Blogs

How to Blacklist or Whitelist Email in cPanel

In this tutorial, I will show you how to “blacklist” or “whitelist” email using the spam filters found in cPanel. You can filter based on individual email addresses or entire domains. The process only takes a minute, yet it will save you a lot of time and trouble when dealing with your email inbox. Note that the kind of blacklisting we’re talking about here is done at the level of the individual recipient (that’s you). Not to be confused with email server blacklisting, which is a different topic. Apache SpamAssassin is the most commonly used spam control in cPanel configurations. But the spam filtering application used in your cPanel account may differ. The instructions below should apply regardless of the spam filtering application you use. What Does it Mean to Blacklist or Whitelist Email? When you blacklist an email address, all email sent from that address is blocked from reaching your inbox. Alternately, whitelisting an email address allows email from that address to bypass spam filters. Email from whitelisted addresses will show up in your inbox every time, regardless of the content. If you consistently find email in a spam or junk folder that you want to land in your inbox, whitelisting the address is the answer. If you receive unwanted email from an address or domain, and they don’t respond to unsubscribe requests, blacklisting will keep them out of your inbox. How to Blacklist Email in cPanel. Log in to cPanel. In the “Email” section, click the “Spam Filters” link or icon. Scroll down to the “Additional Configurations (For Advanced Users)” section. Click the “Show Additional Configurations” link. Scroll down to the “Blacklist (Emails Never Allowed)” section. Click the “Edit Spam Blacklist Settings” link. Click the “Add a New ‘blacklist_from’ Item” link. When entering addresses, either to blacklist or whitelist, you can use the following options: user@ggexample.com — To whitelist a single email address. *@ggexample.com — To whitelist all of the addresses at ggexample.com. ?ser@ggexample.com — To whitelist a single character in an address at ggexample.com (i.e., user@ggexample.com, but not theuser@ggexample.com). Enter the email address that you wish to blacklist. Click the “Update Blacklist (blacklist_from)” button. There is a success message, but otherwise, the cPanel interface can make it appear as if nothing has changed. That can be a bit confusing at first, but if you add more items you can see how the list is presented. To delete a blacklist item, click the “X” icon next to the item you wish to delete. How to Whitelist Email in cPanel Whitelisting is done using the same steps for blacklisting shown above but in the “Whitelist (Emails Always Allowed)” section. Log in to cPanel. In the “Email” section, click the “Spam Filters” link or icon. Scroll down to the “Additional Configurations (For Advanced Users)” section. Click the “Show Additional Configurations” link. Scroll down to the “Whitelist (Emails Always Allowed)” section. Click the “Edit Spam Whitelist Settings” link. Click the “Add a New ‘whitelist_from’ Item” link. Enter the email address that you wish to whitelist. Click the “Update Whitelist (whitelist_from)” button Keeping a Clean Inbox Spam filtering has come a long way, but sometimes you still need the control that blacklisting and whitelisting can provide. Knowing how to blacklist or whitelist email in cPanel is a great tool to have at your disposal. Do you use email blacklists or whitelists? If so, which do you block (or allow) more often: individual addresses or entire domains?
Read more

