Tutorials Archives - Page 2 of 4 - Webx ...

Taking Backups of Web Hosting Account in cPanel

Although we backup entire hosting server every day and keep consecutive backups for several days and weeks, we strongly recommend that every client should have their own backups. The backups we take are for emergency purpose i.e. disaster recovery in case of hardware failure such as multiple disk failures.

The question may arise, how do you take a backup of your entire website? And which files to backup? cPanel makes it easy. Taking Backups of Web Hosting Account in cPanel is straight forward process.

cPanel Backups allow you to download (to your computer) a zipped copy of either your entire site (including your home directory, databases, email forwarders configuration, and email filters configuration) or one of the previously mentioned parts of your site.

As highlighted in the screen shot below with red square, you can find the Backups icon and link under Files section in cPanel. Click that to access Backups screen.

cPanel Backups

The next screen has a video tutorial on how to generate a full backup. We explain here as well.

Full Backup

A full backup includes all of the files in your home directory, your MySQL databases, and your email forwarders and filters. You can back up your account to preserve your data, or to move your account to another cPanel server.
Click on “Download or Generate a Full Website Backup” button to proceed:

Full cPanel Backup

This full backup can only be used by server administrator (with root privileges) to restore entire account settings and data (including website files, mysql databases, emails). It cannot be used on the cPanel interface by you to restore an account. It is useful for safe keeping.

Generate a Full Backup

You can generate a full backup and store it in

a) Home Directory i.e. you can use ftp or file manager to download the backup when created from /home/username/ folder (where username is your cPanel username)

b) Or you can upload the backup to a remote FTP server or SCP.
You also have the option to enter your email address where notification will be sent by cPanel once backup is completed.

Create Backup and Store in Home Directory
If you choose to upload the backup on a remote FTP server, you will need to provide the login details:

Upload Backup on Remote FTP Server

Click Generate Backup to proceed and wait for email confirmation. In case email does not arrive for a long time, you can visit the Backups screen again to see the progress:
Backup in Progress

And when it is complete, it will show up with a link to download. Simply click on the link of the file to download the backup on your computer.
Backup Ready for Download

Partial Backups

On the main backup screen you also have the option to download partial backups i.e. your home directory that contains all your files and emails, your databases, your email forwarder settings etc.

Partial Backups

These partial backups have an advantage that they can be used by you to restore a portion of the site. Please note that Home Directory contains website files as well as email accounts. You can open the downloaded zip file and extract the files on your computer to find and restore individual files from it.

Backup Wizard

The Backup Wizard available under Files section does the same but it has a different work flow to make it easy for you to download and restore backup.

Backup Wizard

Hope this helps you keep regular backups of your important data. We cannot stress enough how important it is to keep regular backups and multiple backups. If you need any assistance with backups, please do not hesitate to contact us or you can post your comments and questions below.

MX Record for Email in cPanel

MX (Mail exchanger) record is a type of resource record in the domain name system that specifies which mail servers are responsible for receiving emails for the domain. You can read more about it at http://en.wikipedia.org/wiki/MX_record

When you order a web hosting account, by default your hosting server where your website is hosted also has a mail server. Therefore MX record is automatically created to specify your web hosting server to be the mail server as well and receive emails. That is why you can create and manage email accounts using cPanel interface, which directly interacts with the local mail server on that server.

However at times some clients want to host their email elsewhere. For this reason they will need to change the MX record so that emails can go that particular server. To change the MX, you can click on MX Entry in Mail section of cPanel. For some reason cPanel calls it MX Entry instead of MX Record.

MX Entry in cPanel DNS

Priority in MX Record

Since it is possible to have multiple mail servers configured to receive emails for a domain, the next screen explains how the priorities work MX records (entries).

  • Lower values denote higher priority, with 0 being the highest possible priority.
  • The primary mail server(s) (with the lowest-numbered priority) will receive mail sent to your domain.
  • Secondary mail servers (those with higher priority values) can be used for backup or other purposes.
  • If you assign multiple mail servers the same priority, then when that level of mail server is needed, mail will be distributed to those servers randomly.

You may have to select the domain from the drop down to proceed.

MX Entry Maintenance

Email Routing
Once you select the domain, you will be presented with the current MX configuration of the domain. For example in this screen shot here we see that domain is configured to receive email on Local server. It is currently using “Automatically Detect Configuration” option to come up with that.

