Tag Archives: cPanel

Save Website Resources From Potential Misuse Of User Accounts & Unauthorized Access

Leeching occurs when a user of your website shares his login credentials either on a public website or with multiple users in his connection, as a result when multiple users start to access one account in the same timeframe it leads to excessive resource usage, bandwidth overage, security risks, and most importantly the actual risk is the potential misuse of premium memberships sold over the account.

Sangkrit.net cPanel Webhosting, Webhosting Plus, VPS, and Dedicated Server users can easily resolve this issue by enabling the leech protection that helps mitigate such matters by monitoring and limiting the number of IP addresses that can simultaneously access a particular account within a specific time frame.

What Happens When The Leech Protection Is Enabled?
  1. Blocks IP Address: When leech protection is enabled, cPanel tracks the number of IP addresses accessing a specific account within a specified time window.
  2. Exceeding Limit: If the number of IP addresses accessing the account exceeds the configured limit within the designated time frame, cPanel takes action to prevent further access from additional IP addresses.
  3. Blocking Action: Depending on the leech protection settings, cPanel can block access to the account from new IP addresses or redirect them to a specified URL, such as an error page or a page explaining the leech protection policy.
  4. Customization: cPanel allows website administrators to customize the leech protection settings, including the number of allowable IP addresses, the time window for monitoring, and the action taken when the limit is exceeded.
How To Enable Leech Protection On cPanel?

Login to your SANGKRIT.net Account, then visit ‘My Products’ page and open the cPanel of the account on which you want to enable the leech protection.

To enable leech protection for a directory, perform the following steps:

  1. Click Settings, and then select one option from the following:
    • Web Root (public_html or www) — Begin navigation in the document root for the account’s primary domain
    • Document Root — To select the domain that corresponds to the document root in which you wish to begin navigation
  2. Click the Save Changes button
  3. Navigate to the directory that you wish to protect and click the appropriate folder icon to navigate to a different folder
  4. Click the desired folder’s name to select it and a new interface will appear
  5. Enter the maximum number of logins that you wish to allow each user within a two-hour period or such
  6. Enter a URL to which you wish to redirect users who exceed the maximum number of logins within a two-hour period
  7. You may select the Send Email Alert To checkbox and enter the email address to get an alert when Leech Protection activates.
  8. For disabling any account that exceeds the maximum number of logins, simply select the Disable Compromised Accounts checkbox
  9. Click Enable and that’s it

For adding, editing, and deleting the users, you simply need to navigate to a directory that you wish to protect with user-level protection and then click Manage Users to navigate to cPanel’s Directory Privacy interface (cPanel -> Home -> Security -> Directory Privacy) of that folder.

You may disable the leech protection anytime by navigating to the directory where you want to disable it and then simply click the Disable button.

Leech protection helps you maintain the security and stability of your website by preventing excessive resource consumption and potential misuse of accounts. This protection is very useful for websites that are offering restricted content, paid content, membership option, or have any similar scenario where sharing the login credentials could lead to unauthorized access.

Generating Access Hash To Exchange DNS Records On Your Dedicated Server

Access Hash also known as Remote Access Key is used while configuring DNS that can exchange records between servers. this key is also used on automatic account creation scripts and running external software etc.

This lesson guides you on how you can generate a remote access key in your VPS or Dedicated Server.

To start, simply login to your SANGKRIT.net account and follow these steps:

  1. Visit your ‘My Products’ page
  2. Click ‘Servers’
  3. Next to your server, click ‘Manage’
  4. Visit WHM and search remote access key on the left-side menu
  5. Click Generate New Key
  6. The key will be generated

Now you can copy and paste the new access key to the applicable file or place it on the remote server(s) that require to transmit with your web server.

The Access Key Signature includes the first 32 characters of the remote access key, separated by colons (:). This signature can be used for quickly checking whether you used the correct access key on interfaces that display the key in a shortened format.

How To Lock A Directory On Your Dedicated Server?

The directory privacy feature of WHM and cPanel of your dedicated server, VPS, or hosting allows you to secure any web directory from unauthorized access on the web.

