This is the first part of a two part series on setting up your cPanel based server. This guide should take approximately 15 minutes to complete. The information contained within this article is based solely on my experience with Linux and cPanel based servers.
Step 1: Logging to your server through WHM (Web Host
In order to setup your server, you will have to log to your
WHM. Open your favorite web browser, and
in the address field, type one of the following URL’s:
Note: Using the first option (https://<your server
ip>:2087) will allow you to securely access your server via your web
browser. Upon a connection, you will be presented with an alert box, Click Yes
to accept the self signed SSL certificate.
Type in your username (root), and the password that was
given to you by your hosting provider in the Connect to Box as presented below,
and click on OK.
Step 2: Resolver Setup
When connecting to you cPanel server for the first time, you
will be presented with a series of step-by-step questions which will initiate
the basic setup configuration of your server.
Once you’re done with the initial setup, you will be automatically taken
to the main WHM area, where you will continue to configure, and finalize your
The first step that we will complete will be our Resolver
Setup. Basically, the Resolver defines
which DNS server will resolve your server’s DNS requests. It can be either your own server (considering
that your server acts as a DNS), or any other DNS server which will satisfy
your server’s DNS queries.
To begin, we will focus on the Resolver Setup popup window which will appear when you initially log into WHM. Click on Continue to start entering your resolvers.
Our next step will involve typing each, and every resolver
in the proper field, as seen in the snap show below. When you’re done, click on Continue.
Note: You can use your hosting provider DNS servers to fill
up the Secondary Resolver and Tertiary Resolver.
we’ve closed our Resolver popup window, our next step will be to configure our
server through the WHM (Web Host Manager) interface.
Once you’ve clicked on the Next button as shown in the snap shot
to the left, a Copyright Agreement will appear in the right frame of your web
Scroll down and read carefully through the Copyright Agreement. Once you’ve agreed to the terms, click on the Next button as shown.
Step 4: Setup Server Information
you’ve clicked on the Next button, WHM will take you to the Setup
Server Information section.
right frame, scroll down and fill out the fields as shown in the table below:
Note: By default, cPanel has filled
most of the fields. You can always go back and change these default
Main Shared Virtual Host IP
By default, cPanel assigns the main IP as the main shared virtual host
IP. There is no need to change it, just verify that it is the correct
Server Contact E-Mail Address
Fill out your e-mail address that will be used by the server in case
some problems arise with it. I recommend using 3rd party email (e.g.
hotmail.com, yahoo.com) or any other email provider that does not reside on
the server. The point behind this is that if there are any issues with
your server, you will not be aware to this situation since your server will
be unable to send you a notice.
Server Contact AIM
Fill this field in if you wish to have your server to reach you via AIM with
the given AIM nickname you’ve specified.
Server Contact ICQ
Fill this field in if you wish to have your server to reach you over ICQ with
the given ICQ UIN you’ve specified.
Server Contact Pager Address
In this field, you can specify a cellular phone, or pager e-mail address that
your server will use in case a problem arises.
Type in the FQDN of your primary nameserver. The primary nameserver
will be used to create new entries when creating new domains or subdomains.
Usually people register their own nameservers as ns1.myhost.com and ns2.myhost.com
(where myhost.com is your domain).
This is the same setup as the Primary Nameserver, just type in
the second name of your registered nameserver which will be used when
creating new domains or subdomains.
Fill this optional field if you need a third nameserver to be used whenever
creating a new domains or subdomains.
Provide the ICQ UIN your server should use in order to send you ICQ instant
messages if a problem arises.
Provide a valid ICQ password for the ICQ UIN you’ve entered in the ICQ UIN
Provide a valid AIM nickname your server should use in order to send you ICQ
instant messages if a problem arises.
[Optional Field] Provide a valid AIM password for the AIM nickname you’ve entered in the
AIM Username field.
Once you’re done modifying your fields, click on the Finish button as seen in the image.
This will take you to the next step of quota initialization.
Step 5: Quota Initialization
This part is pretty much being automated by cPanel. WHM will display a short message of Initial Quota Scan as presented in the snap shot below:
Clicking on the Next Step button will bring us to the Setup Nameserver section.
Step 6: Setup Nameserver
Enabling this option will basically allow your server to function as a nameserver (DNS). As recommend by cPanel, I also highly recommend NOT to enable your server to function as a nameserver unless you’re 100% sure you’re going to use it as one. If you wish to disable this service at a later time, you can always do so by turning it off in the Service Manager area.
Again, if you wish to enable this function, click on OK as seen in the snap shot below.
Once you’ve clicked the OK button, cPanel will start activating your nameserver service, and you will receive a message stating the bind service started ok.
It should be something like this:
Note: The screen shots for this article
has been taken from the latest cPanel X theme. All other themes will function
the same, except for the visual display.
