WHM remove dedicated IP from websites so you can share the IP

If the IP is already dedicated to a domain/account you will have to first SSH to the server.

Then you want to edit the file /etc/domainips
Remove/delete the line that contains the IP and its current dedicated domain and save.

Next edit the file /var/cpanel/mainips/root
Add the IP you would like to share to a new line and save

At this point you should be able to go into WHM and assign the IP to multiple accounts.

Email SRS support for Cpanel and Exim

Built-in SRS support under Advanced Exim Configuration Editor in WHM.

For nearly a year I’ve had SRS enabled on the cPanel servers I maintain. Of course, when Exim gets updated I have to redo the configuration.

But it only takes adding seven lines of code to Exim, and I have never had a single problem with forwarded emails not being delivered / being rejected since implementation. I really can’t think of any good reason why SRS support is not available in cPanel at this point.

A search engine search for “cpanel SRS support” will yield instructions for manually activating SRS within Exim on a cPanel server.


Google apps smtp email and relay settings

from: https://support.google.com/a/answer/176600?hl=en

Google Apps SMTP settings to send mail from a printer, scanner, or app

You can set up your on-premises multifunction printer, scanner, fax, or application to send email through Google Apps. The three available options are: SMTP relay service, Gmail SMTP server and Restricted Gmail SMTP server.

For details about configuring your device or application to send SMTP messages, refer to its documentation. Google Support cannot assist with the configuration settings.

  1. SMTP relay service – used to send mail from your organization by authenticating with the IP address(s). You can send messages to anyone inside or outside of your domain.
  2. Gmail SMTP server – requires authentication with your Gmail/Google Apps account and password. Messages can be sent to anyone inside or outside of your domain.
  3. Restricted Gmail SMTP server – does not require authentication, and you will be restricted to send messages to Gmail or Google Apps users only.

The table below will help you decide which one of these options will best meet your needs:

Option Google Apps SMTP relay (recommended) Gmail SMTP server Restricted Gmail SMTP server
FQDN of SMTP Service smtp-relay.gmail.com smtp.gmail.com aspmx.l.google.com
Configuration requirements Port 25, 465, or 587
SSL/TLS optional.
One or more static IP addresses are required.
Port 465 (SSL required)
Port 587 (TLS required)
Dynamic IPs allowed
Port 25
TLS not required
Dynamic IPs allowed
Mail can only be sent to Gmail or Google Apps users
Requires authentication IP address provides authentication. Your full Gmail or Google Apps email address required for authentication No.
Bypasses anti-spam No. Suspicious emails may be filtered. No. Suspicious emails may be filtered. No. Suspicious emails may be filtered.
Sending Limits Limits for registered Google Apps users.
A registered user cannot relay messages to more than 10,000 recipients per day.
For full SMTP relay limits please see Sending limits for the SMTP relay service.
2000 Messages per day. See Sending limits for more detailed information. Per user receiving limits will apply.

You can use the SMTP relay service in the Google Admin console to relay mail from your device or application. This is possible once you add your network IP range to the SMTP relay service. You will need to configure your device to connect to smtp-relay.gmail.com on ports 25 or 465, 587. For more details about using this setting, see SMTP relay service setting.

Gmail SMTP Server could also be used to relay messages from your device or application. You can connect to Gmail mail servers using SMTP, SSL/TLS. If you connect using SMTP, you can only send mail to Gmail or Google Apps users; if you connect using SSL/TLS, you can send mail to anyone.

If your device or application supports SSL – connect to smtp.gmail.com on port 465.

To connect with SSL, you need to provide a Google username and password for authentication. Ensure that the username you use has cleared the CAPTCHA word verification test that appears when the user first logs in. We also recommend ensuring that the account has a secure password.

If your device or application does not support SSL – connect to aspmx.l.google.com on port 25.

You must configure an SPF record for your domain with the IP address of the device or application to ensure that recipients do not reject mail sent from it. You must also add this IP address to the Email Whitelist box in your Google Admin console. For example, if your sending device sends from, add that address to your SPF record without removing the Google Apps mail servers from the record: v=spf1 ip4: include:_spf.google.com ~all

Linux cp without having to answer yes (y) to every file confirmation

\cp -r -p -f * /home/registration/public_html/dev/wp-content/plugins/

-r is recursive

-f is force

-p is preserve ownership mode and timestamps

This command line copies all folders and files in the plugins folder to the new plugins folder

Posted in Uncategorized. No Comments »

Suggested file permissions for wordpress on an apache server

Please reference this URL for your WordPress sites: https://codex.wordpress.org/Changing_File_Permissions

See section “Shared Hosting with suexec”

In such an suexec configuration, the correct permissions scheme is simple to understand.

• All files should be owned by the actual user’s account, not the user account used for the httpd process.
• Group ownership is irrelevant, unless there’s specific group requirements for the web-server process permissions checking. This is not usually the case.
All directories should be 755 or 750.
• All files should be 644 or 640. Exception: wp-config.php should be 440 or 400 to prevent other users on the server from reading it.
• No directories should ever be given 777, even upload directories. Since the php process is running as the owner of the files, it gets the owners permissions and can write to even a 755 directory.

chmod directories recursively – change permissions on folders and files for tight security on wordpress

find /home/username/public_html -type d -exec chmod 750 {} \;

To chmod files recursively using find:
find /home/username/public_html -type f -exec chmod 640 {} \;
(for higher security on wordpress)

Whois – How to tell what hosting company a website is using


Posted in Server tips. No Comments »

Apache fasstcgi mods

I run suExec so each account will run as the owner of the account.

Fastcgi mods added to the Apache post_virtualhost_global.conf (WHM>Service Configuration>Apache Configuration>Post VirtualHost Include>All Versions)

<IfModule fcgid_module>
FcgidMaxRequestLen 52428800

<IfModule mod_fcgid.c>
FcgidMaxProcesses 150
FcgidMaxProcessesPerClass 100
FcgidIOTimeout 300
FcgidMinProcessesPerClass 1
FcgidIdleTimeout 300
FcgidIdleScanInterval 120
FcgidBusyTimeout 300
FcgidBusyScanInterval 120
FcgidErrorScanInterval 10
FcgidZombieScanInterval 3
FcgidProcessLifeTime 3600

Android battery calibration trick keycode

Hi, I had the same problem after 4.3 update. I did not want to do a factory, and going from a lot of posts this does not work anyway. I also didn’t want to turn off a lot of processes I previously had running. I just wanted the same level of performance as before. After doing a little research I have come believe it is a battery calibration issue. This worked for me. Charge your phone to 100%, goto keypad, type in *#0228#. This will take you to a battery status screen. Press quick start at the bottom of the screen. Your screen will go blank for a few seconds. Press the home key. Your battery percentage should have dropped. Charge to 100% and repeat the process. After a few times the drop should be negligible. Allow the battery to completely discharge and repeat. Hope this helps. Good luck.

Fix Heartbleed bug by quick update for openSSL on apache

yum update openssl* -y
This will update openSSL to the newest version for apache on CentOS

To check your server to see if it’s vulnerable to the Heartbleed bug: https://www.ssllabs.com/ssltest/