Current MX Record and Settings

You can keep it as it is i.e. let cPanel automatically detect configuration, or you can choose one of the other three options. They are as follows:

Local Mail Exchanger: Configure local server to always accept mail. Mail will be delivered locally on the server when sent from the server or outside the server.

Backup Mail Exchanger: Configure server as a backup mail exchanger. Mail will be held until a lower number mail exchanger is available.

Remote Mail Exchanger: Configure server to not accept mail locally and send mail to the lowest MX record.

Please be careful with changing this. The Warning is pretty clear: Setting the wrong option here can break receiving mail on your server. If you are at all unsure about which option to select contact your system administrator (that is our support).

You can click on Change button to make the change (if required).

Since there can be multiple MX records in a domain, you can see the listing of your current MX Record(s). You have the option to edit or delete the record:

Edit or Delete MX Record

If you click Edit, it you can modify the Priority or Destination:

Edit MX Record

Or you can add a new record as well:

Add New MX Record

Once you are done with the changes, you can see that all the records under MX Records section are what you needed to set. It may take a few hours before the DNS updates propagates and new email starts delivering on the MX records for your domain.

Hope this tutorial makes it easy to manage MX records for your domain. If you need help with it, please feel free to contact us or you can post in the comments section below.

DKIM and SPF – Email Authentication in cPanel

DKIM (DomainKeys Identified Mail) is a means of verifying incoming email. It ensures that incoming messages are unmodified and from the sender from whom they claim to be. Technically DKIM provides a method for validating a domain name identity that is associated with a message through cryptographic authentication. For more information please visit http://www.dkim.org

SPF (Sender Policy Framework) system allows you to specify servers and IP addresses that are authorized to send mail from your domain(s). This feature works to prevent outgoing spam messages using your domain from other computers and servers. If someone tries to send emails spoofing your domain in their email address, the receiving servers will check if you authorized them to send email – failing which such spam will be rejected.

We assume you are already logged into cPanel of your web hosting account. Click on Email Authentication link under Mail to proceed.

Email Authentication

By default Email Authentication is disabled. To enable each one, click the Enable button.

DKIM and SPF Disabled

DKIM is enabled with just a click of a button.

DKIM Enabled

No further configuration is required for DKIM. The Email Authentication screen will show you if it is active.

DKIM Enabled and Active

To enable SPF, click Enable button.

SPF Enabled

When SPF is enabled, a new TXT DNS Record is added to your domain’s DNS zone. It uses your domain’s Mail Exchanger (MX) record, A record and the IPv4 address. In most cases this default setting is good enough to authorize these servers to send email.

In addition to default configuration of SPF, the Email Authentication screen allows you to add additional hosts and make changes to the SPF record.

Advanced SPF Settings

Email authentication helps prevent spam. The options provided in cPanel attempt to equip email messages with verifiable information so that the nature of incoming and outgoing messages can be detected automatically.

Enabling DKIM and SPF should reduce the number of failed delivery notifications you receive when spammers forge messages from your domain(s). These features also work to prevent spammers from forging messages that claim to be from your domain(s).

Email Trace to Check Email Delivery

In cPanel web hosting, there is a feature called Email Trace in section Mail. As an account admin you can login to cPanel or as an email user you can login to webmail interface to use this Email Trace feature to search through mail server logs to see what is happening with your email.

Email Trace

You can see details of each delivery attempt, including whether a message was delivered successfully. You can also see the delivery route for a message from your account’s mail server to a remote address.

Trace an Email for Delivery

To see the delivery status of a particular email:

  1. Enter a recipient email address in the search box.
  2. Click Run Report to show the Delivery Report table and the Email Server Trace diagram.

Email Rejected by RBL

Email Rejected by RBL

These logs are very descriptive and you may not understand them all but if you study them carefully you can see what is happening with each email that is sent to your domain or is being sent from your domain to others.

Email Delivery Report

Email Delivery Report

Email Trace can be very helpful in diagnosing problem with email deliveries. While spammers are trying to take over your mailboxes, we are trying to fight them back and block them from reaching you. In this fight there are times when a restriction on the server to block spammer also catches a legitimate email. This can be a problem with either the sender or recipient email server. We provide this feature to empower you, our valued client, with as much details as possible to resolve such issues.

We hope you have a great emailing experience with us. If you face any problem, please contact us and we are here to help.

Fighting Spam with SpamAssassin

SpamAssassin is an automated email filtering system that attempts to identify spam messages based on the content of the email’s headers and body. In your cPanel webhosting account you can enable SpamAssassin and configure it for your needs.

