Archives

Add a DMARC record to your domain in cPanel

What is DMARC?

According to dmarc.org :

DMARC, which stands for “Domain-based Message Authentication, Reporting & Conformance”, is an email authentication, policy, and reporting protocol. It builds on the widely deployed SPF and DKIM protocols, adding linkage to the author (“From:”) domain name, published policies for recipient handling of authentication failures, and reporting from receivers to senders, to improve and monitor protection of the domain from fraudulent email.

DMARC is a policy with which the sender indicates the message is protected by DKIM and /or SPF. It also tells the receiver what to do with the message if DKIM/SPF authentication fails.

Please check the DMARC resources (from the end of this article) before creating a DMARC record. You can use an online tool to create a DMARC record. Check the DMARC Tools page.

To set a DMARC record for your domain:

  1. Log into cPanel
  2. Navigate to Zone Editor (DOMAINS section)
  3. On the row with the desired domain, click the Manage link
  4. Click the down arrow   from the right of the Add Record button.
  5. Select Add DMARC Record from the drop-down list
  6. Modify any DMARC settings (see below) and click the Add Record button
cPanel DMARC
cPanel DMARC

 

DMARC Settings

Policy Action
None No action is taken; you can use this setting to monitor DMARC
Quarantine Messages will be marked as spam
Reject Messages will be rejected

 

Parameter Settings
Subdomain Policy Action for subdomain policy. Same options as for the main domain policy.
DKIM Mode Relaxed – the system allows some messages from domains that it doesn’t recognize.
Strict – the system will reject all messages from domains that it doesn’t recognize.
SPF Mode Relaxed – the system allows some messages from senders that it doesn’t recognize.
Strict – the system will reject all messages from senders that it doesn’t recognize.
Percentage Default value is 100. It represents the percentage of the email messages you want the system to filter.
Generate Failure Reports When All Checks Fail – report will be send if all checks fail
Any Checks Fail – report will be send if any checks fail
Report Format AFRF – Authentication Failure Reporting Format
IODEF – Incident Object Description Exchange Format
Report Interval The time in seconds between each aggregate email message report. The default value is 86400 (24 hours).

The video tutorial for setting a DMARC record:

 

If you’ve added a valid email for the Send Aggregate Mail Reports To, you will receive a message from receivers that support DMARC, like in the example bellow:

From: noreply@dmarc.yahoo.com
To: admin@plothost.com
Subject: Report Domain: plothost.com Submitter: yahoo.com Report-ID: <1496110592.916792>
In the attachment you will see an XML file with the same name as the zip archive.

<?xml version="1.0"?>	
<feedback>	
  <report_metadata>	
    <org_name>Yahoo! Inc.</org_name>	
    <email>postmaster@dmarc.yahoo.com</email>	
    <report_id>1496110592.916792</report_id>	
    <date_range>	
      <begin>1496016000</begin>	
      <end>1496102399 </end>	
    </date_range>	
  </report_metadata>	
  <policy_published>	
    <domain>plothost.com</domain>	
    <adkim>r</adkim>	
    <aspf>r</aspf>	
    <p>none</p>	
    <pct>100</pct>	
  </policy_published>	
  <record>	
    <row>	
      <source_ip>d02.plothost.com</source_ip>	
      <count>1</count>	
      <policy_evaluated>	
        <disposition>none</disposition>	
        <dkim>fail</dkim>	
        <spf>fail</spf>	
      </policy_evaluated>	
    </row>	
    <identifiers>	
      <header_from>plothost.com</header_from>	
    </identifiers>	
    <auth_results>	
      <dkim>	
        <domain>web.plothost.com</domain>	
        <result>neutral</result>	
      </dkim>	
      <spf>	
        <domain>web.plothost.com</domain>	
        <result>none</result>	
      </spf>	
    </auth_results>	
  </record>	
</feedback>		

Resources:
DMARC Website at https://dmarc.org/overview/
DMARC Tools – record creation, lookup, check etc
Google recommendations for DMARC here
cPanel Zone Editor Documentation

Share this post:

Generate private and public key in cPanel for SSH access

The common way to connect to the server via SSH is to use a username and a password. But to increase security, you can use a pair of keys(a private one and a public one) to connect to the server.

The public key will be on the server. The private key will be on your computer. When you are trying to connect, the server compares the two keys. If they are the right ones, you will be able to access it.

We will show in this post how to generate the pair of keys and connect to your server with PuTTY.

To generate and use public and private keys in cPanel:

1.Log in to cPanel
2.Scroll down to the SECURITY section -> SSH Access

3.Click the Manage SSH Keys button

4.Click the +Generate a New Key button

5.You are now on a page with a title Generating a Public Key. Here, choose:
-Key Name – you can leave the default value
-Key Password – enter the password for the key and confirm it
-Key Type (RSA or DSA) – let the default value
-Key Size (2048 or 4096) – let the default value

cPanel mentions:

RSA vs DSA: RSA and DSA are encryption algorithms used to encrypt your key. DSA is faster for Key Generation and Signing and RSA is faster for Verification.