You can lock a directory with a username and password so that anyone who attempts to open it must go through its login process. You can secure specific directories on your server. This feature simply modifies htaccess and htpasswd configurations to restrict access to those files on your websites.

To use the feature, simply login to the cPanel of your server and select a directory to manage:

  1. To select a directory, simply click the desired directory’s name
  2. To view and select subdirectories, simply click the parent directory’s name and select the desired subdirectory
  3. To configure the security settings for a directory or subdirectory, simply click the Edit option present under the Actions column
  4. To password protect the selected directory, select the password protect this directory checkbox
  5. Enter a display label for the directory in the enter a name for the protected directory text box
  6. Click the Save button and a confirmation message will appear
  7. Click Go Back to return to the directory’s configuration page

Note,

  • In step number four, to remove the password protection from a directory, simply deselect the Password protect this directory checkbox and save your changes
  • In step number five, This name only functions as a label for the directory. So do not confuse it with the directory’s main name

Next,

Once you have locked your directory by completing the above-given steps, you will need to create a user that can have access to that directory.

To create a user for a directory, your directory must have correct permissions. In case you cannot create a user, then change the directory’s permissions to 0700 using the file manager interface.

To create an authorized user:

  1. On the same page, enter the desired username in the Username text box
  2. Enter and confirm the new password in the appropriate text boxes
  3. Click Save and a confirmation message will appear
  4. Now click Go Back to return to the directory’s configuration page

Remember,

A protected directory’s subdirectories inherit their parent directory’s password protection. The lock icon indicates that Directory Privacy configurations already exist for that specific directory.

It does not protect the directories that users access via FTP, SFTP, Web Disk, and other similar services, or if any user accesses the files locally on the server. This is because when a user accesses secure directories on a server via these specified services, he already goes through the login process so the system doesn’t prompt him for another login.

In case you want to secure your directories and files locally on the server then use the file and folder permission option.

How To Use SANGKRIT.net Business Mail Service On iPhone?

SANGKRIT.net offers you both cPanel Webmail that works from your hosting or dedicated server, as well as Business Class Email, an email service ideal for professional use.

Both types of email accounts can be accessed from your iPhone and iPad touch devices, you can use them just like other email services. The difference is they use your own domain name and all data remains secret and secure on your own server or the webspace you are subscribed to.

Additionally, they offer you more SMTP relays so that you can send more emails without getting banned. These relays can also be subscribed whenever you need more than the number provided to you by default.

To add email on your iPhone:

  1. Go to Settings > Accounts & Passwords and tap Add Account
  2. If you’re using iOS 10.3.3 or earlier, go to Settings > Mail > Accounts and tap Add Account
  3. Tap Other to add your account manually
  4. Enter your name, email address, password, and a description of your account
  5. Tap Next and then it will try to find your email settings automatically
  6. If Mail finds your email settings, tap Done
  7. Your account setup is complete now

In case if it fails to find your email settings, then enter those settings manually, follow these steps:

  1. Tap Next, given on the same screen
  2. Choose IMAP or POP for your new account.
  3. Enter the information for the Incoming and Outgoing Mail Server.
  4. Tap Save to finish

Remember –

In step number two, if you aren’t sure whether your account is IMAP or POP then you can easily find that.

If you are a cPanel user, simply use these settings:

  1. Username – Your email address
  2. Password – Your email account’s password
  3. Incoming Server – mail.[your domain name]
  4. Incoming Ports – IMAP — 143 POP — 110
  5. Outgoing Server – mail.[your domain name]
  6. SMTP (Outgoing) Port – 25 (587 or 80 also works)

Else, for Business Class Email service, use IMAP with the following hostnames:

  1. Use hostname as imap.secureserver.net for the incoming mail server
  2. Use hostname as smtpout.secureserver.net for the outgoing mail server

Finally, Tap Next. Your app will discover your email account.

The most important settings to configure any email on any device is the username, password, incoming server, outgoing server, account type i.e. IMAP or POP, the incoming port number, and the outgoing port number.

