Enable Two-Factor Authentication for cPanel

Introduction

If you use cPanel, one of the best things you can do to protect yourself, and your data, is to enable two-factor authentication for cPanel.  Recently, cPanel added this feature to their software suite and we’re ecstatic to announce that we’ve enabled it across our shared hosting environment.  This quick tutorial will show you how easy it is to enable 2-factor authentication for cPanel.

Prerequisites

In order to enable 2-factor authentication in cPanel, you’ll need just a few things:

Enable Two-Factor Authentication for cPanel

To enable 2-factor authentication for cPanel, you’ll need to log in and navigate to the ‘SECURITY‘ section of cPanel.  From there, click on ‘Two-Factor Authentication’.
enable two-factor authentication for cPanel

Once there, click on ‘SET UP TWO-FACTOR AUTHENTICATION’.
enable two-factor authentication for cPanel

On Your Mobile Device

This is where you’ll need the assistance of your mobile device. Open the app of choice (in this case, we’re using Authy) and add an account.  In Authy, to add an account, click the three dots menu link in the upper-right corner, and select ‘Add Account’.  Once you’re on that screen, tap on ‘SCAN QR CODE‘.
enable two-factor authentication for cPanel
Simply aim your phone’s camera at your computer monitor and Authy will automatically capture the QR code.
enable two-factor authentication for cPanel

At this point, you will want to name the account (and change the “key” icon, if you wish to customize the icon by color, or other logo) something that will be easy to identify in the future.  Once you have named the account, click ‘DONE’.

Important

Make note of the six-digit code.  Enter that code into the ‘Security Code’ box, as seen below, in cPanel to actually enable two-factor authentication for cPanel.

enable two-factor authentication for cPanel
Once you have entered in the Security Code, click on ‘Configure Two-Factor Authentication’.  You will be presented with a message which reads:

Success: Two-factor authentication is now configured on your account.

At this point, you are done.  The next time you log in to cPanel, and every time after this, you  will be prompted for a security code after you enter your cPanel user ID and password.
enable two-factor authentication for cPanel
If you have any issues with this process, please don’t hesitate to open a support ticket and we will happily help you with the process.

Train SpamAssassin to Block SPAM!

One of the most frustrating parts of having an email account is the part where complete strangers can send you unsolicited email and you have no control over it.  You can click the little button that says “Unsubscribe” and, in a few instances, it may even prove effective enough to work.  Most of the time, though, the unsolicited email (SPAM) will actually increase as opposed to diminish.  That’s where SpamAssassin comes in.

SpamAssassin

SpamAssassin is a powerful, highly customizable tool for, as one might imagine, fighting SPAM in your inbox or other folders.  It comes with a command-line tool called “sa-learn” which we’ll use in this post to train SpamAssassin to detect good mail (“ham”) and bad mail (“spam”).  With a little CRON magic, you can make this powerful tool learn exactly what is SPAM and what isn’t SPAM in your mailboxes.  What we’ll need is access to your cPanel account, your email address, and a desire to kill things that suck.

The first thing we’ll do is log into our cPanel account and navigate down to the “Apache SpamAssassin” link:

Selection_000131

 

Enable the Spam Box

Once there, you’ll want to enable your “Spam Box”.  The spam box is a folder which is automatically created for spam mail which is detected by SpamAssassin to go to.  The folder is there in case you want to save email which mail mistakenly be identified as SPAM.
Selection_000134

Now that we’ve got our Spam Box enabled, we’ll need to go into your webmail client to actually subscribe to the folder which has been created.  This will allow you to see the folder from within your mail client or your webmail client.  The first step is to log into your webmail client.  We’ll go over SquirrelMail and Roundcube.

Selection_000136

  1. In the Email Accounts section in cPanel, choose the Access Webmail option next to the domain whose archived mail you wish to view.
  2. Click on the icon to log into SquirrelMail.
  3. Click on the Folders link at the top of the page.
  4. Under the Unsubscribe/Subscribe heading, select the folders you wish to view in the Subscribe list and click Subscribe.
    • If you wish to include the Spam folder, select the folder for Spam.

Selection_000138

  1. In the Email Accounts section in cPanel, choose the Access Webmail option next to the domain whose archived mail you wish to view.
  2. Click on the Roundcube icon.
  3. Click the Settings icon in the top right corner of the Roundcube interface.
  4. Choose Folders in the left menu.
  5. Check the box for the folder whose archived mail you wish to view.
  6. Check the box for the date of the archived mail you wish to view.
    • If you wish to include the Spam folder, check the box for Spam.

Create Cron Jobs

Now that we’ve got everything going, we’ll put in an automated check via cron jobs twice a day.  The purpose of setting up this cron job is to enable an automated check of defined mail folders with good email (ham) and bad email (spam).  This will require two different cron jobs but they are set up nearly identically.  Navigate to your cPanel account and open “Cron Jobs” under “Advanced”:
Selection_000139

 

Before you start adding the cron job, you can decide whether or not you would like to receive an email each time a cron job is run.  This is handy if you’re wanting to check on the status and get a feel for how sa-learn is progressing with its learning.  You can do this by entering your email address in this box:

Selection_000140

 

If you do not want an email every time the cron job runs, you can put “>/dev/null 2>&1” after the command in the cron job.  This will stop email from being sent.

