Configuring Servers - WHM (Part 1)
If you are new to WHM you may find yourself lost when trying to set up your server. This extensive video (1 of 2 parts) walks you through some of the most vital first steps and initial configurations for your server.
Your control panel interface may look or be organized differently than this video depending on the WHM/cPanel version and operating system you are using.
This tutorial will show you how to setup the initial configuration of a new cPanel server.
How to Access WHM
- Enter the URL to access WHM in your web browser.
WHM listens for https requests from the browser on port 2087 and http requests on port 2086, so you will need to have traffic allowed on either port through any firewalls that may be on your local machine or network.
Until DNS is configured for your domain, pointed to the server, and the changes have propagated, you can use the IP address of the server instead of your domain.
You can also use the following URLs to access WHM:
Note: replace "ip" with your server's IP address or replace "domain.tld" with your domain name.
SSL Browser Warning
You may see a screen that says there is a problem with the website's security certificate. This is because WHM uses a self-signed certificate to facilitate the encrypted connection and it may not be generated for a different domain on the server. This is normal.
Different browser have different procedures for accepting self-signed and mismatched SSL certificates. Check your browser documentation for the procedure to accept the certificate if necessary.
Accept the certificate and continue to the website.
How to Log In
- Enter the username. This should be "root".
- Enter the password.
- Click the OK button.
Hostname A Entry Missing! Warning
You will likely see a warning concerning a missing hostname A record when you log in for the first time. We will be addressing this issue later in the tutorial, so we will just ignore the warning for now by closing the warning.
Configure Server Settings
Now that we are logged in, let's configure some of the server settings.
There are many settings you may want to configure on the server that will not be covered in this tutorial. However, we will be detailing the settings you will want to establish before you start adding accounts to the server for your domains. All the other settings can be configured easily after there are already accounts on the server.
- Click the Basic cPanel/WHM Setup link.
Here are many of the basic settings for the configuration of the server.
Main Shared Virtual Host IP
By default, the primary IP address of the server is set to be the Main Shared Virtual Host IP. This is the most common configuration for servers. However, we can change this to use a different IP address on the server if we wish.
WHM only allows one IP address to be shared per WHM user. If you wish to have multiple addresses configured to be shared, you will need to configure a user with reseller privileges for each one and assign the IP address to be that user's shared IP address. The "root" user will still have access to all accounts on that IP address despite the delegation to the user with reseller privileges.
Server Contact Email Address
Here we can specify a different contact email address that the server will use to notify us if any issues arise with the server.
Email accounts using the primary domain will need to be created in the cPanel for that domain after the account is added.
Setting Default Name Servers
Here, we can specify the names that this server will use for name servers. These should already be set for the primary and secondary name servers.
Your name servers will need to be registered to point to IP addresses on the server through your registrar. WHM gives you the option to specify four (4) namesevers. However, most of the time, only two are used.
- Click the Save button.
Reset the Root Password
Next, let's reset the root password.
- Click the Change Root Password link.
- Enter the New Password.
- Enter the pasword again in Confirm New Password.
- Click the Change Password button.
Initial Quota Setup
Quota should already be enabled for the accounts on the server, so you should not need to use the Initial Quota Setup icon to enable them.
The server should already be pre-configured for Central Standard Time (CST). You can use this option to change the timezone for the system time.
- Click the Tweak Settings link.
Here, you can customize many of the global settings for the server.
Setting the catch-all/default address behavior to "fail" will cause mail sent from non-existing addresses to your domains to be rejected by default by the server. This is generally preferred as it will reduce server load due to attacks from spammers.
Shell Access / Jailshell
For accounts that you choose to grant shell access to, this option will make the default settings grant a jailed shell account instead of the normal shell account for that user.
Jailed shell accounts are chrooted, so directories and processes outside the chrooted environment will not be visible to the user, which added extra security to the system. Normal shell accounts will be able to see other users directories and processes even if they do not have permission to access them.
- Click the Save button.
Configure WHM/cPanel Updates
- Click the Update Config link.
These settings control updates to cPanel and other software packages on the server. By default, they are set to automatically update.
There are four (4) release trees for updated to cPanel. By default, the system is set to automatically update using the STABLE tree. The BLEEDING EDGE tree can only be updated manually. An explaination of the various trees will be listed at the bottom of the page.
- Click the Save button to save any changes.
Set Hostname in Networking Setup
Now, let's set the Hostname in the Networking Setup section.
- Click the Hostname link.
- Enter the New Hostname.
- Click the Change button.
The nameserver IP's should already be assigned unless you changed the nameservers in the Basic cPanel/WHM Setup above and didn't user the option thereto assign the IP address to the new nameservers.
The Resolvers should already be configured to use the resolvers located at the datacenter.
Next, we are going to configure some security options.
- Click on the Security Center link.
There are several features in here that can be enabled and configured to help with maintaining the security of your server. Before we create accounts for users who will be able to reset their own passwords, we are going to set a threshold that will ensure that passwords that they select are secure and not easily hacked.
- Click the Password Strength Configuration link.
- Click the checkbox for Default Required Password Strength.
- Enter a numeric value from 0 to 100.
- Click the Save button.
- Click the Home link at the top of the page.
Next, we will configure a package that we will use to assign to the account we create for our primary domain.
- Click the Packages icon.
Packages are a preset list of limits and settings that can be applied to the accounts you create. Since this package will be for our primary domain, we will be creating a package without limits that will only be used for the primary domain.
- Click the Add Packages icon.
- Enter the New Package Name.
Let's change the settings in the package to allow unlimited parked and addon domains.
- Change Max Parked Domains to "unlimited".
- Change Max Addon Domains to "unlimited".
- Select the cPanel Theme.
There are several themes (or "skins") for cPanel that can be used to customize the look and feel of the interface. Some of the older skins (such as "x") do not include much of the functionality as do the newer ones. The "xmail" and "x3mail" are skins with limited functionality designed for accounts that are strictly hosting email. At the time of the production of this tuntorial, "x3" is the most current one.
- Select a Feature List.
Be default, there is already one list of features named "default" that can be used. The "default" list has every option enabled unless you customize it using the Feature Manager icon in the Packages section. You can also add custom lists that can be selected.
- Click the Add button.
You will likely want to repeat this procedure to configure more specific packages with the limits and settings that you want to assign to future accounts prior ro adding them for your clients.
- Click the Home link at the top of the page.
- Click the DNS Functions icon.
Edit Zone Templates
Next, we will look at the zone template that will be used to create DNS records for our primary domain when we add it.
- Click the Edit Zone Templates icon.
- Click the standard link.
The most common DNS records are already entered into the template. However, we can edit the template here so that WHM will automatically generate the zone with the records we want whenever an account is created.
Since the DNS records for our name servers and hostname will only be in the zone for our primary domain, we are not goinf to add A records for these in the template. Instead, we will modify the zone after it is created to add these records.
- Click the Save button to save any changes. (No changes were needed here unless you have a unique configuration.)
Sender Policy Framework (SPF)
You will likely want to add the information to create a record for SPF.
The Sender Policy Framework (SPF) is a system developed for mail servers where DNS administrators can define what servers have been authorized to deliver mail for a particular domain. Email servers that are configured to check SPF will often reject email form a source if the relaying server isn't explicitly authorized in an SPF record for the sender's domain.
- Click the Home link to return to the mail screen.
That concludes the first part of our tutorial. In part 2, we will continue with the initial configuration of a cPanel sever.