Many devices automatically fetch your account settings by using just your email address and password. In case if that doesn’t work for your device then by knowing the above-mentioned details you can easily set up your email account on any computer or mobile device.

How To Use New IP On Your Domain On Dedicated Server?

After subscribing to a new IP address you can add it to your domain on your dedicated server. Simply log in to your SANGKRIT.net account and follow these steps:

  1. Open the products page
  2. Select your server and click manage
  3. On your WHM home page i.e. the main page of your server
  4. Navigate to Add a New IP Address under IP Functions of the side menu
  5. Enter the new IP address and a subnet mask
  6. Click Submit to finish

Remember:

  • In step number five, if you don’t know which subnet mask is to be entered, just contact the online support team
  • In step number six, in case you make a mistake, you can delete the new address in the Show or Delete Current IP Addresses option

As you click the Submit button, the new IP address gets added. Now you can associate it with your cPanel hosting or other domain accounts on your server.

To change an existing site’s IP address to the new one you will need to follow these steps:

  1. Open the List Accounts page from the Account Information menu
  2. Select the domain account you want to change
  3. Click the “+” next to the domain name
  4. Click the Change IP Address button
  5. Select the IP you just added

That’s it. Once you have changed your website’s IP, the site will not be available to the old IP address, and it should also appear offline to the new IP address for sometime.

Configuring SFTP On Your Dedicated Server

SFTP (SSH File Transfer Protocol) is one secure file protocol used to manage, and transfer files over an encrypted transport connection. In comparison to the traditional FTP protocol, it offers all the functionality in a more secure and easier to configure way.

The lesson guides you on how to connect your cPanel account via SFTP (SSH File Transfer Protocol or Secure File Transfer Protocol).

SFTP clients generally require the following information to make a connection to the server. Open your SFTP client and configure it with the following information:

  1. Hostname — Your server’s hostname (for example, hostname.yourdomain.com)
  2. SSH port number — The port number on which sshd listens (for instance, 22)
  3. Security — Whether the client combines FTP and SFTP functionality
  4. Username — The SSH username that the client uses to connect to the server
  5. Password — The SSH user’s password
  6. Private Key — The SSH user’s private key

Lets Make This Easier For You,

  • In step number six, this is the absolute path to a private key on your local machine (for instance, c:\data\id_dsa)
  • In step number four, the username can be a valid cPanel account username or the root user
  • Remember, you cannot use your FTP account to connect via SFTP
  • SFTP is not just FTP over SSH. Instead, it is an entirely separate protocol
  • cPanel users can generate and download a private key via cPanel’s SSH Access interface via cPanel -> Home -> Security -> SSH Access
  • The root users can generate and download a private key via WHM’s Manage root’s SSH Keys interface on a dedicated server or VPS via WHM -> Home -> Security Center -> Manage root’s, SSH Keys

Sometimes, you may see a warning that the host of the server is unknown. To cut back on such situations in the future, accept the key and store it on your local machine.

How To Update Folder & File Permissions On cPanel?

All files have some preset permission that directs the cPanel system on handling different access requests. For instance: The file permission tells the cPanel what files are only readable, or editable, or hidden on your server.

You can change file permissions by performing a few steps. Simply log in to your SANGKRIT.net account and follow these steps:

  1. Open the products page
  2. Select your hosting or server
  3. Open your cPanel account
  4. Scroll down and open the FILE MANAGER
  5. Click Settings to open the Preferences box
  6. Click Permissions on the top toolbar
  7. Now simply use the checkboxes or given text boxes to update the permissions. The setting defaults to 0644
  8. When you are done, click Change Permissions 
  9. Your changes will be saved by the system

Note: You can visually change the file permission by using the tick box. In case, if you are using number code to change file permissions then you should know that:

  1. Zero is no permission
  2. Read permission is r or 4
  3. Write permission is w or 2
  4. Execute permission is x or 1

Where,

  • Read allows users to view and read the file
  • Write allows users to edit and update the file
  • Execute allows users to run the file as a program

But the permissions have a different meaning on folders:

  1. Read enables users to list and view the files in the directory
  2. Write enables users to create, rename, and delete files in the directory
  3. Execute enables users to access the files and folders within the directory

Next to each file permission, there are tick boxes for user groups. It allows you to set what permissions on a file are applied to what group of users. There are three groups given as checkboxes:

  • User means permissions are applied to the owner of the file
  • Group means permissions are applied to other users on the group to which the file belongs to
  • World means the permissions are applied for everyone, this also includes users who are not in the group to which the file belongs to

Read other lessons on cPanel File System.

