The recent Apache 2.4.64 update caused SNI issues, resulting in 421 Misdirected Request errors on websites, particularly for sites behind proxies or WAFs (such as Cloudflare, NGINX).
The cPanel team has rolled back the offending changes in the ea-apache24 package. We applied the rollback, removed conflicting configs, and verified via logs that the issue is resolved.
All affected websites are now loading normally, and services are stable.
Posted Jul 21, 2025 - 12:17 EDT
Update
Upon further investigation and discussion with cpanel's support it appears to be that the issue is specifically with the most recent Apache update, regardless of control panel. Specifically if the site is behind a proxy or WAF (cloudflare, sucuri, nginx, etc,.).
cPanel is working on a solution and hope to have it available for update soon.
Posted Jul 18, 2025 - 10:50 EDT
Identified
We have found a temporary fix while we wait for cPanel to implement a permanent fix. Downgrading the EA apache and nginx packages has shown to resolve the 421 errors so our admins are applying this fix to affected servers.
Posted Jul 18, 2025 - 10:09 EDT
Investigating
Apache was upgraded to version 2.4.64 to address several CVEs. However, this updated version has been found to cause 421 errors when used in conjunction with EA-Nginx.
The cPanel team has advised that downgrading to Apache 2.4.63 serves as a temporary workaround for the issue. We are liaising with the cPanel team, who have opened an internal case for their development team to investigate further.