Part 7: Logging to your server through WHM (Web Host Manager)
[skip this part if you’re already logged into WHM]
to setup your server, you will have to log to your WHM.
favorite web browser, and in the address field, type one of the following
https://<your server ip>:2087
http://<your server ip>:2086
http://<your server ip>/whm
Note: Using the first option (e.g.
https://<your server ip>:2087) will allow you to securely access to your
server via your web browser. Upon a connection, you will be presented with an
alert box, Click Yes to accept the self signed SSL certificate.
your username (root), and the password that was given to you by your hosting
provider in the Connect to Box as presented below, and click on OK.
Part 8: Adding your IPs
you’ve established a connection via a web browser, your next step will be to
add all of our IPs which were given to you by your hosting provider.
down on the left pane of your WHM until you have reached the IP Functions section
as seen below:
– Click on Show or Delete Current IP Address to see which
addresses are bound to your server.
– Click on Add a New IP Address in order to add all the IPs that
were given to you by your hosting provider.
Our next steps will help you setup the server.
Server Setup Part 9-A: Edit Setup
[Skip this part if you’ve already completed it in the initial setup]
Click on the Edit Setup option in order to fill in your server setup configuration.
The following fields are of best interest to us in the initial cPanel server setup:
Main Shared Virtual Host IP
By default, the main server IP will be assigned as the shared virtual host IP.
Server Contact E-Mail Address
Fill out your e-mail address that will be used by the server in case some problems arise with it. I recommend using 3rd party email (e.g. hotmail.com, yahoo.com) or any other email provider that does not reside on the server. The point behind this is that if there are any issues with your server, you will not be aware to this situation since your server will be unable to send you a notice.
Primary Nameserver Type in the hostname of your primary nameserver. Usually people register their own nameservers as ns1.myhost.com and ns2.myhost.com (where myhost.com is your domain).
Note: If you’re going to use your own nameservers, you must make sure you’ve registered them with your domain registrar.
Secondary Nameserver This is the same setup as the Primary Nameserver, just type in your second name of your registered nameserver.
Note: Although the Third Nameserver, and Fourth Nameserver are not as necessary, you still have the option of registering and filling them in these fields.
We also have optional fields under the Edit Setup section that we can fill out only if we really need them. These are:
AIM Username, AIM Password
If you would like to receive AIM alerts, and notifications, fill in the AIM username, and password that the server should use to log in, and to send you these messages.
Server Contact AIM Type in the AIM nickname of where your server can reach you at.
Note: You can also use the Server Contact ICQ UIN if you would like th
Once your IPs has been added to the server, the next step will be to go over the Server Setup section. You will find this section on the top most part of your WHM left pane as presented below.
Server Setup Part 9-B: Tweak Settings
section is pretty much self explanatory, there are no custom configurations.
options that I recommend enabling are:
– Disk Space Usage Warnings When a user will reach 80% of your their quota, you will automatically
receive a notification via email.
Box Usage Warnings When a user reaches 80% of his mailbox quota, he will automatically receive
a notification via email.
to prevent pop3 connection floods
users when they have reached 80% of their bandwidth
jailshell as the default shell for all new accounts (linux 2.4 or later only) Although this feature is useful, I -do not- recommend giving any sort of
shell access to your customers unless they really need it. Shell access
is one security gap that can be closed when you restrict it.
Server Setup Part 9-C: Tweak Security
on Tweak Security will open up the following options on the right frame
of your browser:
The first tweak, php open_basedir will prevent from users to
opening files from outside their home directory. If you wish to enable/disable
this tweak, simply click on the php open_basedir Tweak link, and
then either check it (to enable) or uncheck it to disable. I recommend
enabling this tweak, and then, excluding a specific user if necessary.
second tweak, mod_userdir will allow users to view their site by
entering a tilde (~), followed by their username in the address bar of the web
browser. This tweak basically allows your users
to view their web site before their domain
name has been fully propagated. The
disadvantage is that the bandwidth used counts against your server, and not
against the user.
I have no
personal preference for this tweak. Basically, you’ll enable/disable it based
on your users’ needs.
Server Setup Part 9-D: Contact Manager
step will be to update our Contact Manager. The Contact Manager
specifies where your server sends the various alerts presented in the
AIM/ICQ alerts are represented by the number 2, Email notification
alerts are represented by the number 3, and Pager alerts are represented
by the number 1.
no one set of alerts you should configure with your server, you can either
accept the server defaults or use the following set which I personally
Apache Max Clients Check
Disk Integrity Check
IP Address DNS Check
Kernel Crash Check
Kernel Version Check
Recently Uploaded CGI Script Mail
Trojan Horse/File Modification Check
Tip: You can
use your mail client to respond accordingly to each incoming alert with a
different mail filtering rule.
