Managing Account Bandwidth in WHM

Adjusting account bandwidth limits in WHM is very similar to the process used when editing an account in WHM. While you can adjust bandwidth limits via multiple locations, it’s usually best to use the modify account page. Changing the settings and limits of a cPanel account from WHM is a simple process and only takes a few moments.

  1. With WHM open (a) type ‘list’ into the search box, this will sort the menu options for you. Then (b) find and click “List Accounts”.
    manage-bandwidth-whm-pt1
  2. Now on the “List Accounts” page, (a) enter the domain, or username, into the search box . Then (b) click “Find”.
    manage-bandwidth-whm-pt2
  3. Select the account you want to adjust by clicking the “[+]” button.
    manage-bandwidth-whm-pt3
  4. In the expanded section, find and click the button labeled: “Modify Account”.
    manage-bandwidth-whm-pt4
  5. Now on the “Modify an Account Page”, you will find ‘Monthly Bandwidth Limit’ under “Resource Limits”. Adjust this limit as required.

  6. When you finish making changes click the “Save” button, found at the page end.
    manage-bandwidth-whm-pt6
  7. Depending on the server you may see a pop-up about “Package Conflict Resolution”. If this shows up when saving, you can select “Keep this account on package {package name}”.
    manage-bandwidth-whm-pt7

    Even though the text in WHM says “(not recommended)” this option is the least destructive. The other options may change packages that other accounts use.

Troubleshooting email in WHM

In this article we will go over the process used to investigate Email delivery issues on a WHM server. This can be helpful when a user is having issues receiving or sending Emails. The Mail Troubleshooter tool provided in WHM works by tracing the route an Email would take when sent to the provided Email address.

  1. With WHM opened in your browser, (a) type ‘Mail Troubleshooter’ into the search box. This will sort the menu options for you, (b) now find and click “Mail Troubleshooter”.
    troubleshoot-email-pt1
  2. Now on the Mail Troubleshooter page you should see a text box labeled as “Email to trace”. Enter the Email address you wish to trace here.
    troubleshoot-email-pt2
  3. Once you click Submit, you will be on the results page.
    troubleshoot-email-pt3

The example above shows a working configuration for a Gmail based email address. If the results show no errors the issue is likely related to improper Email client settings.
Below you will find an example of results showing errors, the issue here is that the domain has DNS problems and is not able to be resolved.

troubleshoot-email-pt4

Enabling DomainKeys Identified Mail (DKIM)

DomainKeys Identified Mail (DKIM) is a way to attach an encrypted digital signature to your email. Like adding an SPF record to your server, DKIM helps prevent email spoofing. Email spoofing is when spammers send email that looks like it’s coming from your email address. Spammers spoof your address to make it more likely that recipients will open spam emails, less likely that messages will be marked as spam, and harder to find the true spam source. If your address is spoofed, your server could get flagged as a spam server and you can have trouble sending legitimate mail, even if you aren’t doing anything wrong. This is commonly known as having a bad mail reputation.

Outgoing DKIM works by generating an encrypted digital signature that is attached to email messages sent by your server. This signature is generated using a public key you save as a DNS record. Theoretically, only you have access to your DNS records, so mail signed using this key should be unmodified and verified as coming from your server. If you don’t use your server to send mail, adding DKIM records to your server will have no effect on your mail reputation.

Using Plesk?

DKIM is not natively supported in Plesk 12. Instead, Plesk uses DomainKeys. If you’d like to use DKIM, it is supported with certain Plesk MailEnable plans. If you specifically need DKIM, contact our Heroic Support team to learn more about MailEnable.

There are three parts to enabling DKIM:

Generating Your DKIM Key

On a cPanel server, generating a DKIM key is easy! cPanel does it for you.

  1. Log into the cPanel account with email accounts where you’d like to enable DKIM. DKIM records are tied to a domain, you each domain you email from will need its own record.
  2. Scroll down to Email and click on Authentication.
    dkim1
  3. On the Email Authentication page, you’ll see two different methods: DKIM and SPF. We recommend using both, but this walkthrough will only cover DKIM. We have a separate article on SPF records. In the DKIM section, click Enable if DKIM is disabled.
    dkim2
  4. Once you enable DKIM, you’ll see a field that shows your current raw DKIM record. This is the public key you need to add to your DNS records. It should look something like this:

    default._domainkey IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGm4KfaLQsOiNqfNGT0DDa+XE+TmIyr03F3/AMU8SXFwgItBU/PikYTmIyr07yhQoqlPrSL27l8XHf8AMIIB1LtxU2/490wRkuu9ZorEjRkIXSbev1GyAinBQNa5Rln2S+8AMIIBhZzfkNw7panbVJ0HPREiZAJ5TQEX1LjTqB/nArmNaMXaRUCwmYzGY45z8" eW2BJMM7Ftsj3nOTmIyr0LFSL27l8OaMDdcvpCglrFWoF1dXA78ORuvMSL27l8A5+UWRFBQ4NP6awWYj2LTSyeNeTlafawRk2B3C/dNcwpoLjz3T1wBHctcLnuC13+nMzzyUtgIVgz/7Ka8AMIIBQIDAQAB\;

Copy this record and paste it into a text document to prepare for the next step: adding your DKIM record to DNS.

