Email accounts in addon domains

You can create email accounts for addon domains. To learn how to set up an email account for an addon domain, read our Email Accounts documentation.

When you remove the addon domain, is email accounts will no longer appear in the cPanel interface. However, the contents for this email account still exist in the home/username/mail directory.

If you add the domain back to the same account as the primary domain, an addon domain, or a parked domain, the email accounts will reappear in the cPanel interface.
If you move the domain to a different account, you must add the email accounts manually and move the contents of the email account manually. The email accounts must follow the same name and same domain format that they previously followed.
You can use the Email Accounts interface to add new accounts, or you can run the /scripts/addpop script to manually add new email accounts.
To move one email account under a domain, you can run the following command:


# mv /home/old_account/mail/domain_name/email_account /home/new_account/mail/domain_name/

After you run this command, the system creates the /home/new_account/mail/domain_name/ directory. To move all the email accounts under a domain, run the following command:


#mv /home/old_account/mail/domain_name /home/new_account/mail

After you move the files, run the following command to change the ownership of the new account:


# chown -R new_account:new_account /home/new_account/mail/domain_name

To move an addon domain from one cPanel to another:

  1. Download the content of your addon domain to your local PC.
  2. Backup any associated database(s).
  3. Create a subfolder inside the new cPanel’s public_html folder.
  4. Upload the content of your addon domain to this new folder.
  5. Restore the database backup(s) into the new cPanel.
  6. If the old cPanel and new cPanel are on the same server, go back to the old cPanel and remove the addon domain from under the Addon Domains icon. Note: The original content or original databases do not need to be deleted.
  7. Go to the new cPanel.
  8. Click the Addon Domains icon.
  9. Enter the addon domain name where it says New Domain Name.
  10. For the Document Root, you must enter /public_html/subfolder/ (replace ‘subfolder’ with the name you chose in step 3).
  11. Fill out the remainder of the form and click the Add Domain button.
  12. If the old cPanel and new cPanel are on different servers, then you will need to update your addon domain name’s nameservers or other DNS records.

For cPanel

Installing IonCube Loaders with cPanel & WHM can be done one of two ways:

1) Using EasyApache via WHM >> EasyApache, IonCube Loaders can be selected under the Exhaustive Options List prior to compiling.

2) As the user `root` via SSH, you can run the below command to install IonCube Loaders without having to recompile Apache:


# /scripts/phpextensionmgr install IonCubeLoader

For Non-Control panel Servers

Begin by downloading the latest loaders to your system. Linux 64 bit:

# cd /root
# wget http://downloads3.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.tar.gz

Other loaders at:
http://www.ioncube.com/loaders.php

Extract the contents of the archived file


# tar -xvf ioncube_loaders_lin_x86-64.tar.gz

Put the Loader file for your php version in /usr/lib64/php/modules

Check php version:

# php -v
PHP 5.4.43 (cli) (built: Jul 13 2015 12:26:16) 
Copyright (c) 1997-2014 The PHP Group
Zend Engine v2.4.0, Copyright (c) 1998-2014 Zend Technologies

Put the Loader file for your php version in /usr/lib64/php/modules

# cp -r /root/ioncube/ /usr/lib64/php/modules/ioncube_loader_lin_5.4.so

Create a ioncube.ini file in your ini files directory, /etc/php.d

# cd /etc/php.d
# nano ioncube.ini

/pre>
# zend_extension = /usr/lib64/php/modules/ioncube_loader_lin_5.4.so
[/bash]

Restart the Apache server software.

service httpd restart

Check for ioncube

# php -m | grep ioncube
ionCube

See it the data is there

#echo  'select * from eximstats.sends limit 2;' | mysql
mailtime        msgid   email   processed       user    size    ip      auth    host    localsender     domain  spamscore
2014-12-09 21:38:11     1XyZyR-0004j1-5K        santa_2014@domain.com 0       -remote-        7134    37.48.84.200    localdelivery   domain.com    1               3.1
2014-12-03 05:19:07     1Xw9pe-0003aq-8b        mobileco@domain2.com    0       mobileco        3256    127.0.0.1       localuser       localhost       1     domain2.com  2.1

If data does exist (you can also check the other tables: defers, failures, smtp in the same way). If you get no data than for some reason data is not making it from exim into the database.