6.Click the Generate Key button. You will see a confirmation message: Key Generation Complete! with some details:

Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/username/.ssh/id_rsa.
Your public key has been saved in /home/username/.ssh/id_rsa.pub.
The key fingerprint is:
b7:9a:55:59:c1:a7:6a:31:5c:9a:40:50:e9:73:24:a0

7.Click the Go Back link
8.Now you need to authorize the public key. (the Authorization Status is not authorized). Click the Manage link.

9.You will see a message The key with the name “id_rsa” is currently “not authorized” for use when connecting to this account.  Click the Authorize button. The success message is: The key “id_rsa.pub” has been authorized.

10.Click the Go Back link
11.Go to the Private Keys sections and click the View/Download link.

12.Here we will Convert the “id_rsa” key to PPK format. Enter the passphrase and click the Convert button.

13.You will see the key to be used in PuTTY. Click the Download key button and save the file to your computer (the filename is id_rsa.ppk) 

14.Now start PuTTY on your computer and go to Connection->SSH->Auth. Here, browse and select the file you saved at 13. (Private key file for authentication)

15. Click the Open button. PuTTY will connect to the server. Enter the Passphrase when asked.

16.You are now connected to the server 🙂

 
One of the most used SSH programs is PuTTY. Download it from chiark.greenend.org.uk/~sgtatham/putty/
Share this post:

How to change file permissions in cPanel File Manager

In cPanel File Manager you can set permissions for files. This means you can set who can read, write and execute a particular file. Sometimes you will need to change file permissions for a script installation. 

So, to change file permission in cPanel:

  1. Connect to your cPanel account
  2. Go to File Manager (FILES section)
  3. Navigate to the file  (you can also select multiple files)
  4. Click the Permissions link from the top menu
  5. Select the desired file permission in the Change Permission window
  6. Click the Change Permissions button.
cPanel File Manager - Change File Permissions
cPanel File Manager – Change File Permissions

Some common values for file permissions are:

777 – anyone can read, write and execute the file
700 – owner can read, write and execute the file
666 – anyone can read and write the file
644 – anyone can read the file, only owner can write it
600 – only the owner can read and write the file
400 – no one can write the file; only owner can read the file

As usual, the video tutorial:

If you have SSH access to your account, you can change the file permissions by using the command:  

root@web [/]# chmod 400 filename.php
Share this post:

Working with cPanel MySQL Databases

cPanel allows you to easily manage your databases and users.

Necessary steps to add a new database:

  1. Log in to cPanel
  2. Look for MySQL® Databases (DATABASES section)
  3. Look for Create New Database section. Enter your desired database name and click the Create Database button. The database will be created, a confirmations message will be displayed: Added the database “database_name”.

To check/repair a database:

  1. Log in to cPanel
  2. Look for MySQL® Databases (DATABASES section)
  3. Go the Modify Databases section
  4. Select from the drop-down list the database you want to check(or repair).
  5. Click the Check(or Repair) Database button. In case of issue, you will see them. In case everything is fine, a success message will be displayed: Success: Check/Repair Complete!

To add a new user to the MySQL/MariaDB server:

  1. Log in to cPanel
  2. Look for MySQL® Databases (DATABASES section)
  3. Go the Modify Databases section
  4. Look for MySQL Users->Add New User section
  5. Enter the Username and Password.
  6. Click the Create User button. The new user will be created, you will see a confirmation message: You have successfully created a MySQL user named “username”.

To add a user to a database:

  1. Log in to cPanel
  2. Look for MySQL® Databases (DATABASES section)
  3. Go the Modify Databases section
  4. Look for MySQL Users->Add User To Database section
  5. Choose the User and the Database from the two drop-down lists.
  6. Click the Add button.
  7. Choose the privileges you want to give to the user.
  8. Click the Make Changes button.
cPanel Databases
cPanel Databases
Notice that you can use this tool for both MySQL and MariaDB servers.

Related KB: How to use the cPanel MySQL Database Wizard

Share this post:

How to use the cPanel MySQL Database Wizard

With the cPanel MySQL Database Wizard you can easily create a database and set up a user for it.

How to use the MySQL Database Wizard:

  1. Log in to your cPanel account
  2. Go to MySQL Database Wizard (DATABASES section)
  3. Step1. Enter the new database name . Click the Next Step button.
  4. Step2. Enter the Username and the Password you want. (you can use the Password Generator) Click the Create User button.
  5. Step3. Now we need to add the user to the database. Select the privileges you want the new user to have on the database. Select ALL PRIVILEGES.  You can also select specific privileges, as:
    ALTER CREATE CREATE TEMPORARY TABLES
    DELETE EVENT INDEX
    ALTER ROUTINE CREATE ROUTINE CREATE VIEW
    LOCK TABLES SELECT TRIGGER
    DROP EXECUTE INSERT
    REFERENCES SHOW VIEW UPDATE

    Click the Next Step button.

  6. Step 4. Nothing to do here. Everything is completed.
cPanel MySQL Database Wizard
cPanel MySQL Database Wizard

 

The how-to movie:

Related KB: Working with cPanel MySQL Databases

Share this post:
Page 1 of 7
1 2 3 7