Modsecurity in cPanel

Another great feature in WHM/ cPanel easily neglected is the modsecurity. It is useful you have not got any web protection like Sucuri Firewall Pro. Users did not enable this feature to protect their open sourced website like WordPress, Joomla etc. This module is enabled by default but there is no rule to process. So it is as good as it is disabled.

Go to modsecurity to install vendors, I use OWSAP commonly. And remember to enable to process the rules in configuration. The rules will stop common attacks and viabilities of your website. This is important feature to those do not have ant web protection.

Transfer Tools in WHM/ cPanel

This is a very useful tool in WHM/ cPanel. But many server admin or users have neglected this. Either it is not often used or the control panel has many features and too clustered. But nevertheless, today I’m showing you these tools found in WHM/ cPanel.

transfer tool in cpanelThere are 2 transfer tools might be handy if you are moving to another host. The Restore a Full Backup/cpmove File and the transfer Tool. So both do the same job but the processes are different. You must know these tools in case one has an error. Restore a Full Backup/cpmove File is kind of semi-migration tool. You go to the website via cPanel of the source server and do a Full backup, The backup will be in certain formatted name recognised by cPanel as a restoration when it has completed. The backup file will be located in your home directory. You can either use rsync if you have the root access or use FTP to the source server. Place the backup file in the backup home directory of the destination server, and you use Restore a Full Backup/cpmove File to restore a backup file.

On a full backup, you can also use FTP 0r SCP remotely dump the backup file to the destination server also. But I found that rsync is more reliable. It is a personal preference, o it is about transfer a file from the source to a destination server.

transfer toolThe other is the transfer tool. The tool migrates the desired accounts or websites from the source server to the destination server. So the transfer tool might be suitable to an intermedia user. You need root or sudo users to access, to migrate the accounts. After you have initiated a transfer, you do not need to stare or watch them.  You can safely close your browser, and the session is still active. You can come back to review the entire transfer process later. Most are self-explanatory, I will not further elaborate.

These 2 migration tools have a high success rate. Even you are migrating a website from another control panel, which limited to the ‘Transfer Tool’. They have saved us plenty of time and effort.

CSF and WHM/ cPanel

This is commonly found in a WHM / cPanel VPS or dedicated server. Actually, CSF is effective and it is free. A lot of server admin will install them as soon as they have received it. But seriously speaking, how many users know how to tweak and optimise the performance. Honestly, very few and I always see people left them in auto-pilot mode and full stop. So what is CSF? Yes, it is a firewall and it is software based. It is installed onto the server.

There is nothing wrong to install a piece of free and useful software. Wait for a second, did I just say it was useful? In certain extent, it is a Yes. But I have seen many cases, CSF is added burden to the user.

I have seen many as I have said, they simply install and turned on the firewall. If you are doing this, you might accidentally block good users or in the worst situation, you are blocked. When such a thing has happened, may have treated the service is not available and it can be frustrating especially it has happened often. There is the case, like packet loss when you are pinging the server IP or domain name. This is because of CSF. Simply turn it off and everything is back to normal.

Don’t get me wrong, CSF is useful but you need to know how to use it. Without, it can be a hassle for you. So I never buy an idea like installing a software firewall on the server. Actually, if the attacks come, the firewall will eat up the resources on the server and eventually the server performance is affected. But a web firewall like Sucuri Firewall Pro does not install onto the server, it has offloaded the server and because of many distributed points, it helps to speed up a website if you are staying further from the source of the website.

Email Server administrators vs Users

An email server is a machine, the instructions, the rules, and the policies are implemented by a person. He or she is probably known as the server admin. The server admin manages the operation of a server includes the email service. To end users are about email, but it is not the case for a server admin. When an email is sent or receive it goes through a mechanism. This is a series of rules and policies implemented by the server admin to its email server.

There are a few types of server admin. I mean how they worked and behave, no offence to anyone. These are the peoples I have met, and spoken. I’d like you to understand everyone has their standpoints. Communication is still the key to resolve an issue.

This is what I have heard from both parties. I cannot send email, I cannot receive email, emails are missing. These are the common issues faced by end users. Thus, the server admin steps in. Server admin is not an easy role especially comes to emails. As emails involve the senders and receivers, and most times they are external bodies. So the problem can be anyone. At this point, you need an experienced server admin to narrow down or troubleshoot the issue. Firstly, he or she has to determine it is the sender or receiver’s issue. Then, he or she can drill down and pinpoint where is the issue. Because the email servers are more sophisticated than the last 5 years. Thanks to the spam emails. Most email servers have treated anti-sm as the top priority and feature in an email server. The feature like enable SPF, DKIM, RBL and the various anti-spam mechanisms. Receiving or sending an email is never like before. Before an email is delivered to the mailbox, it goes through a series of anti-spam policies, and some even you are sending an email.

