Tweak Settings

For WHM version 11.40

(Home >> Server Configuration >> Tweak Settings)

Overview

This interface allows you to configure a number of settings for cPanel & WHM.

It contains a number of tabs at the top of the page that categorize the settings. Your options include:

note Notes:

  • Tweak settings are stored in the /var/cpanel/cpanel.config file. However, system administrators should use the Tweak Settings interface to make changes.
  • Click the question mark next to each setting's description to learn more about the setting.

All

This tab contains the aggregate of settings from all of the other tabs.

cPAddons Site Software

cPAddons are pieces of software that you can install on your website through cPanel. cPAddons provide useful tools to your website, including bulletin boards, chat programs, and online shopping carts.

cPAddons Site Software admin email

This setting allows you to specify a contact email address that will receive cPAddon moderation requests. If resellers choose to configure their contact email address in their cPanel interfaces, they will also be notified.

note Note: A moderation request is a request from a user who wants to install or upgrade an addon. You must approve the request before the user can do so.

To configure the administrator email:

  1. Select the button next to the text field.
  2. Enter the email address you wish to use.

This item defaults to None.

cPAddons Site Software source automatic updates

Click On if you want cPanel to automatically update all cPAddons source files. This item defaults to On.

Max cPAddons Site Software installation requests

This item allows you to specify the maximum number of moderation requests a single user is allowed to make at a time. To specify a new value:

  1. Click the button next to the text field.
  2. Enter the number of requests you want to allow.

This item defaults to 99.

Max cPAddons Site Software installation requests per addon

This item allows you to specify the maximum number of moderation requests a single user is allowed to make at a time, for each cPAddon. To specify a new value:

  1. Click the button next to the text field.
  2. Enter the number of requests you want to allow per addon.

This item’s value defaults to 99.

cPAddons Site Software moderation notification

This item allows you to select whether or not the cPAddons administrator will receive notifications about pending moderation requests. To make your selection, click the option you wish to use. This value defaults to Off.

Allow cPAddons Site Software installations from non-cPanel sources

This item allows you to select whether to allow third-party scripts to be installed on your server. To make your selection, simply click the option you wish to use. This value defaults to On.

Allow cPAddons Site Software installations from modified sources

This item lets you allow users to install cPanel addon scripts that have been altered. Enabling this item may be useful when testing custom addons. To make your selection, click the option you wish to use. This value defaults to Off.

Notify reseller of cPAddons Site Software installations

This item allows the server to notify resellers when their users’ cPAddon installations need to be updated. To make your selection, simply click the option you wish to use. This item defaults to On.

Notify root of cPAddons Site Software installations

This item allows the server to notify the cPAddons administrator when users’ cPAddon installations need to be updated. To make your selection, simply click the option you wish to use. This item defaults to On.

Notify (cPanel) users of cPAddonsSite Software installations

This item allows the server to notify cPanel users when they have cPAddons that need to be updated. You may select:

  • Allow users to choose (default) — This option allows cPanel users to specify whether or not they wish to receive notifications about out-of-date cPAddons.
  • always — This option allows cPanel & WHM to automatically notify users when their cPAddons are out-of-date.
  • never — This option allows you to specify that users should never receive notifications when their cPAddons are out-of-date.

Compression

Use pigz

Pigz is a gzip-compatible program that uses multiple CPU cores simultaneously. This item allows you to select whether to use pigz for compression for account backups.

note Note: Pigz is currently used to compress of account backups. It is not used for other backup types, such as configuration files and the MySQL data directory.

The default value is Off.

gzip compression level

This item allows you to set the gzip compression level for pigz. Higher settings will provide greater compression, but will compress more slowly.

The minimum value is 1 and the maximum value is 9. The default value is 6.

Number of pigz processes

This item allows you to set how many independent pigz processes will be used to perform gzip compression. For the best performance, we recommend that you set this value to match the number of cores that are available on your server.

The minimum value is 1 and the maximum value is 128. The default value is the number of processor cores in your server.

Number of kilobyte chunks per compression work unit

This item allows you to control the size (in 1024-byte chunks) of compression work units that will be distributed to each pigz process. Systems with larger L2/L3 caches may benefit from higher values.

The minimum value is 128 and the maximum value is 1024. The default value is 128.

Display

Default login theme

This item allows you to select the default login theme for cPanel users. To make your selection, click the button corresponding to the theme you wish to use. This value defaults to cpanel.

Display File Usage information in the cPanel stats bar (inode count)

This item, when enabled, shows the number of inodes (files and directories) that a cPanel user's account has used. The information is displayed in the cPanel stats bar as File Usage. The value defaults to Off.

Number of accounts per page to display in "List Accounts"

This item allows you to specify the number of accounts to display per page on the List Accounts screen. To specify a new value:

  1. Select the button next to the text field.
  2. Enter the integer you wish to use. You may also select:
    • All — View all of the accounts on your server whenever you or a reseller views List Accounts.
    • 30 (default) — View 30 accounts per page. This is cPanel & WHM’s default value.

Domains

These items pertain to the configuration of addon, parked, and subdomains.

Allow users to park subdomains of the server's hostname

This item lets you allow users to park subdomains on your server’s main domain. For example, if your server's main domain name is example.com, then clicking On would allow a user to redirect user.example.com visitors to that user’s website.

To make your selection, click the button corresponding to the option you wish to use. This value defaults to Off.

Allow domain parking across accounts

This item lets you allow users to park domains on top of other users’ domains. We strongly recommend that you do not enable this option.

To make your selection, click the button corresponding to the option you wish to use. This value defaults to Off.