Maximum SSL/TLS Certificate Validity is Now One Year

Starting on September 1st, SSL/TLS certificates cannot be issued for longer than 13 months (397 days). This change was first announced by Apple, at the CA/Browser Forum Spring Face-to-Face event in Bratislava back in March.  Then last week, at the CA/B Forum’s Summer event (held virtually), Google announced its intention to match Apple’s changes with its own root program.  There is also a browser-driven ballot that seeks to align the industry’s baseline requirements with the new root program changes. That issue is currently being debated by the Forum. We realize there might be a lot to unpack here, so in the interest of providing a little clarity we’re going to cover it in this blog post.  The reason for shorter SSL/TLS certificate lifespans From a high-level, theoretical standpoint there are two primary benefits for shorter-lived certificates: The first is the technical component – longer lifespans means it takes longer to organically roll out updates or changes. A real-world example would be the SHA1-to-SHA2 transition. Unless you’re going to revoke a whole bunch of certificates and force the customer to re-issue, it can take years before all of the old certificates are replaced. In the case of SHA1, it took three. That creates risk.  The other benefit has to do with identity – how long should the information used to validate an identity stay trusted? The longer between validation, the greater the risk. Google has said that in an ideal world domain validation would occur about every six hours.  Before 2015 you could get an SSL/TLS certificate issued for up to five years. That was reduced to three, and then again in 2018 to two. At the end of 2019, a ballot was proposed at the CA/B Forum that would have reduced it to one year – it was voted down soundly by the Certificate Authorities. So, why are certificate still being reduced to one year? The CA/Browser forum is an industry group that meets to vote on a set of baseline requirements for the issuance of trusted digital certificates. What it is not, however, is a governing body. Even though the CAs expressed concerns and reluctance to decrease max validity again, Apple and Google are well within their right to update the policies for their root programs as they see fit.  We understand that we’ve just thrown a whole bunch of industry terms at you, so let’s step back real quick and make sure the previous paragraph makes sense.  Certificate Authorities and browsers have an interdependent relationship. Browsers need to use certificates to make trust determinations about websites and for help securing connections. On the CA side, what good is a public certificate if it’s not trusted by a browser? The way this is all managed is through the root programs. There are four major root programs of note: Microsoft Apple Mozilla Google ( the last two known as Googzilla – lol) Incidentally, you’ll notice those four are also behind the major browsers on both desktop and mobile. In order for a CA to have its certificates trusted by the root programs, and by extension the browsers and OSs that make use of them, it must adhere to that root program’s guidelines. The CA/B Forum is an industry forum that ideally helps to facilitate changes to the root programs (and the ecosystem itself).  But the root programs, which participate as browsers, can still act unilaterally and make changes as they see fit. When this happens, the need for interoperability basically dictates that whatever root program policy has the most stringent standards becomes the new de facto baseline requirement.  That’s how we got here. Now let’s talk about what this means for your website. What shorter SSL/TLS validity means for website owners First things first, this goes into effect September 1, 2020. So, if you’re using a two-year certificate that was issued before September 1, your certificate will stay valid until its original expiration date. You just won’t be able to renew for two years moving forward.  Or to put it another way, you have until the first of September to get two-year certs. After that they will be relegated to the desktop recycling bin of history.  From a bigger-picture standpoint, this might be a good time to start giving consideration to automating more of your certificate lifecycle management functions. Especially for larger organizations managing dozens of publicly-trusted website certificates, but also for organizations using publicly-trusted email certificates, as well as any organization leveraging a private CA or PKI-based electronic signatures. You might also consider moving some certificates from public to private trust, which also helps with management – you could even issue certs with longer validity using that method.  Otherwise, the way things are headed with the root programs continuing to push for shorter validity – organizations are pretty much going to be forced to automate a lot of these things at some point in the future.  Better to explore that now than when your feet are being pressed to the fire.  How GlobalSign will handle one-year certificates In the interest of simplicity – making the process as straightforward as possible – GlobalSign will provide SSL/TLS customers with the maximum validity of 397 days when they order one-year certificates starting on 31 August. This applies to new orders and renewals, to provide maximum validity for our customer’s benefit. You will still want to renew your certificate before it expires, but since we can no longer provide up to 90 additional days to your validity, we recommend you renew within 30 days of expiration.  What about reissuing my certificates? You may wonder what happens when you reissue one of your two-year certificates after this change goes into effect.  Well, we have good news for you!  If you reissue a certificate and lose validity (we’re required to limit validity to 397 days), you can reissue the certificate later – ideally less than 397 days prior to your original cert expire – and recover the lost validity from your first reissue! This works the same
Read more