How To Change The Default Folder Of cPanel File Manager?

You can change the default folder in which the File Manager interface opens, simply login to your SANGKRIT.net account and follow the steps:

  1. Open the products page
  2. Select your hosting or server
  3. Open your cPanel account
  4. Scroll down to select the FILE MANAGER
  5. Click Settings to open the Preferences box
  6. Now select a folder to open by default:
    • Home Directory — This is the main folder for your account
    • WebRoot (public_html or www) — Provides a direct route to your website files
    • Public FTP Root (public_ftp) — Is your FTP files directory
    • Document Root for: — This is the main folder of the domain name that you select from the menu
  7. Select the folder you want the file manager to open by default
  8. Click Save

And you are done.

Read other lessons on cPanel File System.

How To Create, Copy, Or Move Files On cPanel?

The cPanel File Manager allows you to visually copy, create or move files and folders in a few easy steps. Simply log in to your SANGKRIT.net account and follow the steps:

Creating New Files & Folders:

  1. Click + File or + Folder icon given in the toolbar
  2. Enter the name of the new file or folder you are creating
  3. Enter the location where you want your new folder or file to be created
  4. Click Create New File or Create New Folder button

TIP: In step number two, you may also rename any folder or file. Simply click the name, enter the new name. Then, press the Return key and your changes will be saved.

Copying Files & Folders:

  1. CTRL + Click to select the files you want to copy
  2. Click the Copy icon given in the top toolbar of your cPanel
  3. Enter the file path where you want to copy the file
  4. Click the Copy Files button

REMEMBER: You cannot create a copy within the same folder.

TIP: In step number two, alternatively you may right-click and select the copy option from the menu.

Moving Files & Folders:

  1. CTRL + Click to select the file or files that you want to move
  2. Click the Move icon given in the top toolbar of your cPanel
  3. Enter the file path where you want to move the file
  4. Click the Move Files button

TIP: Alternatively, you may also move files by dragging a file to a new destination folder.

Read more lessons on cPanel File System.

How To Configure PHP Directives On Your Server?

PHP allows you to control different aspects of your websites by using directives in php.ini files. These files contain the default configuration for the operation of PHP applications.

By using PHP directives you can control different variables such as upload size, file timeout, and resource limit, etc of websites running on your hosting, VPS, or dedicated server.

To add or edit a PHP directive – Log in to your SANGKRIT.net account and follow these steps:

  1. Open cPanel of your server or hosting option
  2. Navigate to the File Manager interface via cPanel -> Home -> Files -> File Manager
  3. Make sure that hidden files are visible to you or you can enable them via Settings, by ticking the Show hidden files checkbox option
  4. Navigate to the target directory.
  5. Create a new file – click New File / + File button
  6. Enter .user.ini filename
  7. Click Create New File button
  8. Select the new file from the list of files and click Edit
  9. Now enter the PHP directives you wish to adjust for the present directory
  10. Click the Save button

INI files can be configured on per-directory basis and are processed only by the CGI/FASTCGI SAPI. This functionality obsoletes the PECL htscanner extension. If you are running PHP as an Apache module then the .htaccess file will do your thing.

In addition to the main INI file, PHP scans each directory for its INI file. In a case where the PHP file has been kept outside the document root, only its directory is scanned.

How To Scan Your cPanel Account For Security Threats?

The free virus scanner provided on every cPanel hosting, VPS, and the Dedicated Server allows you to scan your account for possible security threats.