Check if an upgrade has failed.

To change the root password for your Dedicated Server:

Log into WHM.
Click the Server Configuration icon on the home screen.
From the Server Configuration menu, click Change Root Password.
In the New Password field, enter the desired new password.
In the Confirm New Password field, retype the new password.

Home »Service Configuration »Apache Configuration »Global Configuration

Minimum Spare Servers 8
Maximum Spare Servers 32
Max Clients 1500
Max Requests Per Child 0
Start Servers 8
Server Limit 2000
Keep-Alive Timeout 15
Max Keep-Alive Requests 256

Other options:

–addition of memcache
–recompiling Apache to run as PreFork opposed to MPM Worker Event

Check for Prefork or Worker

# [root@austin ~]# /usr/sbin/httpd -V | grep MPM
# Server MPM:     Prefork
# -D APACHE_MPM_DIR="server/mpm/prefork"

Links:
http://kb.sp.parallels.com/en/113007
http://codebucket.co.in/apache-prefork-or-worker/
–Reduced some of the limits in the apache config. Many things that should be in the hundreds were set in the thousands.
–KeepAlive on was simply adding too large of a load to the server.


Timeout
Timeout 300

Usually this value doesn’t require editing and a default of 300 is sufficient. Lowering the ‘Timeout’ value will cause a long running script to terminate earlier than expected.

On virtualized servers like VPS servers, lowering this value to 100 can help improve performance.


KeepAlive
KeepAlive On

This setting should be “On” unless the server is getting requests from hundreds of IPs at once.

High volume and/or load balanced servers should have this setting disabled (Off) to increase connection throughput.


MaxKeepAliveRequests
MaxKeepAliveRequests 100

This setting limits the number of requests allowed per persistent connection when KeepAlive is on. If it is set to 0, unlimited requests will be allowed.

It is recommended to keep this value at 100 for virtualized accounts like VPS accounts. On dedicated servers it is recommended that this value be modified to 150.


KeepAliveTimeout
KeepAliveTimeout 15

The number of seconds Apache will wait for another request before closing the connection. Setting this to a high value may cause performance problems in heavily loaded servers. The higher the timeout, the more server processes will be kept occupied waiting on connections with idle clients.

It is recommended that this value be lowered to 5 on all servers.


MinSpareServers
MinSpareServers 5

This directive sets the desired minimum number of idle child server processes. An idle process is one which is not handling a request. If there are fewer spareservers idle then specified by this value, then the parent process creates new children at a maximum rate of 1 per second. Setting this parameter to a large number is almost always a bad idea.

Others Suggestions:


Virtualized server, ie VPS 5
Dedicated server with 1-2GB RAM 10
Dedicated server with 2-4GB RAM 20
Dedicated server with 4+ GB RAM 25
MaxSpareServers
MaxSpareServers 10

The MaxSpareServers directive sets the desired maximum number of idle child server processes. An idle process is one which is not handling a request. If there are more than MaxSpareServers idle, then the parent process will kill off the excess processes.

The MaxSpareServers value should be set as double the value that is set in MinSpareServers.


StartServers
StartServers 5

This directivesets the number of child server processes created on startup. This value should mirror what is set in MinSpareServers.


MaxClients
MaxClients 150

This directive sets the limit on the number of simultaneous requests that will be served. Any connection attempts over the specified limit will be queued. Once a process is freed at the end of a different request, the queued connection will then be served.

For virtualized servers such as VPS accounts, it is recommended to keep this value at 150. For all dedicated servers the recommended value for this setting is 250.


MaxRequestsPerChild
MaxRequestsPerChild 0

This directive sets the limit on the number of requests that an individual child server process will handle. After the number of requests reaches the value specified, the child process will die. When this value is set at 0, then the process will never expire.