The sa-learn command is part of the SpamAssassin suite where you can forcefully teach SpamAssassin the difference between ham and spam.  To create the scripts and enable the cron job, scroll down on this page.  We can do this one of two ways: per domain and per account or a blanket method which will cover all domains and accounts.  You would consider the second if you have add on domains.

Built into cPanel are basically templates for the repeating cycle timer.  You can simply pull down a box and select the frequency you’d like your cron job to run.  In this case, we’re choosing once every 12 hours, or twice a day.

Selection_000141

 

Now that we’ve determined the frequency of the cron job, we’re ready to insert the actual script to execute the command.  As mentioned before, there are a few different ways to do this.

The first method is to scan all domains and all accounts in one command.  This is likely the most popular way of doing this due to the fact that this will cover everything in one sweep.  An example of this would look like this:

 

HAM scan of the Inbox:
sa-learn -p ~/.spamassassin/user_prefs --ham ~/mail/*/*/{cur,new}

SPAM scan of the “spam” folder:
sa-learn -p ~/.spamassassin/user_prefs --spam ~/mail/*/*/.spam/{cur,new}

The other example is to scan by single domain and by single email account.  Examples of this would look like this:

HAM scan of a folder called “Archive”:
sa-learn -p ~/.spamassassin/user_prefs --ham ~/mail/demodomain.com/demouser/.Archive/{cur,new}

SPAM scan of the “spam” folder:
sa-learn -p ~/.spamassassin/user_prefs --spam ~/mail/demodomain.com/demouser/.spam/{cur,new}

The end result of all of this work?  Less spam.  More ham.  We’ve set up a cron job to direct SpamAssassin to look through the specified mailboxes searching for either good email (ham) or bad email (spam) and, for future messages, direct bad email directly into the spam folder so you never even have to see it.  Have questions or suggestions on different ways to accomplish this?  Let us know in the comments!

Services Restored – 8/29/2014

Services to all customer facing servers has have been repaired and restored.  The outage cause was identified shortly after it occurred and took roughly 4 hours to repair with a temporary fix.  Once the temporary repair was in place, technicians worked for another 7 hours implementing a permanent fix.  Analysis of the issue is ongoing and processes have been put into place to prevent this particular issue from happening again.

We appreciate the support and patience of our customer base!

Service Outages – 8/29/2014

Good afternoon –

We appreciate the patience of our customer base as we work through issues this morning. During our nightly maintenance last night, a couple servers suffered problems with the mysql servers on those systems. This was something which did not impact all customer servers. We’ve been working through the morning to correct the issue.

We believe the fix is in place however there will be system reboots this evening (which will be communicated via a comment to the post on our Facebook page) at approximately 12am Seattle time. We’re waiting for the overnight backups that didn’t get a chance to run last night (due to maintenance) to catch back up and expect to see a little slower than normal performance today for the next few hours but it shouldn’t be a performance impact which stops the communication of your sites to the world.

We apologize for any impact this has had on your sites and know we’re very thankful for your business.

Installing WordPress. Quickly.

Just how easy is it to install WordPress?  Simple, really.  With a few short clicks, you’re on your way to blogging bliss using one of the most powerful and popular tools out there.  Allow me to demonstrate in a quick, easy to understand tutorial.

Step 1: Log in to cPanel.  With our servers, this is done by going to www.<yourdomain>.com/cpanel

Step 2: Locate “Softaculous” and click the icon.
Selection_000013

Step 3: Click “Blogs” and then “WordPress”.
Selection_000015

Step 4: Click “Install”!
Selection_000018

From here, you’re looking at mostly configuring the installation. With a couple of quick answers and most fields left blank or default, you’re on your way!

Step 5: Software Setup. Usually the only thing you’re worried about here is the domain name.
Software Setup

Step 6: Select the correct domain name from the drop-down and continue down to the “Database Settings” and “Site Settings” section.
Software Setup

You can nearly always just leave the Database Settings section completely default. The Site Settings section, however, is where you will want to set up your custom Site Name and Site Description (usually a tag line of some kind that goes with the title of your page).

Step 7: Moving on to “Admin Account”.
Software Setup

Here is where you’ll set up your custom user ID to log in to the blog’s back end dashboard with as well as a secure password.

Step 8: If you elect to, you can set up database backups, automated updates, and a couple of other options:
Software Setup

With WordPress being as powerful as it is and the many, many uses WordPress has, having the software at your fingertips with a very easy installation means you’re on your way to blogging in less time and focusing faster on what’s important, rather than worrying about the technical details. Besides, that’s why we’re here!