Posted on

How do I add MX records in my cPanel Advanced Web Hosting plan?

To add MX records in cPanel, please follow these steps:

  1. Sign into your cPanel account.
  2. In the “Mail” section, click on the “MX Entry” icon.
  3. Select a domain from the drop-down menu.
  4. In the “Add New Record” section, set the priority for the new MX entry, keeping in mind that 0 is the highest priority.
  5. In the “Destination” text box, type the hostname of the new mail exchanger. This must be a fully qualified domain name, you cannot specify an IP address here.
  6. Click on the “Add New Record” button to save your changes.

 

To delete an MX entry, please follow these steps:

  1. Click on the “Delete” button next to the appropriate MX entry.
  2. Confirm that the entry should be deleted by clicking the “Delete” button again.

You will need to delete the existing MX record before adding your new MX record.

Posted on

Windspeed Setup

The server needs to have run at minimum 24 hours before the mysql tuning can be performed. Other steps can be performed prior.

MySQL tuning

Direct SSH steps:wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/mysqltuner.pl perl mysqltuner.pl

Make a note to the side about the recommended settings provided and adjust values from the tuner in /etc/my.cnf

service mysql restart

Upgrade MySQL to MariaDB 10.0 or newer.

Apache configuration

From WHM, go to Service Configuration > Apache Configuration > Global Configuration. Adjust the following values accordingly:

Start Servers - 15
Minimum Spare Servers - 15
Maximum Spare Servers - 30
Server Limit - 1024
Max Request Workers - 300
Max Connections per Child - 15000

PHP handler “fcgi” will also help.

.htaccess modification

Add the following to the end of the .htaccess files for domains on the server:

## SPEEDBOOST ##
# Use Mod_deflate to compress static files
<ifmodule mod_deflate.c>
<filesmatch "\.(js|css|ico|txt|htm|html|php)$">
SetOutputFilter DEFLATE
</filesmatch>
</ifmodule>
# Speed up caching
FileETag MTime Size
# Expires
ExpiresActive On
ExpiresDefault "access plus 366 days"
# Future Expires Headers
<filesmatch "\.(ico|pdf|flv|jpg|jpeg|png|gif|js|css|swf)$">
Header set Expires "Sat, 27 Dec 2014 23:59:59 GMT"
</filesmatch>
<IfModule mod_headers.c>
  <FilesMatch "\.(js|css|xml|gz)$">
    Header append Vary: Accept-Encoding
  </FilesMatch>
</IfModule>
AddDefaultCharset UTF-8
DefaultLanguage en-US
SetEnv TZ America/Chicago
ServerSignature Off
<ifmodule mod_php4.c>
 php_value zlib.output_compression 16386
</ifmodule>
## EXPIRES CACHING ##
<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType image/jpg "access plus 1 year"
ExpiresByType image/jpeg "access plus 1 year"
ExpiresByType image/gif "access plus 1 year"
ExpiresByType image/png "access plus 1 year"
ExpiresByType text/css "access plus 1 month"
ExpiresByType application/pdf "access plus 1 month"
ExpiresByType text/x-javascript "access plus 1 month"
ExpiresByType application/x-shockwave-flash "access plus 1 month"
ExpiresByType image/x-icon "access plus 1 year"
ExpiresDefault "access plus 2 days"
</IfModule>
## EXPIRES CACHING ##
## Compression ##
# compress text, html, javascript, css, xml:
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript
<FilesMatch "\.(flv|gif|jpg|jpeg|png|ico|swf|js|css|pdf)$">
Header set Cache-Control max-age=2592000?
</FilesMatch>
<ifModule mod_gzip.c>
  mod_gzip_on Yes
  mod_gzip_dechunk Yes
  mod_gzip_item_include file \.(html?|txt|css|js|php|pl)$
  mod_gzip_item_include handler ^cgi-script$
  mod_gzip_item_include mime ^text/.*
  mod_gzip_item_include mime ^application/x-javascript.*
  mod_gzip_item_exclude mime ^image/.*
  mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.*
</ifModule>
## Compression ##
## SPEEDBOOST ##
Posted on

