LinuxHostingSupport

cPanel, WHM and even Webmail uses non-common ports which some Internet Server Providers (ISP) do not allow and makes it impossible for people to access any of these. cPanel works on 2082/2083, WHM 2086/2087 and Webmail 2095/2096.

The workaround is to install cPanel Proxy which works as a proxy gateway for Apache and the requests to cPanel/WHM/Webmail are then served through port 80 instead of their respective ports which are blocked by the ISP.

Here’s how to Install cPanel Proxy:
——————————————————————————–
1. You have to recompile Apache with the cPanel proxy module.
a) You can either execute ‘/scripts/easyapache‘ script via SSH
OR
use WHM -> Software -> ‘EasyApache (Apache Update)‘ option.

b) On the next step, leave the current profile as it is and click ‘Start Customizing Based on Profile’

c) Click ‘Next Step’ in the Apache/PHP selection pages and goto the 5th step

d) On the Short Options List, click ‘Exhaustive Options List’ button to list all the Apache/PHP modules.

e) Scroll down a bit and select the “Proxy” module

f) Click ‘Save and Build‘ and proceed to build Apache with the Proxy module.

It may take around 30 minutes for the process to complete. Once the module is compiled, a VirtualHost entry for the cPanel/WHM/Webmail sub-domains is added in the Apache configuration file.

Here’s how to Enable cPanel Proxy for an Existing account:
——————————————————————————————————————————–

2)  The next step is to add ‘A’ records for cPanel/WHM/Webmail for the domain you need to enable proxy access on. To add the records,

a) Goto WHM ->  DNS Functions.

b) Click ‘Edit a DNS Zone’ option and select the domain to edit and click Edit.

c) Scroll down to the empty boxes and add the following records

cpanel 14400 IN A ServerIP
whm 14400 IN A ServerIP
webmail 14400 IN A ServerIP

where, ‘ServerIP’ is the actual IP of the server.

d) Click ‘Save’.

Once the records are added, allow sometime to propagate and then you should be able to access cPanel at, http://cpanel.yourdomain.tld. You will be able to access WHM/Webmail the same way.

Sometimes you see the following error at the middle of your Webmail Horde session :

Your Internet Address has changed since the beginning of your Mail 

session. To protect your security, you must login again.

This error mostly occurs when the ISP is using proxy servers to filter the browsers content. The proxy server randomly change its IP address and thus cause you to fail the web mail security measures.

The solution is to turn off the ‘checkip’ parameter in the Horde’s configuration file.  The configuration file is located as follows:

cPanel server : /usr/local/cpanel/base/horde/config/conf.php
Plesk server  : /usr/share/psa-horde/config/conf.php

Edit the respective configuration file depending on the control panel you have and look for

$conf['auth']['checkip'] = true;

replace it with

$conf['auth']['checkip'] = false;

This is it. Please note, this is a server wide change and cannot be done on user basis.

While accessing an email using Horde, you may notice that Horde isn’t displaying the contents of the email rather it displays the following message

there are no parts that can be displayed inline.

The reason for “no parts can be displayed inline” error is the “inline” setting of the Horde HTML driver is set as false.  To enable the setting, edit the mime_drivers.php file and set the “imp/html/inline” attribute to true.

On a cPanel server, the file is located at /usr/local/cpanel/base/horde/imp/config/mime_drivers.php and the attribute is:

$mime_drivers['imp']['html'] = array(  'inline' => false;

On a Plesk server, the file is located at /etc/psa-horde/imp/mime_drivers.php and the attribute is:

$mime_drivers['imp']['html']['inline'] = false;

Set the value as ‘true’ and save the file. Horde will display the contents properly again.

Recently I had a problem while sending emails to a specific server and while looking at the logs I saw the following:

451-The server has reached its limit for processing requests 

from your host. \n451 Please try again later. 

T=remote_smtp defer (-53): retry time not reached for any host

The reason could either be the, exim rate limiting the number of emails OR the exim databases are corrupted.

In such a case, you have 2 options

1) Increase the number of emails each domain can send per hour from
WHM >> Tweak Settings >> Max hourly emails.

2) If increasing the email limit does not help, surely the exim database is corrupted. The fix is to use the exim database tool called “exim_tidydb“.

SSH to your server and execute:

# /usr/sbin/exim_tidydb -t 1d /var/spool/exim retry > /dev/null 

# /usr/sbin/exim_tidydb -t 1d /var/spool/exim reject > /dev/null 

# /usr/sbin/exim_tidydb -t 1d /var/spool/exim wait-remote_smtp>/dev/null

Once done, reinstall courier and exim using the cPanel scripts.

# /scripts/courierup -- force 

# /scripts/eximup --force

You should now be able to send emails from the server.

The way to enable allow_url_fopen on a phpsuexec and a non-phpsuexec server is different. To enable allow_url_fopen server wide is a security risk, however, you can turn it ON for a single domain incase it is required.

Here how it needs to be done.

• On a non phpsuexec server:

Goto the /usr/local/apache/conf/ directory,

# cd /usr/local/apache/conf/userdata

create a ‘userdata’ directory if not there and then create a directory with the accounts username inside it. Finally, you have to create a file allowurl.conf in the newly created directory.

The complete path should look like:

# pico /usr/local/apache/conf/userdata/<username>/allowurl.conf

and add the following to the file

<IfModule mod_php5.c>  

php_admin_value allow_url_fopen On 

php_admin_value allow_url_include On 

</IfModule> 

Now, edit the Apache configuration file and scroll down to the VirtualHost entry of the domain. Include the path of the above created file in it, as shown below:

Include "/usr/local/apache/conf/userdata/<username>/allowurl.conf"

Save the file and rebuild the apache configuration

# /usr/local/cpanel/bin/apache_conf_distiller --update 

# /usr/local/cpanel/bin/build_apache_conf 

# /scripts/restartsrv httpd

This will enable allow_url_fopen for that domain.

• On a PhpSuExec Or SuPHP server:

To enable allow_url_fopen on a SuPHP/PHPSuExec enabled server, copy the server side php.ini OR create a new one under the public_html directory of the domain (OR in the directory where you want to enable allow_url_fopen) i.e.

# cp /usr/local/lib/php.ini /home/<username>/public_html/

and edit the new php.ini to enable allow_url_fopen directive:

allow_url_fopen = On

Save the file and this is it.

BTW, replace “<username>” with the actual username of the domain wherever stated above.