Types of TLS/SSL Certificates for Different Business Needs

SSL or TLS Certificates allow websites to run smoothly without the threat of hackers stealing identities and other sensitive information. Depending on your needs, there are various options available for website owners: Domain Validation (DV); Organization Validation (OV); and Extended Validation (EV). The Different Types of TLS/SSL Certificates Domain Validated (DV) Certificates During the initial stages of TLS certification, website owners could only opt for OV certificates, which cut out websites, like personal websites, that wanted to have encryption but did not meet the requirements of an OV certificate. Hence, DV certificates regulate an applicant’s use of a certain domain name. These certificates provide a reliable base-level encryption and the process of applying for a DV is automated and can be issued almost immediately. Organization Validation (OV) Certificates OV certificates go through more vetting than DV certificates. The requirements in OV certificates are domain control, the organization name, city, state, and country. OV certificates exhibit both security and value, making them a good option for businesses on a budget. Extended Validation (EV) Certificates Just like OV certificates, EV certificates also require organizational information, but with added public registration information. As expected, EV certificates tend to be pricier than their DV and OV counterparts. But what you get in exchange is heightened website credibility and trustworthiness for having an EV certificate. What TLS/SSL Certificate Does My Website Need? Choosing the suitable certificate can be confusing with the amount of options available. We will go through some common use cases for each certificate. Do note that these use cases are a guide, and opting for a higher level certificate is always an option and will only increase consumer trust. If you own a website that doesn’t collect any user data, such as a blog, portfolio, or a personal website, opting for a DV certificate may be the best choice for you. Since DV certificates meet the requirements for website encryption, for websites that function without gathering sensitive data or customer data, this would suffice. Google has also been recently pushing website owners to switch to HTTPS, opting for such encryption will help your website rank high in Google search. On the other hand, if you work in a corporation, the government, and other entities that require an extra layer of trust and security for your visitors, opting for an OV certificate may be the best option for your website. As data and sensitive information will be passed through the website, such entities often need to provide greater assurance to users. Thus, with the increased level of vetting, OV certificates are a greater symbol of trust and security for just a little bit more coin. Lastly, for large scale corporations and e-commerce websites, EV certificates may be the best option as it has the highest level of vetting and identity verification among the 3 options. EV certificates help your site visitors have the peace of mind to give not only their personal details but also their payment information on your website. This rigorous validation process takes the most time among the three, but it is also the reason why EV certificates provide the most reliability and assurance. GlobalSign offers a cost-effective range of TLS/SSL options—from DV to EV—ensuring your public servers and sites are in line with industry best practices, but also offers options for internal servers and special use cases. You may visit our official website for more details, or check out our free guide to help you get started on learning what TLS can do for your online brand. NOTE:: This article is copyright by GlobalSign  and we are using is for education or information purposes only. Click Here to visit the official store of GlobalSign  in Pakistan
Read more

