Search For Answers
What is WHM?
Last updated: March 28, 2011
WebHost Manager (WHM) is a browser based tool used by system administrators and resellers to manage services and aspects of the server that would usually require command line interaction. It is also used to create and manage hosting accounts on a web server. WHM listens on ports 2086 and 2087 (secure) by default.
Usually WHM is access using the root account but WHM is also accessible to users with reseller privileges. Reseller users of WHM have a smaller set of features than the root user, generally defined by the server administrator. These features usually only affect the resellers customers accounts rather than the server as a whole. From WHM, the server administrator can perform maintenance operations such as compile Apache and upgrade RPMs installed on the system as well as add, suspend or terminated reseller or individual accounts.
What is cPanel?
Last updated: March 28, 2011
There are two answers to this simple question!
1) cPanel is the company that creates WHM/cPanel software
2) cPanel is a browser based interface to allow the user to control the aspects of their domain such as email and FTP accounts, view their stats and even edit code through the built in file manager. Every account made through WHM will have a cPanel interface.
How do I enable Spam Assassin in cPanel?
Last updated: March 28, 2011
Spam Assassin is an excellent way to filter out spam at the server level before it gets to your mail client.
To enable it in cPanel:
From the Mail section on the main page click on the Spam Assassin icon.
Then click on the Enable Spam Assassin button.
That's it.
Now that Spam Assassin is enabled there are two methods to getting it get rid of all that spam
1) Auto Delete
This is the default method and is what is enabled when you turn on spam assassin.
To change the threshold that Spam Assassin uses to determine what spam score is required to auto delete a message just change the number in the Filters section.
5 is the default and is pretty conservative. If you want you can set it to a higher number like 7 to allow more possible spam through and then look at the spam score listed in the header of and spam you get to see what would be a good final setting for you.
2) Disable Auto Delete and use Filters
If you want more control over how spam is managed at the server level you've got it!
First disable auto delete on the spam assassin main page. This means spam assassin is monitoring the spam coming through the server, adding it's spam score headers to the emails but not doing anything else. This is where filters come in.
Go back out to the cPanel main page by clicking the home link near the top of the page.
From the Mail section on the main page click on the Account Level Filtering icon.
Here you have lots of control over how the system deals with spam and you can set up multiple levels of filters so you can delete all spam with a score of X and then route all spam with a score of Y-Z to a separate holding email account. This lets you have a buffer zone so stuff you are sure is spam with a high rating the server deals with and emails that are in that not sure range you can still review but are not mixed in with your other email!
To get started click on the Create a New Filter button.
To set up the filter to delete spam with a rating of 7 or greater first name this new rule something like Spam Assassin delete at 7
For Rules
Change the From drop down to Spam Bar.
Change the Equals drop down to Contains.
In the field below those enter 7 plus signs like this:
+++++++
In the Actions section make sure it is set to Discard Message.
Click the Activate button.
Now all spam with a score of 7 or greater will automatically be discarded.
Next if you want to create that buffer zone discussed earlier just make a new filter to manage that.
For Rules
Change the From drop down to Spam Bar.
Change the Equals drop down to Contains.
In the field below those enter 4 plus signs like this:
++++
In the Actions section set it to Redirect to Email and enter an email account on your domain. Do not send these messages to an off server email address as doing so could get your mail server blacklists as a spam source!
Click the Activate button.
Note!: If setting up a unique email account to send these possible spam messages to do not use the word spam in the name of the mail account as it will not work. Also if you would rather filter the possible spam via your mail client rather than using a filter onthe server you can do that to. Just skip adding the second filter and then configure your mail client to filter those emails. Most mail clients have rules that lets you filter by content in the header of the email. If you look at an email that comes into your inbox after you have enabled spam assassin you can see the custom headers and set rules based on that content.
That's it!
You now have set up a domain wide spam filtering system.
How do I enable extended logging for Exim in WHM?
Last updated: March 28, 2011
To enable extended logging for Exim in WHM:
1. Login to WHM
2. Go to Service Configuration >> Exim Configuration Editor
3. Click on advanced section.
4. A blank box will be present in there.
5. Add the line âlog_selector=+allâ there or just the required options.
6. Click the save button and exim will be restarted automatically and the changes will be affected.
Installing cPanel & WHM
Last updated: May 19, 2011
Licensing
cPanel licensing is available for $10/Month or $120/Year and may be licensed upon request simply by issuing a support request through our dashboard.
Once your ip address is licensed you may execute /usr/local/cpanel/cpkeyclt from the command line to activate your license if cPanel is already installed.
