cPanel / WHM
The cPanel integration discovers all domains, WordPress installs, databases, and email accounts across your hosting accounts.
What we discover
- All cPanel accounts and their domains
- WordPress installations (detected via
wp-config.php) - WordPress plugin and theme inventory (for security scanning)
- SSL certificate status per domain
- Disk and bandwidth quotas
Creating an API token
Log in to WHM
Go to https://yourserver.com:2087 and log in as root or a reseller account.
Navigate to API Tokens
Go to Home → Development → Manage API Tokens.
Create a new token
Click + Generate Token, enter a name (securecheap-readonly), and click Generate.
Copy the token — it's only shown once.
Required WHM privileges
If you're using a reseller account (not root), ensure these ACLs are granted:
| ACL | Purpose |
|---|---|
list-accts | Enumerate all cPanel accounts |
view-usage | Read disk and bandwidth data |
domainlookup | Resolve domain → account mappings |
Root WHM tokens have full access. For production environments, create a dedicated reseller account with the minimal ACLs above.
Connecting in SecureCheap
- Go to Integrations → + Add → cPanel / WHM
- Enter:
- Server hostname: e.g.
server1.yourhost.com - WHM port:
2087(default) or your custom port - API token: the token from the step above
- Server hostname: e.g.
- Click Connect
After connecting
- All domains appear in Resources → Domains with their hosting account owner
- WordPress installs are listed in WordPress section of the dashboard
- Uptime monitors are automatically created for all active domains (can be disabled)
- Weekly WordPress security scans are scheduled automatically