Restore your website with system backup

In order to restore your website with system backup, your website hosting account shall have enough space for –1. temporary backup file, and2. extracted public_htmlApproximately, it shall be double of your current website file size If you are running out of the storage, you may contact us for a temporarily increment of the storage quota (for 3 days) Note: Below procedure may not be applicable to Parallels Site Builder 4.5 or Parallels Web Presence Builder 11.5 [Website Files restoration] Login DirectAdmin Panel (e.g. https://www.YourDomain.com:2222 ) At the top, goto File Manager Goto the folder – /domains/YourDomain.com ,you shall find a folder called public_html ,click on Rename link Rename it as (e.g.) public_html.141117 Goto DirectAdmin panel front page,at the bottom, choose – “Get System Backup” You will see the following, choose a day of backup It will take a few seconds/minute, and create a compressed files at the folder – /backups(If you have MySQL databases, it will also copy MySQL dump file) Then, click the link (as above image), goto /backup folderYou shall see the tar.gz file (and the MySQL dump zip file if have) You may consider to download the tar.gz , and extracted by WinZip to restore individual file if necessary.Below we will illustrate to restore the whole public_html folder In the tar.gz file, click on Extract link It will show the tar.gz archive file content as below,and keep default to extract to /backups folderclick on Extract button Extracted website files to /backups/… You will see there is a folder – domains – under the folder /backups Actually, you will have the following path generated –/backups/domains/YourDomain.com/public_html Now, we need to move the webpage folder (public_html)from /backups/domains/YourDomain.com/public_htmlto /domains/YourDomain.com/public_html Use File Manager,Navigate to /backups/domains/YourDomain.com/You shall see the folder – public_html – as belowselect the public_html folder (at the right hand side)at the bottom, click “Add to Clipboard” Navigate to /domains/YourDomain.com (no /backup)(You shall find the previously renamed folder)At the bottom, click on button – “Move Clipboard files here” Then, you have moved the restored public_html folder. On the right hand side, select the folder – public_htmlAt the bottom, nearby “set Permission”, fill in permission – 711and click on button – “set Permission”(i.e. change the permission from 710 to 711 for Apache web access) We have finished the website file restore. Now, we will goto MySQL database restoration [MySQL restoration] Note: not ALL websites require MySQL database restoration.If you are running CMS (e.g. WordPress, Joomla, Drupal, OpenCart, Magento), or PHP/MySQL application else, you may need to restore MySQL database too. If you do not need to restore MySQL, you may goto the bottom part for clean up section. Use the File Manager, goto /backups folder,and Download the MySQL dump file in zip format to your desktop. Extract it and check how many SQL files inside the ZIP archive. If there are 1 SQL file inside the zip file, it means you have only 1 database.If there are 2 SQL file inside the zip file, it means you have 2 database, and the same. If you have 2 (or more) SQL files inside the ZIP file, please unzip those SQL files, and proceed the following once per database. Goto DirectAdmin panel front pageAt the bottom, goto phpMyAdminYou may login with your MySQL database username/password,or DirectAdmin panel username/password After login phpMyAdmin, you shall see the following list as below –Jot down the number of tables and records for reference (Optional) for clean restoration, you may select all tables, and drop it (i.e. delete ALL table before restore) Confirm to drop the tables? Now, we will import the MySQL dump fileAt the top, choose Import Choose your SQL (or zip) file(Choose zip file if you have only 1 SQL file inside the ZIP) and proceed the import Then, it will import the MySQL dump file (example as below) Check (and compare) the number of tables and records. If the SQL backup file is too large, exceed the phpMyAdmin import limit (around 20MB), you may consider to use this method. Generally, it shall have a small difference of number of records, as the backup shall be yesterday, or a few days ago. Then, the MySQL restore is completed.You shall re-visit and check your website. [Clean Up] If everything OK, you shall clean up the unnecessary files Goto DirectAdmin panel, File Managergoto /domains/YourDomain.com/and remove the old website folder – (e.g.) public_html.141117 Use File Manager, goto /backupsand remove the /domains folder, the tar.gz file, and the zip file. Done.
Read more

How to use file manager in direct admin panel?

In this tutorial we will show how to use file manager in direct admin.  You may use file manager in direct admin create,copy, delete, modify, upload and download files/folders …etc.  At first, you need to login to direct admin.  Here are the picture is successful login direct admin.In this page, go to click file managerOnce you are in file manager.  Here are the following picture show you. In this page, you may choose one of your file/folder and select in the select box. At the end of the page, in right hand side, you will see a lot of function button on it. We are going to introduce those button, what they are and what they use. 1. Set PermissionOnce you had selected folders/files, and click set permission button, your folders/files will change the permission.**in our web hosting service, (.php  644), (folder 755)** 2. Add to ClipboardThis button function just like “Copy” function, it will temporary add a files/folders in to Clipboard. 2.1 “Copy Clipboard Files here” “Move Clipboard Files here” “Empty Clipboard”These three button is use for Copy clipboard file in to the other folder.  (it will move the files/folders copy) Move Clipboard Files here. (it will move the original files/folders which you selected) Empty Clipboard (clean the files/folders which you copy, select, or move) 3. Deletethis button is use for delete files/folders which you selected.  **please use it  with care** In Filesystem Tools user usually will useCreate New Folder & Create New File These two button which is use for create new folder and create new file.
Read more

How to Increase the Max Upload Filesize and Post Max Size in DirectAdmin’s PHPMyAdmin

To increase the maximum size of a database that can be uploaded in DirectAdmin’s PHPMyAdmin, one must edit the used PHP version’s php.ini to adjust the setting, and then restart the appropriate services. The examples given below apply to a DirectAdmin server using PHP-FPM as the PHP handler. 1) Find the default PHP version’s php.ini You can run the following command to find out what configuration files are in use on your server and what their locations are: PHPMyAdmin on DirectAdmin will use the default PHP version. There may be a blank php.ini section in the output of the command above, but you can ignore that as we just want to know the default PHP version and the location of its php.ini file. 2) Edit the php.ini Now that you can see the location of the default PHP version’s php.ini file, you can now edit it to increase the post_max_size and the max_upload_filesize variables. Using the example in the image above, you could use this command via SSH as root to edit the file: Note that the upload_max_filesize determines the Mib displayed in PHPMyAdmin, but you’ll want to increase both. 3) Restart the webserver and any related services Now you need to restart the webserver and any related services to ensure the changes take place. Apache: If using php-fpm, restart it (replace XX with the appropriate version of PHP, e.g., php-fpm73): 4) Check your work Now you can log into PHPMyAdmin and confirm that the value has been increased as desired by checking under the Import tab.
Read more