Updating Intel Gigabit Ethernet drivers

(Redirected from How to: Update IGB / Eth drivers)
Older ethernet drivers may cause packet loss, connection issues, especially on high usage systems, updating the driver will generally correct this. You should always update the eth drivers when you see or receive the following errors:

igb 000:01:00.1: eth1: Reset adapter
igb 000:01:00.1: eth0: Reset adapter
To view the current eth driver, run ethtool -i interface. For example:

# ethtool -i eth1
driver: igb
version: 5.3.5.3
firmware-version: 1.52, 0x800007ae
bus-info: 0000:01:00.1
supports-statistics: yes
supports-test: yes
supports-eeprom-access: yes
supports-register-dump: yes
supports-priv-flags: no
To update the driver, the following should be installed first

/usr/bin/yum -y install gcc* kernel-* man && reboot

After reboot, you can run the below, which will update the eth driver.

/usr/bin/wget https://sourceforge.net/projects/e1000/files/igb%20stable/5.3.5.3/igb-5.3.5.3.tar.gz/download -O /root/igb.tar.gz
tar -xzvf /root/igb.tar.gz
cd /root/igb-5.3.5.3/src/ && /usr/bin/make install
rmmod igb; modprobe igb
Rerun ethtool as in the example above to check that you are now running a new version.

Posted on

Wildcard Subdomains and DNS

How to Create a WildCard Subdomain

    1. Log into cPanel.
    2. Click the Subdomains link in the Domains section.
    3. In the Subdomain field, place an asterisk * symbol there signifying that you are creating a wildcard subdomain.
    4. Choose the domain you want to create a wildcard subdomain for in the Domain section.
    5. The Document Root field will automatically generate a path for your wildcard subdomain. You can change the path as needed.
    6. Click the Create button.

      You will then see a success message to confirm the subdomain was setup.

Congratulations! You have now successfully set up your account for wildcard domains. You still may need to modify your .htaccess file. If you have set up wildcard subdomains for WordPress Multisite, it will automatically configure the .htaccess file for you.

Posted on

How to avoid WordPress shared hosting high CPU problems

WordPress is the most popular CMS on the web and very easy to use with a great ecosystem of plugins. CPU related errors are quite common for those using WordPress on a shared host. Most webmasters complain that their web host account has been suspended due to excessive CPU usage. This can happen even if your site isn’t receiving unusually high traffic, which most people find very confusing.

CPU usage usually depends on the amount of request that your server receives. Besides, it may also depend on the number of people accessing your site/blog at the same time. Whatever the reason may be; your objective is to reduce CPU usage.

CPU Time on Single CPU Multi Tasking System (Photo credit: Wikipedia)

 

Following are the top 10 tips to keep your CPU usage minimal:

#1. Remove unwanted Plugins

When it comes to WordPress, plugins consume maximum resource. Moreover, with time, plugins can become unresponsive. Often, they may not tally with your present WordPress version also. Hence, it is recommended to install reliable plugins and remove the ones that are no more in use. Using too many plugins overloads the server. Avoid using poorly coded plugins and deactivate the unnecessary ones.

#2. Update to the Latest version plug-ins

Updating plugins is not a cakewalk. The update process may bring along a number of bugs, particularly if you have up have upgraded to the advanced WordPress version but have forgot to keep pace with new developments. However, ensure to check the plug-in discussion groups as well as forums to ensure that it’s fine to update. Updates often pop-up on your screen however, read the pop-up message carefully before clicking the update version.

#3. Routine Database Tables Optimization

To keep things running smoothly, you need to log onto PhpMyAdmin on a routine bases and optimize the database tables. Unoptimized data tables can overload the server. More over, the CPU usage is also more for reading unoptimized data tables. Besides data table optimization, you can also delete spam/unapproved data.

#4. Concentrate on the themes

Themes may also add to high CPU usage. Hence, the moment you realize that too many themes have piled up, try updating or changing them. The more stylish themes you choose, the more loaded the CPU is. Simpler or optimized themes work better and don’t consume much resource. Some themes may come with plugins; in that case you should update the plugins as well. Prefer using a light them that has fewer queries.