Adding Your DKIM Key to DNS

Now that you’ve generated your DKIM record, you need to add it to your DNS records. These directions are different depending on where your DNS is hosted:

If you don’t know where your DNS is hosted, read our article on how to find out first!

Your DNS Is Hosted at Liquid Web

If you are using Liquid Web’s nameservers, you can update your DNS records right in your Liquid Web account. Liquid Web’s nameservers are:

  • ns.liquidweb.com
  • ns1.liquidweb.com
  • ns.sourcedns.com
  • ns1.sourcedns.com

As long as your domain is using one of these nameservers, you’re good to go!

  1. Before you begin to add your DKIM record to your Liquid Web account, there is a small amount of formatting to do. The text portion of your DKIM record should look similar to this:
    "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGm4KfaBhFDhZzfkNw7pan+XE+TmIyr03F3/AMU8SXFwgItBU/PikYlddmgf7yhQoqlPrUMEqPZXHfIE8uGg1LtxU2/490wRkuu9ZorEjRkIXSbev1GyAinBQNa5Rln2S+AeBhFDhZzfkNw7panbVJ0HPREiZAJ5TQEX1LjTqB/nArmNaMXaRUCwmYzGY45z8" eW2BJMM7Ftsj3nOPYRbYxLFCzroSSOaMDdcvpCglrFWoF1dXA78ORuvMSL27l8A5+UWRFBQ490wRkuu9ZorEjRNeTlafawRk2B3C/dNcwpoLjz3T1wBHctcLnuC13+nMzzyUtgIVgz/7KaGQv5rnQIDAQAB\;
    Some punctuation needs to be removed to format this record correctly.

    • Remove the quotation mark at the beginning of the record.
    • Remove the space and quotation mark in the middle of the record.
    • Remove the slash and semicolon at the end of the record.

    With those few edits, you’re all set to load your DKIM record into your Liquid Web account.

  2. Log into your Liquid Web account.
  3. In the left navigation menu, click on Domains.
  4. The Domains Dashboard has three tabs along the top. Click on DNS.
  5. Scroll down to Current DNS Zones and click the [+] next to the domain where you’re adding the DKIM record. You’ll see a list of your current DNS records. At the bottom of that list, click on Add a New Record. Now, you can follow the steps you’d normally use to add a DNS record.
  6. The first field in your new record is for the subdomain. In this field, enter the first part of your record:
  7. The second field is the time to live, or TTL. This is how quickly new changes will take effect. You can match this to your other DNS records.
  8. Now, choose TXT from the Type dropdown menu.
  9. The last field is the data field. Here you’ll copy and paste the rest of the record cPanel created for you.
  10. Click the green checkmark to save your DNS record.

Now that your DKIM record has been added, all that is left is to add a TXT policy record.

Your DNS is hosted on the same server as your email

If you are using private nameservers on the same server as your email, cPanel will set up your DKIM records automatically! So, once you follow the steps to auto-generate your DKIM record, they are automatically added to your DNS zone in WHM. Just confirm they are correct in WHM:

  1. Log into WHM.
  2. In the search bar above the left navigation, search for “DNS.” Then, click on Edit DNS Zone.
  3. Click on the domain where you auto-generated the DNS record in cPanel, then click Edit.
  4. Scroll down and check to see that your DKIM records are included. If they are, you’re all set!
  5. If the SPF record isn’t there, simply add a new record by copying and pasting the DKIM record information into a new TXT record.

Now that your DKIM record has been added, all that is left is to add a TXT policy record.

Your DNS is hosted with another company

If you registered your domain at another company and host your DNS there, you log into your account with that company to manage your DNS. Find their DNS record editor and enter your DKIM record according to their specifications.

Now that your DKIM record has been added, all that is left is to add a TXT policy record.

Adding a TXT Policy Record

A policy record is a DNS TXT record that talks more generally about DKIM on your server. It shows your server uses DKIM verification and makes DKIM work more smoothly. A policy record is just one more DNS record. Wherever you added the DKIM DNS record, you’ll also add the policy record.