How to customize PHP disable_functions in DirectAdmin

The directive “disable_functions” allows to disable certain functions. It takes on a comma-delimited list of function names.  DirectAdmin uses the directive for security purposes, and here is a way how to customise it. We need to create a file /usr/local/directadmin/custombuild/custom/php_disable_functions with our own list of functions. Let’s say we want to allow proc_close, proc_open server-wide in DirectAdmin in PHP. cd /usr/local/directadmin/custombuildtouch custom/php_disable_functions A default list includes the following PHP functions: exec, system, passthru, shell_exec, proc_close, proc_open, dl, popen, show_source, posix_kill, posix_mkfifo, posix_getpwuid, posix_setpgid, posix_setsid, posix_setuid, posix_setgid, posix_seteuid, posix_setegid, posix_uname Our custom list will look like the following (it excludes proc_close, proc_open): exec, system, passthru, shell_exec, dl, popen, show_source, posix_kill, posix_mkfifo, posix_getpwuid, posix_setpgid, posix_setsid, posix_setuid, posix_setgid, posix_seteuid, posix_setegid, posix_uname For this we run: cd /usr/local/directadmin/custombuildecho "exec,system,passthru,shell_exec,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname" > custom/php_disable_functions and then update configs: ./build set secure_php yes./build secure_php After the process completes we need to check results it with: php -i | grep ^disable_functions It’s expected to see the modified list of disabled functions without proc_close, proc_open, i.e. the excluded functions are now allowed.
Read more

How To Enable Auto-Login for Webmail in DirectAdmin

When enabled, one will see extra characters (arrow and letter) in the “Login” column when they visit the E-Mail Accounts page of the User Level. By default this feature is disabled in the directadmin.conf like so: one_click_webmail_login=0 Use the following command to check: /usr/local/directadmin/directadmin c | grep one_click_webmail_login To enable this feature, run the following commands as the root user via SSH: cd /usr/local/directadmin ./directadmin set one_click_webmail_login 1 restart cd custombuild ./build update ./build dovecot_conf ./build exim_conf ./build roundcube   Note:  if you do not see the option to automatically log into Webmail, you may not be running a recent version of DirectAdmin. If not, do the following to check:   cd /usr/local/directadmin/custombuild ./build update ./build versions_nobold | grep 'update is available.' If updates are available for DirectAdmin, run the following to apply those updates: ./build update_versions That’s it! 🙂 If you have any trouble, or are unfamiliar with running commands as the root user via SSH, please open a support ticket with our support team and we’ll be happy to accommodate this request!
Read more

What is the difference between an Addon Domain and a Parked Domain?

A common question that’s not easily answered, is the defining factors between an Addon Domain and a Parked Domain in cPanel/WHM. Here’s a chart to help simplify the differences: Characteristic Addon Domains Parked Domains Main domain appears in the address bar Yes No Apache directive used VirtualHost ServerAlias Separate logs Yes No Separate stats Yes No Treated as a subdomain (other than URL) Yes No Ideal for multiple domains sharing the same address No Yes
Read more

Repairing corrupt MySQL databases in cPanel

This is a very straightforward process in cPanel. Login to cPanel and click MySQL Databases. Under Modify Databases, search for the drop-down called “Check DB”. Select the database which is having trouble. Click the “Check DB” button. This will help to identify cause of the problem. If the problem is “Marked as crashed”, then proceed as follows. Go back to MySQL Databases. Under Modify Databases, look for the drop-down called “Repair DB”. Select the database name which is having trouble. Click the Repair DB button. Once complete, reload your web site.
Read more
Cart

No products in the cart.