#5. WordPress Upgradating and Caching

Are you still laid behind with the older WordPress version? Well, if that is so then it is high time you upgrade to an advanced and latest version. Most of us ignore the idea of upgrading WordPress just because it works perfectly. An upgradation helps because the newer versions are better in terms of security and optimization.

You may also install WordPress caching program. Caching archives each web page on your site. This lowers server load as it doesn’t require sending multiple queries to the database for generating multiple pages.

#6. Reduce widgets

There may be certain widgets that aren’t essential. Check them thoroughly and remove the ones that may not be beneficial for the readers. The more widgets you use the more strain you are enforcing on the server. Hence, to lower server load and CPU usage, get rid of unwanted widgets.

#7. Lower PHP or Database calls

PHP scripts and database calls also consume a lot of CPU resource. Caching your sites helps but certain database/PHP calls cannot be avoided. Hence, you should go through the plugins documentation carefully and disable the unnecessary options.

#8. Lower load on index.php file

At peak hours, your homepage may create a load on your server during the peak hours. To lower this load, ensure keeping your homepage simple. Try to lower the number of posts on your homepage and remove unwanted files, links and high resolution images. It would be even better if you choose a CDN service like Cloudfront

#9 Disable WP-Cron

Disable WP-Cron or change to a scheduled task to run every hour. This will greatly reduce your CPU usage. WP-Cron manages all your scheduled events so it is continually active on many sites when it isn’t necessary.

#10 Avoid plugins that use excessive CPU load.

These are often backup and security pluggins. These functions are best being offered by a quality host provider that has integrated solutions.

There are a number of server monitoring tools available to assist with this. Whilst we can’t vouch for the product we thank Monitoringscout for the contribution to this article.

Posted on

Excessive Disk usage by MySQL Bin-logs

Please do not just delete them in the OS!!!

You need to let mysqld do that for you. Here is how mysqld manages it:

The file mysql-bin.[index] keeps a list of all binary logs mysqld has generated and auto-rotated. The mechanisms for cleaning out the binlogs in conjunction with mysql-bin.[index] are:

PURGE BINARY LOGS TO 'binlogname';
PURGE BINARY LOGS BEFORE 'datetimestamp';

These will clear all binary logs before the binlog or timestamp you just specified.

For example, if you run

PURGE BINARY LOGS TO `mysql-bin.000223`;

this will erase all binary logs before mysql-bin.000223.

If you run

PURGE BINARY LOGS BEFORE DATE(NOW() - INTERVAL 3 DAY) + INTERVAL 0 SECOND;

this will erase all binary logs before midnight 3 days ago.

If you want to have binlog rotated away automatically and keep 3 days woth, simply set this:

mysql> SET GLOBAL expire_logs_days = 3;

then add this to /etc/my.cnf

[mysqld]
expire_logs_days=3

and mysqld will delete them logs for you

SHOW SLAVE STATUS\G

This is critical. When you run SHOW SLAVE STATUS\G, you will see two binary logs from the Master:

  • Master_Log_File
  • Relay_Master_Log_File

When replication has little or no lag these are usually the same value. When there is a lot of replication lag, these values are different. Just to make it simple, choose whatever Relay_Master_Log_File is, and go back to the Master and run

PURGE BINARY LOGS TO 'Whatever Relay_Master_Log_File Is';

That way, replication is not interrupted.

Give it a try!!!

Posted on

Setting, Changing And Resetting MySQL Root Passwords

This tutorial explains how you can set, change and reset (if you’ve forgotten the password) MySQL root passwords. Time and again I see problems like mysqladmin:  connect to server at ‘localhost’ failed error: ‘Access denied for user ‘root’@’localhost’ (using password: YES)’. So I thought it’s time to remind you how to solve MySQL related password problems. If you are just looking for a quick fix how to reset a MySQL root password you can find that at the bottom of this tutorial.

 

mysqladmin Command To Change Root Password

Method 1 – Set up root password for the first time

If you have never set a root password for MySQL, the server does not require a password at all for connecting as root. To set up a root password for the first time, use the mysqladmin command at the shell prompt as follows:

$ mysqladmin -u root password newpass

If you want to change (or update) a root password, then you need to use the following command:

$ mysqladmin -u root -p oldpassword newpass

Enter password:

If you get…

mysqladmin: connect to server at ‘localhost’ failed
error: ‘Access denied for user ‘root’@’localhost’ (using password: YES)’

then follow the instructions below on how to recover your MySQL password.