There are different tags that make up the text of a policy record:

  • t=y; tells other servers your domain is testing DKIM. This means if your DKIM isn’t working properly, other servers are less likely to reject your email.
  • o=~; means that some of your mail is signed by DKIM, but not necessarily all. o=-; means all your mail is signed by DKIM. So, if another server receives a message that isn’t signed, it will be rejected.
  • n=your information here; is a note. It doesn’t affect DKIM, but you can use it to explain more about your specific DKIM. This will show up in error logs if something DKIM verification fails.
  • r=postmaster@mysite.com; is the responsible email address for this domain. Use an email address you can access on your server.

Most likely, your policy record will look like this:

_domainkey IN TXT "t=y; o=~; n=Interim Sending Domain Policy; r=postmaster@mysite.com"

Using t=y; and o=~; will help your email be delivered even if the DKIM signature gets broken in transit from your server to the receiving server. Of course, replace “postmaster@mysite.com” with the responsible email address.

Entering your policy record is the exact same procedure as entering any other DNS record. Wherever you entered your domain-specific DKIM record is also where you should enter your policy record: either in your Liquid Web account interface, in WHM, or in the control panel of your external DNS provider

You’ve successfully created a DKIM record for your domain! You can check to make sure it’s working by sending a test message from a domain email account to check-auth@verifier.port25.com. You don’t have to include a subject or any body text. You’ll receive an automated reply with the status of DKIM, as well as other services you may have.

Where Is My DNS Hosted?

From time to time, you’ll have to make changes to your DNS records. For example, if you change IP addresses, your DNS A records will change. You’ll also change DNS if you want to add SPF records to help email authentication. For these changes to work properly, it’s vital to know where DNS is hosted.

DNS is always hosted at your domain’s authoritative nameservers. Your authoritative nameservers, and therefore your DNS, can be in three places:

  • Liquid Web’s nameservers
    • ns.liquidweb.com
    • ns1.liquidweb.com
    • ns.sourcedns.com
    • ns1.sourcedns.com
  • Your private nameservers on your server or another server you control
    • Ex.: ns.mysite.com
  • Where you registered your domain name
    • Ex.: Enom, GoDaddy, Namecheap, etc.

If you are using Liquid Web’s nameservers, you can update your DNS records in your Liquid Web account interface. If you use private nameservers on your server or another server, you can update DNS records in the control panel for your server (most likely WHM or Plesk, sometimes cPanel for SPF records). If your nameservers are where you registered your domain name, you’ll need to log into your account at that registrar and edit DNS there.

Either way you check your domains authoritative DNS you should always remember, if you don’t update DNS in the right place it wont take effect. This could mean your websites won’t load properly and can cause unnecessary downtime.

Discovering Where DNS Is Hosted – Web

If you aren’t comfortable using your terminal program to look up WHOIS information, use an online WHOIS checking tool.

Discovering Where DNS Is Hosted – CLI

You can easily find out where your DNS records are hosted using your server’s WHOIS entries.

  1. Launch your terminal program. Every operating system (Windows, Mac, and Linux) has a terminal program: use your computer’s search function to look for “terminal,” then open the terminal program you find.
  2. In the terminal window, type:
    whois mysite.com
    and press Enter. Be sure to replace “mysite.com” with your site’s domain.
  3. You’ll start seeing a lot of information about your domain, including where it is registered and the nameservers you’re using.
    Domain Name: LIQUIDWEB.COM
    Registrar: NETWORK SOLUTIONS, LLC.
    Sponsoring Registrar IANA ID: 2
    Whois Server: whois.networksolutions.com
    Referral URL: http://networksolutions.com
    Name Server: NS.LIQUIDWEB.COM
    Name Server: NS1.LIQUIDWEB.COM
    Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
    Updated Date: 04-aug-2016
    Creation Date: 05-aug-1997
    Expiration Date: 04-aug-2026
  4. Look specifically at the Name Server listing. In this example, you’ll see liquidweb.com uses Liquid Web’s nameservers. You might also see your own server listed as the nameserver (ns.mysite.com) or a domain registrar listed as the nameserver. This information tells you where you will be editing your DNS records:
    • If you use Liquid Web nameservers: edit your DNS records in your Liquid Web account.
    • If you use private nameservers: edit your DNS by logging into cPanel and searching for “Edit DNS Zone.”
    • If you use a different registrar’s nameservers: edit your DNS records by logging into your account at your registrar.

Understanding the Default WordPress .htaccess

When maintaining a WordPress site you may find yourself attempting things that normally would work and find that they have unexpected results. This is usually due to how WordPress’ default .htaccess rules manipulate the configurations and provide ‘pretty permalinks’.