Other adjustments:


Virtualized server, ie VPS 300
Dedicated server with 1-4GB RAM 500
Dedicated server with 4+GB RAM 1000

Other resources:
http://httpd.apache.org/docs/2.2/misc/perf-tuning.html
https://www.howtoforge.com/configuring_apache_for_maximum_performance
http://stackoverflow.com/questions/8902103/is-there-an-apache-tuner-script-like-mysqltuner-pl

Login as the root user to SSH and run the following commands to install CSF:

wget https://download.configserver.com/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh

If you would like to disable APF+BFD (which you will need to do to avoid conflicts):

sh disable_apf_bfd.sh

Now, you can then configure csf and lfd in WHM, or edit the files directly in /etc/csf/*

To Configure the CSF Firewall

Go to the Home of your WHM dashboard and select the Plugins option from the navigation menu.

You will see the option ConfigServer Security & Firewall. Click on it.

Here, you will find a variety of options to configure the ConfigServer Security & Firewall application.

Click on the csf tab.

Scroll down a little to the csf – ConfigServer Firewall section and click on the Firewall Configuration button.

Configure as needed.

Disable Testing
Currently, your CSF application is running in the Test Mode. You have to deactivate the mode.

Reaccess the csf – ConfigServer Firewall section and click the Firewall Configuration button.
Locate the TESTING option in the Initial Settings section.
Click on the Off switch.

Email Settings Auto Discovery

Enable: This will allow email clients to automatically locate and configure themselves based on the server’s configurations.

No, thank you: This will prevent the auto setup features on email clients from automatically locating and configuring themselves.

Email Archiving

Enable: This will allow users to configure the retention period for incoming, outgoing and mailing list emails. You can enable the archiving feature through the cPanel interface on a per-domain basis. Messages can be retrieved through the following methods:
IMAP connection
Downloading the messages directly
WebMail
Mail Delivery Reports feature in WHM

No, thank you: This will prevent the server from retaining messages being sent. Additionally, these options to control the archive type and retention period per domain will be removed from cPanel.

Query Apache for “Nobody” Senders

Enable: This will allow you to query the Apache servers status to determine the true sender of the email. By looking at the process table to determine who really sent the message, cPanel can accurately report the sender of the message. While this requires more process time, it is more reliable and cannot be forged.

No, thank you: This will prevent mail delivery process from querying the Apache server to determine the true sender of a message when the user who sent the message is ‘nobody’.

Security Tokens

Enable: This will allow cPanel and WHM to secure their URLs from being affected by Cross-Site Request Forgery (XSRF) attacks by adding unique tokens to the URL upon login.

No, thank you: This will prevent the use of unique security tokens that would otherwise be displayed in the URL upon login. This is not recommended and will leave you vulnerable to XSRF attacks.

SMTP Restrictions

Enable: This will prevent users from sending mail openly without any restrictions. This feature configures your server so that the mail transport agent (MTA), Mailman mailing list software and root user are the only accounts able to connect to remote SMTP servers.

No, thank you: This will allow users to send mail openly without any restrictions. This is not recommended if you want to keep your users’ mailing restricted.

Trust X-PHP-Script for ‘nobody’ senders

Enable: This will allow the server to trust the X-PHP-Script headers to determine the sender of email sent from processes running as “nobody.” The server will trust messages which contain X-PHP-Script headers (this requires the Easy Apache option MailHeaders to be compiled in Apache) and use them to determine the true sender.

A sophisticated, malicious user can forge email headers. Although it may be more CPU intensive, the Apache query method is recommended if you do not trust your users.

No, thank you: This will prevent the server from checking the mail headers for X-PHP-Script headers to determine whether or not the email can be trusted and identified as a true user.

To install mysqli using EachApache:

1. Login to WHM as ‘root’ user.

2. Either search for “EasyApache” or go to Software > EasyApache

3. Scroll down and select a build option (Default)

4. Click Start “Start customizing based on profile”

5. Select the version of Apache and click “Next Step”.

6. Select the version of PHP and click “Next Step”.

7. Chose additional options within the “Short Options List”

8. Select “Exhaustive Options List” and look for “MySQL Improved extension”

9. Click “Save and Build”

To check mysqli was installed:

Run the following command as ‘root’ in SSH:

php -i|grep -i mysqli