Server Setup Part 9-E: Update Preferences
it sounds, in this section, you will be able to set your cPanel update
I highly recommend reading each, and every build type before setting your
update preferences. Click on the Change Update Preferences option
to choose your update preferences as seen in the example below:
Manual Updates Only (Stable Tree)
DarkORB Package Updates:
Security Package Updates:
production environment, I recommend choosing Manual Updates Only (STABLE
tree).Manual Updates Only gives you full control over your
cPanel updates, in contrary to Automatic Updates, where cPanel
will automatically update its version whenever a new STABLE release is
Both DarkORB Package Updates, and Security Package Updates can
be left with the default Automatic updates. Once you setup
cPanel/WHM Updates to manual updates only (stable tree), you will have to
manually run cPanel updates every time you wish to it to get updated.
Server Setup Part 9-F: Server Time
the drop down box and choose your time zone. Once you’re set, click on
the Change TimeZone button followed by Sync Time with Time
Server Setup Part 9-G: Modify Resolver Configuration [Skip this part if you’ve already configured your resolver in the initial setup]
the resolver will ensure that your server hostname will be resolved whenever it
is being addressed across the Internet. If your server acts as its own primary
nameserver, you will have to specify it in the primary resolver as shown
below. Click on Modify Resolver Configuration followed by clicking
the Continue button.
As you see fit, you can modify the secondary resolver and tertiary
resolver. I recommend using the hosting provider’s own nameservers.
Once you’ve typed it all in, click on Continue.
Server Setup Part 3-H: Initial Nameserver Setup
[Skip this part if you’ve already setup your nameservers in the initial setup]
If you’ve decided that you’re going to assign the role of DNS management to your server, click on the Initial Nameserver Setup option on the left frame of WHM (under Server Setup ), and click OK on the right frame to enable it.
Note: Do not enable the nameserver option unless you are actually going to use it.
Server Setup Part 9-I: Set MySQL Root Password
[Skip this part if you’ve already changed/set your password in the initial setup]
Note: Skip this part if you’ve already set your MySQL password in the initial setup .
It is very important that you change your MySQL root password when you initially setup your server. Click on Set MySQL Root Password and set your password to no less of 6 characters.
Note: I personally recommend using small letters, capital letters, numbers, and punctuation. Also make sure that your password is no less than 8 characters. A Strong Password Generator might be a good idea to use for various security reasons.
Server Setup Part 9-J: Change Root Password
Same as we did with the MySQL Root password, I highly recommend changing the root password which was given to you by your hosting provider. Again, you might want to use the password generator and make sure your root password is no less than 6-8 characters.
Server Setup Part 9-K: Mail Manager
Setting your Mail Manager will allow you to receive email either from root, nobody, and/or mailman. To set up your Mail Manager click on the Change System Mail Preferences option.
As written in the notes, the root user generally receives emails regarding problems on your server, or regular server activity. I highly recommend setting a forwarder for the root user on your server.
The nobody user receives bounces messages from emails sent via CGI/PHP scripts (that is, if you’re not using the suexec). By default suexec is enabled by cPanel, so it is not crucial to set up a forwarder for the nobody user.
The mailman generally receives bounce messages from the mailman list software on your server. Set up a forwarder only if you intend of using and receiving bounced emails from the mailman mailing list on your server.
If you’re in doubt , simply fill up all the fields as shown in the snap below, then click on the Change button for every user field you’ve filled.
Part 10: Backup
As smart system administrator, you should know that backups are very crucial for your business. Most of us just skip ahead saying, “Nothing will ever happen to my server, I’m doing just fine.” Well…. wrong. Nothing is 100% secure, and thus, I highly recommend using a backup drive, and configuring backups on a regular basis. For the time being, use the following backup strategy as presented below (we will expand our Backup topic on another article). Keep in mind that you must have your drive mounted, and formatted. If you’re not certain on how it is supposed to be, contact your hosting provider, or read our article on Utilizing a Backup Solution for a cPanel Based Server.
Scroll down on the left frame of your WHM until you’ve reached the Backup section as seen on the left snap shot.
Click on Configure a Backup and follow the backup strategy shown below . Once all is set, click on Save.
Part 11: Security
Our final stage will be to run a Quick Security Scan on your server, which in result will disable/shutdown any unnecessary services such as lpd (printer daemon), or console mouse services.
On your WHM left frame, scroll down until you reach the Security section as seen in the snap shot on the left.
Once there, click on the Quick Security Scan button.
cPanel will start running the security check, displaying its progress on the right frame of the WHM interface. You should be looking at something like this:
cPanel will display and disable each and every service that is
unnecessary by your system, thus closing another security hole in your