This article is directly applicable to WordPress on an Apache based server. For WordPress Multi-site or other web servers (Nginx, IIS, etc) please review the official WordPress documentation as rules and configurations may differ.

The Default Rules

The default WordPress .htaccess rules are responsible for how WordPress is able to support ‘pretty permalinks’. Without these rules in place, WordPress permalinks would not resolve correctly. This feature allows your URLs to look much cleaner and more readable without over complicating or cluttering your website’s files structure.

The default rules look as follows:

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

To break down what these rules are defining we’ll start at the top and work our way down.
  • First, you see a comment as indicated by the hashtag; this symbol `#` is used to denote a comment in .htaccess files.
  • Next you see an opening brace for Apache’s internal “IfModule” function; this specifies that the contained rules should only be used with the “mod_rewrite” module for Apache.
  • The Rewrite module is enabled.
  • The RewriteBase is declared; this defines the ‘root’ folder that should be applied to rewrite rules.
  • The next line is the first rewrite rule, this rule defines that if an “index.php” file is specifically called then no rewrite is needed.
  • The next two lines are both defining rewrite conditions; these conditions are specifying that if no file or folder can be found at the given URL the next rule should be applied.
  • Finally, the last rewrite rule before the close brace is for the “IfModule”. This rule will only be applied if no file or folder can be found for the URL. If that occurs, the request will be passed to WordPress before providing the client a response.

While this breakdown may be enough of an explanation for some, this is still a very complex chain of rules. The rules are best described and summarized as this: “If Apache itself cannot find the file or folder requested then the request should be dealt with by WordPress directly.”

An interesting result of this is that technically all WordPress pages are a 404 result in the context of Apache and only until PHP and WordPress receive the request can any content be resolved for a response.

Tips for Custom Rules

There usually is not a consistent cause for issues experienced when dealing with .htaccess rules on a WordPress site. As the cause can fluctuate from site to site, and even rule to rule, it’s hard to provide an extensive explanation for the issues. It is also important to note that plugins and themes can also affect how certain rules are managed as well.

A common rule that causes odd behaviour and provides mixed results usually relates to allowing access based on specific IP address. These rules usually look like:

<Files wp-login.php>
Order deny,allow
Deny from all
Allow from 198.11.109.98 localhost
</Files>

The rule above will deny all IPs access to wp-login.php unless the IP is listed in the ‘Allow from’ line. While it should work by default, occasionally this can cause issues. If it does, the usual fix is to define the error documents. This would look like:

ErrorDocument 401 default
ErrorDocument 403 default
<Files wp-login.php>
Order deny,allow
Deny from all
Allow from 198.101.159.98 localhost
</Files>

Having these error documents defined explicitly will ensure that when an unapproved IP attempts to access the page they are rejected and are sent a proper error page.

As there are various issues that can come up and each has their own solution, we simply cannot cover them all here. If you believe you are experiencing configuration issues related to those rules mentioned here feel free to contact our Heroic Support®.

Import Emails with Webmail on a cPanel Server

When it comes to importing Emails on to a cPanel based server, using Webmail is the easiest method. Currently cPanel-based servers offer three different webmail interfaces [Horde, Squirrel Mail, and RoundCube] for viewing and managing email accounts without the need to setup an email client. This tutorial will focus on how to import emails from your server by utilizing the Horde Webmail interface.

While RoundCube does support email importing, it only allows you to do so with a single email at a time. This may not be an issue for some, but when working to import a large number of emails, this can be an inconvenience. Horde, on the other hand, allows the importing of entire folders, which can speed things up when working to import in bulk.

Pre-flight Checklist

  • These instructions are intended specifically for a managed Liquid Web server with cPanel.
  • The Horde Webmail interface must not be disabled on the server.
  • Access to the cPanel which owns the email address will be necessary.

Import Emails with Horde Webmail

For importing emails via Horde the process is largely the same as when exporting. You will need to start the same by opening the webmail interface for the email account. Once you are logged into the email address and have horde open you can proceed with the importing directions below.

Our example for importing continues from the examples set in exporting found above. Though, in this example we are using a different email account that is currently empty of any Emails.
    1. From the Horde interface of the account you wish to import to, right click the folder you would like emails imported to. We will use the Inbox.

Email Import - Horde Folder Menu

    1. From the folder drop down menu select “Import”

step-two

    1. You will now see a popup to select the file for uploading, select the file by clicking ‘Browse’ to use the file picker.

Email Import - Horde File Select

  1. With a file selected click the “OK” button and Horde will begin the upload and import. After clicking OK you should return to the main Horde interface, there you will begin to see the imported emails to populate.

With this step complete you can now see that the emails were imported. You can see this below by comparing the two screenshots:

Email Export - Horde Interface

Import Results