Installation
DO NOT PERFORM IF YOUR VS IS SERVING CONTENT.
* cPanel requires a fresh/clean server and will overwrite your current configuration.
From the command line you will navigate to the /home directory, download the install file and execute the installation process as follows:
root@example [/]# cd /home
root@example [/home]# wget layer1.cpanel.net/latest
root@example [/home]# sh latest
Getting started - Initial setup
Webhost Manager (WHM) will now be accessible through your ip address over port :2087 and you may now proceed through the Initial Setup Wizard.
WHM Interface: https://youripaddress:2087/
Username: root
Password: [root password]
This Connection is Untrusted: This is simply because a self-signed certificate is installed by default. Should you prefer a signed certificate please open a support request through our dashboard.
Step 1 - Agreement
- Please read the license agreement. This will need to be accepted in order to proceed.
Step 2 - Setup Networking
- Server contact email address is a required field on initial setup. The rest of the contact information may be defined as desired, left empty or modified at a later date.
- Hostname should already be defined (default) and is based on the hostname of your virtual server.
- Both resolvlers [primary and secondary] should already be defined for you by default.
- Main Network/Ethernet Device (default)
Step 3 - Setup IP Addresses
- You may use default settings simply by proceeding to the next step.
Step 4 - Nameservers
- BIND should be default and may be preferred, but ulmately your choice unless you intend to manage DNS remotely then this service may be disabled.
- Custom [NS1/NS2] nameservers should already be defined based on your hostname.
- Add an 'A' entry for each nameserver and your hostname. This will typically be the same ip address of your virtual server unless you will be managing a cluster.
Step 5 - FTP Configuration
- Pure-FTPd should be default and may be preferred, but ultimately your choice unless you would like FTP services disabled.
- While courier was a more traditional and reliable choice, dovecot is now default whereas the choice is yours unless mail services are not required and may be disabled if desired. If courier is chosen it will then install by proceeding to the next step.
- Enabling convert mailbox format should be enabled by default and may be preferred.
- cPHulk is enabled by default, but may be disabled if you intend to install a more thorough firewall such as APF or CSF.
Step 6 - Quotas
- Using the file system quotas should be default.
If you are seeing trial license in the top left corner you will need to activate your cPanel license once your ip address has been licensed by executing /usr/local/cpanel/cpkeyclt from the command line.
Fine tuning cPanel & WHM
Last updated: May 19, 2011
Fine tuning cPanel & WHM
The following is based on a fairly generic cPanel environment and is only for reference. Understanding what is being enabled or disabled is avdised before making a decision.
Once logged into WebHost Manager (WHM) through https://youripaddress:2087/ as the root user (username: root); You may then relate to the following actions from the left-hand column.
Server Configuration -> Update Preferences
- cPanel/WHM Updates: STABLE Builds (Automatic)
- cPanel Package Updates: Automatic
- Operating System Package Updates: Automatic
- SpamAssasin Rules Updates: Automatic
When your prefered update settings have been chosen and saved you may then execute /scripts/upcp --force from the command line to run the update.
Upon completion return to your browser and refresh then proceed.
Server Configuration -> Tweak Settings
Refer to [?] for a detailed description of each setting.
- Mail - Initial default/catch-all forwarder destination: FAIL
- Mail - Track email origin via X-Source email headers: ON
- Mail - Max hourly emails: 250
- Mail - Prevent “nobody” from sending mail: ON
- Mail - Enable RoundCube webmail: OFF
- Stats Programs - Enable Awstats stats: ON
Security Center -> Apache mod_userdir Tweak
- Enable mod_userdir Protection
Security Center -> Password Strength Configuration
- Default Required Password Strength: 65
Security Center -> PHP open_basedir Tweak
- Enable php open_basedir Protection.
Service Configuration -> Apache Configuration -> Global Configuration
- TraceEnable: OFF
- ServerSignature: OFF
- ServerTokens: ProductOnly
- FileETag: NONE
Save and rebuild the apache configuration for changes to take affect.
Service Configuration -> Exim Configuration Editor
- RBL: zen.spamhaus.org and bl.spamcop.net: ON
Service Configuration -> FTP Server Configuration
- Allow Anonymous Logins: NO
- Allow Anonymous Uploads: NO
- Allow Logins w/Root Password: NO
Service Configuration -> Service Manager
- Services may be enabled or disabled accordingly depending on your requirements.
System Health -> Background Process Killer
- Enable: bitchx, bnc, eggdrop, generic-sniffers, ircd, psyBNC
