Archive

Modsecurity in cPanel

Another great feature in WHM/ cPanel easily neglected is the modsecurity. It is useful you have not got any web protection like Sucuri Firewall Pro. Users did not enable this feature to protect their open sourced website like WordPress, Joomla etc. This module is enabled by default but there is no rule to process. So it is as good as it is disabled.

Go to modsecurity to install vendors, I use OWSAP commonly. And remember to enable to process the rules in configuration. The rules will stop common attacks and viabilities of your website. This is important feature to those do not have ant web protection.

Transfer Tools in WHM/ cPanel

This is a very useful tool in WHM/ cPanel. But many server admin or users have neglected this. Either it is not often used or the control panel has many features and too clustered. But nevertheless, today I’m showing you these tools found in WHM/ cPanel.

transfer tool in cpanelThere are 2 transfer tools might be handy if you are moving to another host. The Restore a Full Backup/cpmove File and the transfer Tool. So both do the same job but the processes are different. You must know these tools in case one has an error. Restore a Full Backup/cpmove File is kind of semi-migration tool. You go to the website via cPanel of the source server and do a Full backup, The backup will be in certain formatted name recognised by cPanel as a restoration when it has completed. The backup file will be located in your home directory. You can either use rsync if you have the root access or use FTP to the source server. Place the backup file in the backup home directory of the destination server, and you use Restore a Full Backup/cpmove File to restore a backup file.

On a full backup, you can also use FTP 0r SCP remotely dump the backup file to the destination server also. But I found that rsync is more reliable. It is a personal preference, o it is about transfer a file from the source to a destination server.

transfer toolThe other is the transfer tool. The tool migrates the desired accounts or websites from the source server to the destination server. So the transfer tool might be suitable to an intermedia user. You need root or sudo users to access, to migrate the accounts. After you have initiated a transfer, you do not need to stare or watch them.  You can safely close your browser, and the session is still active. You can come back to review the entire transfer process later. Most are self-explanatory, I will not further elaborate.

These 2 migration tools have a high success rate. Even you are migrating a website from another control panel, which limited to the ‘Transfer Tool’. They have saved us plenty of time and effort.

CSF and WHM/ cPanel

This is commonly found in a WHM / cPanel VPS or dedicated server. Actually, CSF is effective and it is free. A lot of server admin will install them as soon as they have received it. But seriously speaking, how many users know how to tweak and optimise the performance. Honestly, very few and I always see people left them in auto-pilot mode and full stop. So what is CSF? Yes, it is a firewall and it is software based. It is installed onto the server.

There is nothing wrong to install a piece of free and useful software. Wait for a second, did I just say it was useful? In certain extent, it is a Yes. But I have seen many cases, CSF is added burden to the user.

I have seen many as I have said, they simply install and turned on the firewall. If you are doing this, you might accidentally block good users or in the worst situation, you are blocked. When such a thing has happened, may have treated the service is not available and it can be frustrating especially it has happened often. There is the case, like packet loss when you are pinging the server IP or domain name. This is because of CSF. Simply turn it off and everything is back to normal.

Don’t get me wrong, CSF is useful but you need to know how to use it. Without, it can be a hassle for you. So I never buy an idea like installing a software firewall on the server. Actually, if the attacks come, the firewall will eat up the resources on the server and eventually the server performance is affected. But a web firewall like Sucuri Firewall Pro does not install onto the server, it has offloaded the server and because of many distributed points, it helps to speed up a website if you are staying further from the source of the website.

What does SSL certificate mean to you?

I’m not sure but I have spoken to many, they have a faint idea on what is HTTP and HTTPS. What is SSL certificate and why some buy an SSL certificate? Here’s your chance. You should have a better understanding of an SSL certificate after reading.

The major difference between HTTP and HTTPS is secure for the later. When you are visiting HTTPS website your communication to the server is encrypted by an SSL certificate has installed on the web server. Without a proper CA signed an SSL certificate your browser will alert you as an error, will stop you to proceed unless you add the website to your exception list.

OK. Some not so technical literate customers will claim this as an error from the server. This is because you do not have an SSL certificate installed, thus the error from the browser, not the server. Why you did not install an SSL certificate? An industry practice, web hosting providers will not install and never install an SSL certificate. I will tell you why if you read on. However, some control panel like cPanel provide an SSL certificate on the server hostname and having said that the hostname must be qualified resolvable hostname in order to work.