To use it, simply login to your SANGKRIT.net account and perform the steps given below:

  1. Select a service to scan:
    • Scan Mail — To scan all of your account’s mail folders
    • Scan Entire Home Directory — To scan your account’s home directory
    • Scan Public FTP Space — To scan all of the publicly accessible folders via FTP services
    • Scan Public Web Space — To scan all of the publicly accessible folders via the web
  2. After selecting a service, click the Scan Now button
  3. Here, the scanning process starts and displays you a new interface with the following information:
    • File — Displays the number of files that the system has scanned as well as the total number of files to be scanned
    • Data — Displays the amount of data the system has scanned as well as the total amount of data to be scanned
    • Scanner Progress — Displays the progress of the scan
    • Infected Files — Displays malicious stuff the scanner has detected

The server may take several minutes to complete the scan. If the scanner identifies a threat, it will prompt you to perform an action. Once the scan is complete, you will be returned to your main Virus Scanner interface.

How To Identify & Fix HTTP Errors Of Your Website?

Every HTTP error has an HTTP code that describes the status of a URL to the client. These three-digit codes include error messages that visitors encounter.

Following are the five classes of HTTP codes divided into categories, by the first digit:

  1. Errors starting with 1, 2, or 3 are fully functional requests
  2. Errors starting with 4 are client-side error, the most common error codes span 400 to 404
  3. Errors starting with 5 are server-side error, the most common error codes span 500 to 510

4xx Errors

These errors show up where there is a problem with the client’s request (web browser etc), but often point to a problem on a website.

For instance: You have a broken link on your website, the client requests it and receives a 404 error page. That is how it works.

To resolve this you can check for broken links on your website. On WordPress this can be either done by a plugin or you can check error pages from cPanel -> Home -> Advanced -> Error Pages.

400 Bad Request

It happens when the user’s request contains an incorrect syntax.

401 Unauthorized

The error shows up when the requested file is a protected one and requires authentication, such as a username and password.

403 Forbidden

In general, this happens when the index file is missing on your server or the root directory is empty, or when you have purchased a new hosting and have not uploaded your website or have not installed WordPress, etc.

Other times, it happens when the server stops the visitor to access the requested file. To resolve this, check for the file’s permission settings. Also see whether the system protects the file in cPanel’s Indexes interface (cPanel -> Home -> Advanced -> Indexes).

404 Not Found

When the server doesn’t find the requested URL. Commonly occurs when a visitor mistypes a URL or you have interlinked to a dead URL.

Managed WordPress users may use a permalink finder plugin to reduce this error to zero.

5xx Errors

Such errors occur when a server fails to full fill an apparently-valid request made by the client. These errors are a little bit complicated because sometimes a chain of servers handles an HTTP request which means that the error may also come from other server.

In WordPress, you can resolve it by testing your themes and plugins as it generally comes from there.

Comment below for any assistance in this regard.

500 Internal Server Error

The error is a result of misconfiguration, especially when the server finds some unexpected condition and fails to gather any information about the real problem it is facing.

501 Not Implemented

Comes when the server does not support the client’s chosen HTTP method. Also, occurs on out-of-date servers. To resolve, try reloading your page, clear the browser cache. Other issues might include viruses or malware or an overload on your server.

502 Bad Gateway

Occurs when proxy servers are badly configured or IP communication between backend systems is poor or when the client’s Internet Service Provider (ISP) is overloaded. May also occur due to imroperly configured firewall functions.

Clearing the client’s (web browser) cache sometimes work in resolving this issue. Other times, you may need to report the issue to an expert. You may also comment here for help.

Try to start a new browser session, restart your system and network, change DNS and clear your cache.

503 Service Unavailable

When a server fails to handle requests due to a temporary overload or when the server is temporarily under maintenance. Generally happens when you update your website’s software. To resolve, simply wait.

504 Gateway Timeout

Comes when a server did not receive a timely response. Can happen temporarily or when your server starts to go out of resources or due to slow communication between upstream servers. To resolve, look for any server connectivity issues, check the requested page code, test your firewall for any faults.

