cPanel Newbie Guide for the new Server Administratior

The cPanel basics is a guide directed towards
users who already have cPanel currently installed, and configured on their dedicated
webservers. If you do not have cPanel installed, or do not have a cPanel dedicated
server please visit to purchase cPanel &/Or a dedicated server.
Before you can do anything in cPanel or WHM you have to understand how to login
to them. WHM is the “administration” area for cPanel accounts. In WHM you will
add domains
/accounts (cPanel accounts), and in the “root” WHM account you can
add reseller accounts as well. WHM stands for Web Host Manager.

Login to WHM

  • Non-Secure


  • Secure

    Login to cPanel

  • Non-Secure


  • Secure

    General WebMail

    (User chooses from NeoMail / Horde / SquirrelMail

    depending on what you have enabled in root WHM area)

  • Non-Secure


  • Secure

    Setup WHM / cPanel
    Update Preferences

    When configuring WHM
    if you selected

    the x2 theme this is how it would look.

    Click “Change Update


    We select “Manual Updates Only (Stable tree)” because
    while releases important updates sometimes these
    updates contain new

    security holes. (Like what was recently found in the ‘request
    a password’

    module). will release security fixes apart
    from cpanel/whm updates

    so it’s a good idea to keep the security and package updates
    on automatic.

    WHM Settings

    If you are using the x2 theme you should see the following.

    Click on “Tweak Settings”



    I like checked & why:

    • Allow Creation
      of Parked/Addon

      Domains that are not registered

      I like to be able to add domains that are not registered
      yet so that I

      can work on them either before I decide to buy the domain
      or before the

      domain has finished registering.

    • Prevent users
      from parking/adding

      on common internet domains. (ie,

      This just saves time, and hassle for the “not so smart”

    • Number of days
      between processing

      log files and bandwidth usage (default 1, decimal values
      are ok): .10

      I like my statistics updated often, but if you have
      a lot of popular

      sites keep this at 1 or .5 because your load will increase
      greatly when

      the statistics software runs.

    • Keep log files
      at the end of

      the month (default is off as you can run out of disk
      space quickly)

      I like logs, and I like to know what’s going on. Keeping
      the logs at the

      end of the month does take up a lot more disk space,
      but this allows me

      to go back and find problems, and identify issues I
      would otherwise not

      be able to do. I can also just remove the logs myself
      or back them up

      when I feel I need more space. You need to keep an eye
      on these though

      so they don’t get out of control.

    • Awstats Stats

      I believe Awstats to be the #1 statistics program available.
      I don’t check

      Webalizer or Analog because I don’t like them, and don’t
      use them at all.

      If you are running a webhosting company some of your
      users may require

      Webalizer or Analog statistics so it is up to you if
      you should run them

      all or just one or two.

    • Enable Reverse
      dns resolution

      for Awstats

      I like statistics, and the more the better.

      These statitics do not come without
      a price however…

      They will ‘connect to’ a bunch of DNS servers and may
      slow your system

      down for REALLY heavy use sites, and at times can fill
      up a log with DNS

      timeouts. So if you enable this, and have HEAVILY VISITED
      sites be warned.

    • Allow users
      to update Awstats

      from cPanel

      I like to update my own stats if they aren’t up to date
      when I am checking

      them. I would not reccomend leaving this checked if
      you run a webhosting

      company as allowing your customers to update their stats
      whenever they

      want could really cause a serious bottleneck in system

    • SquirrelMail

      SquirrelMail is my favorite webmail application, so
      instead of running

      the other 2 I just run this one.

    • I do not have

      checked however I do run MailScanner & ClamAV

      The more scanning that is taking place the more CPU
      / MEM usage there

      is. So if you don’t get spam yet, don’t run it.. run
      it when you start

      to get spam.. This will save on system resources for
      the time being.

    • Attempt to prevent
      pop3 connection

      floods: 60

      I chose 60 because once every minute is as much
      as anyone should check

      their e-mail.

      However if you are running a webhosting company and
      have host many customers

      you may want to set this number betweeen 30-45 so that
      your server is

      not hammered.

    • Use jailshell as
      the default shell

      for all new accounts (linux 2.4 or later only)

      Safer, more secure.


    Backups are important
    to any dedicated

    server, wether it be for private or for running a hosting
    company you

    should always backup your data remotely or on a second
    hard drive atleast.

    Single cPanel Account Backup via SSH
    cPanel Account Backup

    Dedicated Server Backup

    Your Service Status

    You should always
    keep an eye on your

    server’s status. If you can’t keep an eye on it, or
    atleast check it 2 times

    a day you should setup some monitoring software so that
    it will notify you

    within minutes incase of a problem.

    • Manual Check your
      system status:

    • In WHM as Root
      click “Service



    • Green = Good

      Red = Bad

      If anything is in red you have a problem.


A firewall is a set of related

programs, located at a network gateway server, that protects
the resources of

a private network from users from other networks. Basically,
a firewall, working

closely with a router program, filters all network packets
to determine whether

to forward them toward their destination. A firewall is
often installed away

from the rest of the network so that no incoming request
can get directly at

private network resources. There are a number of firewall
screening methods.

A simple one is to screen requests to make sure they come
from acceptable (previously

identified) domain names and IP addresses. For mobile users,
firewalls allow

remote access in to the private network by the use of secure
logon procedures

and authentication certificates.

The main advantage of a
hardware firewall
is that it uses none of your dedicated
servers resources. During intense filtering
a software
firewall may crash your dedicated server, a hardware firewall

Not everyone can afford a
hardware firewall,
so we are left with running a software
firewall. I reccomend, and personally
use APF Advanced Policy


Knowing where your server
logs are, and
how to monitor them is very important. If
someone attacks your server they most
likely left at trace,
and you are going to want to find out how they got in,
where they came from.

Click Here To
Install LogWatch Softwar

Learn basic
Linux commands

do I setup my own name servers?

This has to be the most
common question

we get. You would think after years cPanel would have come
up wtih a better way to help you setup your name servers,
but no it’s still tricky, and requires

some manual work on your part.

Server Setup Guide Click Here

Spread the love