case, we publish it, it causes issues. We can revert the upgrade (put it back to 7.38) quite easily and can fix that same day if necessary.

photo
1

All right, this's a long waited update. I'll cross my fingers for this :-)

photo
2

Hello,


We are releasing libcurl 7.53.1 to the mirrors now. We will be keeping this package up to date.

Thanks!

photo
1

great,

photo
1

@CpanelJacob: this includes immeditate availability for RELEASE and STABLE branchs?

photo
1

There are no RELEASE and STABLE branches in EA4, so all EA4 systems will get this update.

photo
1

Yes, it is correct. Sorry.


Ok, so, had anybody tested this out with any WordPress site using PayPal or other gateways? Because that's the first front which may become buggy or not after this upgrade.

photo
1

Thanks for updating the latest phpcurl extension 7.53.1 to EA4. Well done.

Replies have been locked on this page!