505 HTTP Version Not Supported

When the server refuses to allow the HTTP protocol that the client system specifies. This error generally occurs when the user’s system incorrectly specifies the protocol. To resolve, switch to a modern web browser.

506 Variant Also Negotiates

Means the server is not properly configured. To resolve this issue, contact an expert or research yourself or comment below.

507 Insufficient Storage

Simply means that the server is out of free memory. The error comes when requested application fails to allocate necessary server resources. To resolve this issue, contact an expert or research yourself or comment below.

509 Bandwidth Limit Exceeded

This means that your server has reached its bandwidth limit, and you need more resources. To resolve, wait every time until the limit resets or try reducing your resource usage or upgrade your hosting plan or move to a dedicated server.

510 Not Extended

Shows up when the webserver does not support the extension attached to the HTTP request. To resolve, wait every time until the limit resets, or reduce your resource usage, or upgrade your hosting plan, or move to a dedicated server.

Deploying Java Applications Via Command Line Interface At SANGKRIT.net

There are two interfaces of deploying Java Applications – The file manager interface and the command line interface. SANGKRIT.net hosting and servers provide you cPanel management from where you can deploy your Java applications.

As we have discussed before, many Java applications ship in WAR packages which means Web Application Archive, which can be installed on your server.

Continue reading Deploying Java Applications Via Command Line Interface At SANGKRIT.net

Managing Domain’s Root Directory On Your cPanel Hosting Account

The root directory of your website has the content that loads when visitors access your domain name in a web browser. You need to put your “index file” in your website’s root directory for visitors to see your website, otherwise, it will display the FORBIDDEN page or files and folder archive list.

Website-related applications might also need to know your website’s root directory. Website’s root directory depends on whether the domain name is your primary domain name, addon domain or another type.

  1. Your primary domain name’s root directory is /public_html.
  2. Addon and subdomain names’ root directories were specified when they were set up.

Small hosting plans such as starter and economy allows you to host one domain which by default is your public_html.

Other hosting options that lets you host multiple domains, public_html becomes your primary domain (the domain name used to reference your hosting account) and other domain names are located either in your home directory or public_html or anywhere else with their names as specified while adding them from addon domain section of your cPanel.

For instance: By default addon domain yourname.com would be added as yourname.com folder in your cPanel’s home directory which can be accessed from the File Manager. (The home directory is the folder above the public_html directory on your hosting account.)

How to find Domains listed in cPanel?

Log in to your SANGKRIT.net account and follow these steps:

  1. Click Web Hosting.
  2. Next to the cPanel account you want to use, click Manage.
  3. Click cPanel Admin, in Domains section click the domain type you would like to view or manage.

Click either Subdomains or Addon Domains, depending on the type of domain you’re using. The root directory displays in the Document Root field.

Previewing Your Website On Web Hosting Before You Make It Live On Internet

SANGKRIT.net’s cPanel Hosting allows you to preview a website before actually making it visible to others requesting your domain name.

This can be done using your hosting account’s preview feature which is useful when you are setting up a new website for a domain that is currently active, either in your hosting account or somewhere else.

Continue reading Previewing Your Website On Web Hosting Before You Make It Live On Internet

How To Assign Programmers To Develop Your Website On Your Web Hosting Account?

SANGKRIT.net enables all its outlets and account holders to get help from other outlets, assign programmers to develop website or resolve technical issues on any webhosting account by allowing account owners to give limited level-wise access to other account holders.

Continue reading How To Assign Programmers To Develop Your Website On Your Web Hosting Account?

Starting A Reddit & Hacker News Type Website In Minutes At SANGKRIT.net

Reddit is a social news website where users can submit links or text content under various categories whereas others can read content, comment and can vote on submissions “up” or “down” to organize the posts and determine their position on site’s pages.

On the other hand Hacker News is another popular news submission website with same type of functionality but mainly focuses on computer science and entrepreneurship.

In this lesson you will learn how to start such type of website easily on your domain name.  Continue reading Starting A Reddit & Hacker News Type Website In Minutes At SANGKRIT.net