Here come the problems. One day, an end user is walking to the server admin claimed that he has not been able to receive someone’s emails. Sound familiar? A good server admin would start checking on the logs if such emails were delivered. Yes, they were, but it was identified as Spam email, landed in the junk folder, unfortunately, the user has set up a POP3 email account, do not subscribe to this folder. He has missed these emails delivered to the junk folder. Another scenario, the email was bounced by the recipient’s email server. You asked why it was bounced? Then the server admin is trying to explain to you what is SPF. Of course, there are scenarios are not mentioned here. Nevertheless, you now see the differences, the server admin set up the anti-spam policies to combat spam emails but emails are not classified as spam emails by the users but they were spam email on the server.

So who is right? Apparently, no one s wrong. If the users can understand how an email is classified as spam and the remedy. Obviously, he or she does not administrate the server, but the end users should at least know how they work. If the server admin can share the details with the end users like setting up an IMAP email account, how to read email source or header. This knowledge reduces the misunderstandings, and reduce the workload on the server admin. The server admin must understand what he or she is doing, not simply left it as default or the more rule are better. Without a good understanding of how things work, might ruin other’s works.

Email servers are they different?

Today, I’m going to share a bit on the common type of email servers in the web hosting market and integrated into the web control panel. Most of us email and why should I know which type of email server is used. Aren’t they are the same. Actually, you are almost correct but how they have served and behaviour will affect the incoming and outgoing emails, and likely your mailbox too.

There are 4 common types of email servers; Exim in cPanel, Postfix in Plesk, Mailenable and Smartermail. All are free except SmarterMail if you are creating the No.11 mailbox you need to buy a license. Exim and Postfix are free and they are the popular choice in the Linux world. However, these known as MTA they are limited to SMTP, unlike Mailenable and SmarterMail, the email servers will take care of all protocols.

In fact, they all can rate limit the speed of connecting and sending emails. Exim is more flexible than Postfix, the more it is flexible, similarly, it will be more complex. To an end user, it will not make a difference unless you are administrating the mail server. These two MTA are Linux based, thus the commands are shell command line, while Mailenable and SmarterMail are Windows-based, you do not use the more complex PowerShell command, most things can be done from the server’s interface.

So far, only SmaterMail and Mailenable have their own webmail, Postfix is used by Plesk and Exim is used by cPanel, they use the free ones and opensource webmail like horde. The free webmails look boring. In your 1st glance, you are not likely to continue with webmail but maybe an Outlook or ThunderBird.

However, it is a big difference if you are using SmarterMail. The webmail is intuitive. The anti-spam and anti-virus come default can screen emails with the desired value of each RBL and many more. Even a non-technical savvy person will not take much time and set up those functions. In addition, the IDS protection is something you cannot find in any of those email servers.

I personally found the reports are useful in SmarterMail. There are usage statistic for mailboxes and domain, the type of traffic, the number of spam emails was received etc. These are especially good to pinpoint areas and downgrade or upgrade email server.

Despite that those MTA I have mentioned serve the purpose connecting people and send emails. If you drill down deeper, you can find actually email server by SmarterMail can do more and let you see better, Yes, SmarterMail is a paid software unless it is for 10 and below mailbox which is free, but I will opt or SmarterMail for the business collaboration tools, enhanced email functions and protections. In a way, it helps in email delivery, communication and administration, saved you a lot of money and time.

SmarterMail 17 is here soon

Version 17 of SmarterMail is launching a couple of weeks, but it’s beta and available to test now!

This is your chance to work directly with the Developers in
the community to finalize the release. Please take this opportunity to ensure the upgrade and conversion process works flawlessly for your environment. Smartertools have spent an enormous amount of time on this release and want it to be the best possible experience for all customers, and your feedback is critical for that success!

What new features are waiting for you?

The entire backend of SmarterTools has been re-built on the latest technologies allowing for significant speed and memory improvements.
For extremely large installations, SmarterMail will load 2 to 3 times faster.
Extensive redesigns for all protocols (EAS, EWS and WebDAV) will offer faster and more consistent results. The SmarterTools team spend a couple weeks working with Microsoft in Redmond and made some amazing improvements as a result.
Team Workspaces now includes native video and audio conferencing via WebRTC. No more need for third party integrations.
Group Chat now includes native video and audio conferencing, and the ability to preview shared files and more.
Two-Step Authentication, for more secure access to your most important resource: your email account.
Indexing optimizations to reduce memory and CPU but speed up the indexing process.
Significantly more logging in all areas of the product.
Improved calendar sharing, including sharing secondary calendars and the ability to sync shared calendars with the most popular email clients when using EAS or EWS.
On-demand content filters that can be run any time you want.
The ability to customize replies to calendar invitations.
And HUNDREDS of backend improvements throughout SmarterMail.

If you have active Upgrade Protection, your license was already upgraded to the next release so you can run the BETA in production by simply installing and activating the product. You can also download it and run it as the free version for testing. Regardless, Smartertools are standing by and more than willing to help! For more information on the latest SmarterMail BETA build, and to download the installer, check out this SmarterMail BETA topic.

Get started today as our Developers are standing by for your feedback in the SmarterTools Community!