We assume that you have already logged into cPanel. Click on SpamAssassin icon under Mail.

SpamAssassin in cPanel

When you login first time, you may find that SpamAssassin is not enabled and says so: SpamAssassin is currently Disabled.

SpamAssassin is Disabled

All you have to do is click on the button that says Enable SpamAssassin. In the next screen it will show you if SpamAssassin has been enabled.

SpamAssassin Enabled

Once it is enabled, all your incoming emails in your account will pass through SpamAssassin.

Filters (Automatic Spam Deletion)

Spam Automatic Deletion

You can automatically delete messages marked as spam. First set the number of hits required before mail is considered spam. 5 is the default setting but it can vary from person to person. SpamAssassin when processes the incoming email, it adds scores to the likelihood of it being spam. The higher the score, more chances that is Spam.

We recommend that you first test the accuracy of SpamAssassin and fine tune it before activating automatic deletion. Or you can use Spam Box as explained below.

Spam Box

Spam Box

SpamBox will deliver any emails identified as spam by SpamAssassin into a separate IMAP folder named “spam”. This “spam” folder will fill up and should be emptied regularly. You can subscribe to this IMAP folder using Webmail interface or through your desktop/mobile email client software. Keep in mind this mailbox will not clear automatically. You will have to clear it yourself. You can do it right on this interface by clicking on Clear Spam Box button.

SpamAssassin™ Configuration

Configure SpamAssassin

Click on Configure SpamAssassin to fine tune the default working of SpamAssassin. There are couple of things you can configure here and they are explained on that page but we add some more insight below.

blacklist_from: This is pretty obvious. You can enter emails or domains that you find are sending you spam regularly. They will be marked as Spam in future when you add them there. Once you have used the space provided for 5 entries and save it, more spaces will be provided when you come back to this page.

whitelist_from: This is similar to blacklist_from but here you can whitelist the domains and emails you do not want to be marked as spam.

required_score: This is explained well on the page.

Adding Tests and Scores


You can precisely tailor SpamAssassin for your server by assigning scores to individual tests. SpamAssassin uses hundreds of tests; please see the SpamAssassin documentation at http://spamassassin.apache.org/tests.html for more information. SpamAssassin version 3.3.2 (or latest) is in use.

You can enter individual test scores in the following format:

“score” “TEST_NAME” “1 to 4 positive or negative numbers”

For example, you could enter:

score INVALID_DATE 3.2

This example sets the scores that SpamAssassin assigns to a message with an invalid date in its header.

If only one number is listed, that score is always used for the test. Setting a score to 0 will disable the test.

Once emails are processed by SpamAssassin, the scores are added up. With 3.2 assigned to INVALID_DATE, a few more hits on other tests will make the total score more than 5 and if that is the default setting then the email will be considered Spam.

You can add as many tests you want from the SpamAssassin built-in tests (link here). Even if that test is already used by default, you can override the score by adding it here.

You can add a negative score as well which will deduct it from overall score. You may like to do that if certain test makes that email legitimate.

Advanced Users with SSH/FTP Access

SpamAssassin keeps its configuration file under your home directory in a folder called “.spamassassin” (please note the name starts with a dot). Some FTP client do not show files and folders with names starting with dot because they are considered hidden files. If you have ssh access to your account, you can directly edit it using a linux editor such as nano or vi. The file is user_prefs under .spamassassin. This is the same file that you are managing via cPanel SpamAssassin interface when you make changes to configuration.

If you read more about SpamAssassin, you can configure it further using this file and create your own rules.

How to check SpamAssassin is Working?

When you receive an email, you can open it in webmail or your email client software. Please check the documentation of the email client on how to view email headers. When you view the email headers, you will see lines like these in them:

X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on SERVER-HOSTNAME
X-Spam-Level: ****
X-Spam-Status: No, score=4.7 required=5.0 tests=FH_FROMEML_NOTLD,MISSING_DATE, MISSING_HEADERS,MISSING_MID,MISSING_SUBJECT,NO_HEADERS_MESSAGE,NO_RECEIVED, NO_RELAYS shortcircuit=no autolearn=no version=3.3.2

If you read the above lines carefully, SpamAssassin records all tests that added to or subtracted from the score. The line above says this email had a Spam score of 4.7. That is why it was not considered Spam and says Spam-Status: No.

Let us know if you need any further help with using SpamAssassin on your web hosting account.

Back to Top

© 2022 Webx Networks.