Nowadays,  an SSL certificate can be paid or free. Most well-known control panels like Plesk and cPanel come with free SSL certificate. These certificates only valid for 3 months and renewed, provide the domain still resolved to the server IP same for new issuing. Here we will explain to you why as it is a form of validation. Yes, before the CA issue you with an SSL certificate, verification is required to check you really own the domain and business.

There are 3 types of validation depends on the type of SSL certificate. DV, OV and EV. Actually, it is more complicated if you are paying more for the certificate. Thos green bar you are with a LOCK, these are extended validated, more steps on verification before an SSL certificate is issued. DV is the cheapest and only require domain verification. DV only requires the applicant to create designated email account to approve the application or you can update the DNS zone records for verification. OV stands for organization validation, you verify the existence of the organization like DUNS, telephone numbers on the Yellow page. The EV extended validation normally requires you to fill up forms telephone verification and further verification is required to check on identity. Because of the validation, hosting provides do not pre-install the SSL certificates.

SSL certificate serves more than secure communication. Basically, it labels your organization. Especially, if you are doing business online, you want your online visitors and customers to trust you, SSL certificate will serve the purpose.  I will refrain myself t key in personal details if there is no proper  CA-signed certificate website. Information can be hijacked during the transmission, and you never notice.

However, there is a common perception that your website will not be hacked if you use HTTPS with a valid SSL certificate, It is incorrect. Your website is still hackable if you have loopholes or vulnerabilities. Some SEO experts claimed that there is an impact if the website is HTTP. Google lists HTTP as an insecure site on their search engine from July 2018. HTTPS will list faster. HTTPS websites will load faster in Chrome browser. I cannot really tell but SSL certificate is free now at Let’s Encrypt so what is the harm.

 

Are all webmail the same?

By the name, yes webmail means you can send and receive emails from the browser, from anywhere as long as the device has an internet access. But not all webmails are the same. Some are better, some are boring and some are powerful. For example, the webmail by smartermail in our shared hosting plus is a very nice looking and powerful webmail.

Shared Hosting Plus webmail not only allows you to send and receive email, but you can also do more. Create your contact list shared or personal to save more time and effort sending email to the same recipients. Book a meeting room using the calendar function or create a file folder or keep a note to remind yourselves.  Many webmails are opensource preinstalled with the web control panel and they are free. Thus, they are simple and lack of these functions. Webmail from our shared hosting plus can easily replace your desktop email client applications, like Outlook or Thunderbird.

Plesk Onyx vs cPanel

I have used both web control panel. Even you are expert in your operating system. These control panels make your job easier and organised. If someone is asking, which control panel is better? My answer can be confusing, I will say it depend.

Yes, it depends on what you are planning to host and do. We put the monthly licence expense aside. These control panels have served the general purposes but in depth, there are differences. And these control panels have their strong and weak points. As a provider, here are my experiences.

  • in terms of UX and the layout, I will give the credit to Plesk. The login panel, the layout and the icons are much easier to navigate. Layman will find the essential functions after they logged in.
  • if you have an old website is using only PHP5.2 and cannot upgrade, I will suggest Plesk in this case The PHP select has a wider range.
  • backup function in cPanel has greater flexibility, offer more choices on the repository.
  • PHP extension with Apache in cPanel is compiled using Easy Apache with better compatibility.
  • more users and restrictions can be created in Plesk, ideal for the owner has engaged a 3rd party who need to access the control panel.
  • cPanel has only 1 license type on unlimited for both VPS and dedicated server. Plesk starts with 10 domains onward, can be confusing,
  • cPanel has more thleskPings and modules to install, thus it takes longer time.
  • Anti-virus is ClamAV on cPanel which is free. Plesk premium AntiVirus is free for 1st 10 and you need to pay for the license for additional mailboxes.
  • You get better settings on Anti-Spam for cPanel.
  • Plesk has firewall settings out of the box
  • Plesk is using postfix and cPanel s Exim for the mail server. Personally found postfix is less confusing.
  • cPanel has more security settings and better protection.
  • cPanel has more choice on using the different type of service like DNS, FTP etc.

These are some of the differences for both control panels. For a novice user, I will strongly recommend Plesk. However, cPanel has better control, especially you had been working with shell. Now, you can probably use cPanel to accomplish.