 

Change MySQL password for other users

To change a normal user password you need to type:

$ mysqladmin -u user-name -p oldpassword newpass

 

Method 2 – Update or change password

MySQL stores usernames and passwords in the user table inside the MySQL database. You can directly update a password using the following method to update or change passwords:

1) Login to the MySQL server, type the following command at the shell prompt:

$ mysql -u root -p

2) Use the mysql database (type commands at the mysql> prompt):

mysql> use mysql;

3) Change password for a user:

mysql> update user set password=PASSWORD(“newpass”) where User=’ENTER-USER-NAME-HERE’;

4) Reload privileges:

mysql> flush privileges;
mysql> quit

This method you need to use while using PHP or Perl scripting.

 

Recover MySQL root password

You can recover a MySQL database server password with the following five easy steps:

Step # 1: Stop the MySQL server process.

Step # 2: Start the MySQL (mysqld) server/daemon process with the –skip-grant-tables option so that it will not prompt for a password.

Step # 3: Connect to the MySQL server as the root user.

Step # 4: Set a new root password.

Step # 5: Exit and restart the MySQL server.

Here are the commands you need to type for each step (log in as the root user):

Step # 1 : Stop the MySQL service:

# /etc/init.d/mysql stop

Output:

Stopping MySQL database server: mysqld.

Step # 2: Start the MySQL server w/o password:

# mysqld_safe –skip-grant-tables &

Output:

[1] 5988
Starting mysqld daemon with databases from /var/lib/mysql
mysqld_safe[6025]: started

Step # 3: Connect to the MySQL server using the MySQL client:

# mysql -u root

Output:

Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 1 to server version: 4.1.15-Debian_1-log

Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.

mysql>

Step # 4: Set a new MySQL root user password:

mysql> use mysql;
mysql> update user set password=PASSWORD(“NEW-ROOT-PASSWORD”) where User=’root’;
mysql> flush privileges;
mysql> quit

Step # 5: Stop the MySQL server:

# /etc/init.d/mysql stop

Output:

Stopping MySQL database server: mysqld
STOPPING server from pid file /var/run/mysqld/mysqld.pid
mysqld_safe[6186]: ended

[1]+  Done                    mysqld_safe –skip-grant-tables

Start the MySQL server and test it:

# /etc/init.d/mysql start
# mysql -u root -p

Posted on

Despite revoked CA’s, StartCom and WoSign continue to sell certificates

As it stands, the HTTPs “encrypted web” is built on trust. We use browsers that trust that Certificate Authorities secure their infrastructure and deliver TLS certificates (1) after validating and verifying the request correctly.

It’s all about trust. Browsers trust those CA root certificates and in turn, they accept the certificates that the CA issues.

(1) Let’s all agree to never call it SSL certificates ever again.

Revoking trust

Once in a while, Certificate Authorities misbehave. They might have bugs in their validation procedures that have lead to TLS certificates being issued where the requester had no access to. It’s happened for Github.com, Gmail, … you can probably guess the likely targets.

When that happens, an investigation is performed — in the open — to ensure the CA has taken adequate measures to prevent it from happening again. But sometimes, those CA’s don’t cooperate. As is the case with StartCom (StartSSL) and WoSign, which in the next Chrome update will start to show as invalid certificates.

Google has determined that two CAs, WoSign and StartCom, have not maintained the high standards expected of CAs and will no longer be trusted by Google Chrome, in accordance with our Root Certificate Policy.

This view is similar to the recent announcements by the root certificate programs of both Apple and Mozilla.

Distrusting WoSign and StartCom Certificates

So Apple (Safari), Mozilla (Firefox) and Google (Chrome) are about to stop trusting the StartCom & WoSign TLS certificates.

From that point forward, those sites will look like this.

With Mozilla, Chrome & Safari, that’s 80% of the browser market share blocking those Certificate Authorities.

Staged removal of CA trust

Chrome is handling the update sensibly, it’ll start distrusting the most recent certificates first, and gradually block the entire CA.

Beginning with Chrome 56, certificates issued by WoSign and StartCom after October 21, 2016 00:00:00 UTC will not be trusted. [..]

In subsequent Chrome releases, these exceptions will be reduced and ultimately removed, culminating in the full distrust of these CAs.

Distrusting WoSign and StartCom Certificates

If you purchased a TLS certificate from either of those 2 CAs in the last 2 months, it won’t work in Chrome, Firefox or Safari.

Customer Transparency

Those 3 browsers have essentially just bankrupted those 2 CA’s. Surely, if your certificates are not going to be accepted by 80% of the browsers, you’re out of business — right?

Those companies don’t see it that way, apparently, as they still sell new certificates online.

This is pure fraud: they’re willingly selling certificates that are known to stop working in all major browsers.

Things like that piss me of, because only a handful of IT experts know that those Certificate Authorities are essentially worthless. But they’re still willing to accept money from unsuspecting individuals wishing to secure their sites.

I guess they proved once again why they should be distrusted in the first place.

Guilt by Association

Part of the irony is that StartCom, which runs StartSSL, didn’t actually do anything wrong. But a few years ago, they were bought by WoSign. In that process, StartCom replaced its own process and staff with those of WoSign, essentially copying the bad practices that WoSign had.

If StartCom hadn’t been bought by WoSign, they’d still be in business.

I’m looking forward to the days when we have an easy-to-use, secure, decentralized alternative to Certificate Authorities.

Posted on

How to Change Your Password on a Remote Desktop Server

Changing your password on your local PC is easy. Pressing the <CTRL> + <ALT> + <DEL> key combination brings up a task menu which allows you to change your password (as well as other common administrative tasks). When you’re connected to a Remote Desktop server and press the <CTRL> + <ALT> + <DEL> key combination, you will still see this task menu for your local PC, not the remote server.So how can you change your password when connected to a Remote Desktop server? Well the smart folks at Microsoft thought about that very question and have come up with a couple of solutions.

 

Method #1

While logged into a Remote Desktop session, press the <CTRL> + <ALT> + <END> key combination. This will launch the same task menu, but on the remote server instead of on your local PC. Now you can click on the Change a Password menu option to change your password on the remote server

 

Method #2

From the Start Menu type the word: password. This will query the Start Menu for anything related to passwords. From the query results select the item called Change your Windows password. You will now have an option to change your password to the remote desktop server.

Posted on

Transferring Emails from your old host to your new host

In this article we’ll go over how to move emails from a previous host to your new host. If your previous hosting provider uses cPanel, this article will not apply as your emails will be moved over with your full cPanel backup.

How to move your emails from one server to another

The steps involved will depend on whether or not you use POP3 or IMAP to check emails at your previous host. If you’re not sure which connection you use, you can check your email settings in your email client to determine which type of connection you use.

POP3

If you use a POP3 connection when checking emails on your previous host, your emails are downloaded to your local computer. You will not have to follow any steps to move emails as they are already on your computer. You will want to take a look at the section below on how not to lose emails when you point your domain to our Nameservers.

IMAP

There are more steps involved when you use IMAP because emails are stored on the server and aren’t actually downloaded to your local computer; so the emails will actually need to be moved over from that server to your new server. If you have a lot of email addresses, this will be a tedious process you will need to go through for each email account.

How not to lose emails during propagation time after a Nameserver change

When you have completed your website migration, the last step is to update your domain’s Nameservers. After propagation, emails will be routed to the new server, but during the 4-24 hours it can take for DNS propagation some emails will go to the new servers and some email will go to your old server. Fortunately, we have two recommendations to keep you from missing emails during that time:

  1. Before you point your domain to our Nameservers, create a forwarder at your previous host that forwards emails to an email that’s not on the same domain you are moving to your new Hosting (e.g. gmail, yahoo, hotmail or another domain at which you receive emails).
  2. Check email at your old host using their webmail interface. You will want to make sure you use a temp url or similar url that specifies the server name in the url instead of example.com/webmail or webmail.example.com.

Modifying your MX Records

Some people use third party companies for their email and thus will not be pointing to our nameservers for email services. If this is your case, you will want to make sure that your