Allow Remote Domains

This item lets you allow cPanel users to create parked and addon domains that resolve to other servers. To make your selection, click the button corresponding to the option you wish to use. This value defaults to Off.

ALERT! Warning: Enabling this option can cause major security issues. We strongly recommend that you do not enable this option.

Allow resellers to create accounts with subdomains of the server's hostname

This item lets you allow resellers to create accounts with subdomains of your server’s main domain. For example, if your main domain name is example.com, enabling this option would allow a reseller to redirect user.example.com visitors to the reseller’s website.

To make your selection, click the button corresponding to the option you wish to choose. This value defaults to Off.

Allow unregistered domains

This item allows you to let users create domain names on the server that are not registered with a valid registrar. Click the button corresponding to the option you wish to choose. This item defaults to Off.

Automatically add A entries for registered nameservers when creating a new zone

This item allows you to specify whether the server should automatically create A entries for a new domain's registered nameservers when the domain is created. To make your selection, click the button corresponding to the option you wish to choose. This value defaults to On.

Prevent cPanel users from creating specific domains

You can prevent users from creating certain domains by listing the domain names in /var/cpanel/commondomains. If you enable this feature, cPanel users cannot create (as an addon or parked domain) any domain listed in either that file or /usr/local/cpanel/etc/commondomains.

note Note: You should not directly edit /usr/local/cpanel/etc/commondomains, as your changes will be overwritten whenever cPanel & WHM updates.

Check zone syntax

This option allows you to have the server automatically check zone file syntax whenever DNS zone files are saved or synced. To make your selection, click the button corresponding to the option you wish to use. This value defaults to On.

Check zone owner

This option allows you to have the server automatically check a DNS zone’s owner whenever DNS zone files are saved or synced.

To make your selection, click the button that corresponds to the option you wish to use.

This option defaults to On.

Enable DKIM on domains for newly created accounts

DKIM (DomainKeys Identified Mail) helps verify the sender and integrity of a message. It allows an email system to prove that a message was not altered during transit (meaning it is not forged), and that the message came from the specified domain.

This option allows you to specify whether or not DKIM should be enabled for new accounts by default. This value defaults to On.

Enable SPF on domains for newly created accounts

SPF (Sender Policy Framework) is designed to prevent spammers from sending email while forging your domain’s name as the sender (spoofing). This authentication function works by adding IP addresses to a list, specifying computers that are authorized to send mail from your domain name. It verifies that messages sent from your domain are coming from the listed sender, reducing the amount of backscatter you receive.

This option allows you to specify whether or not SPF should be enabled for new accounts by default. This value defaults to Off.

DNS request management application

This item allows you to specify the application the server should use to handle DNS management requests. This value is set to dnsadmin, auto-detect SSL by default.

To specify a new application:

  1. Select the button next to the text field.
  2. Enter the path to the application you wish to use.

Proxy subdomains

This option will automatically redirect visitors to the correct port when they access the following subdomains (example.com stands for the user's domain name):

  • cpanel.example.com redirects to the user's cPanel interface.
  • webmail.example.com redirects to the user's webmail.
  • webdisk.example.com redirects to the user's Web Disk.
  • whm.example.com redirects to the user's WHM interface.

ALERT! Important: The options selected in the Tweak Settings Redirection section do not apply to proxy subdomains.

note Note: When you enable this feature, it creates an entry in your Apache configuration file (httpd.conf). This feature also requires that you not manually disable mod_rewrite and mod_proxy in the httpd.conf file.

To make your selection, click the button corresponding to the option you wish to choose. This option is set to On by default.

Proxy subdomain creation

Enabling this option will allow WHM to automatically create DNS entries for the following 4 subdomains for every user’s account (where example.com stands for the user’s domain):

  • cpanel.example.com
  • webmail.example.com
  • webdisk.example.com
  • whm.example.com

note Note: Proxy subdomains allow users to reach particular interfaces within cPanel and WHM by entering a subdomain into a browser. For example, a user entering cpanel.example.com would reach the cPanel interface for example.com

To make your selection, click the button corresponding to the option you wish to choose. This option is set to On by default.

PICK Important: You must add DNS entries for these subdomains to work. You may use /usr/local/cpanel/scripts/proxydomains to create DNS entries manually.

Thunderbird and Outlook autodiscover and autoconfig support (enables proxy subdomain and SRV record creation)

This item will automatically create autodiscover and autoconfig proxy subdomains when you create a domain.

  • autoconfig.example.com
  • autodiscover.example.com

This item will also create the autodiscover and autoconfig SRV records needed for Outlook and Thunderbird email auto configuation for local domains.

PICK Important: If you turn off the Proxy subdomains option, this option will be disabled.

Additional information about AutoDiscover and AutoConfig is available for TechNet for AutoDiscover and Mozilla's site for AutoConfig.

** Preferred mail service to configure to use for Thunderbird and Outlook autodiscover and autoconfig support

System administrators can choose the email transfer method to use with Thunderbird and Outlook with AutoDiscover and AutoConfig support. System administrators can choose imap or pop3. We recommend that system administrators use IMAP instead of POP3.

This option defaults to imap.

note Note: You must enable the Thunderbird and Outlook autodiscover and autoconfig support (enables proxy subdomain and SRV record creation) option in order to configure this option.

** Host to publish in the SRV records for Outlook autodiscover support.

Microsoft Outlook®’s AutoDiscover feature searches DNS for an SRV record for an email inbox’s domain that points to a particular server for AutoDiscover. By default, this server is cpanelemaildiscovery.cpanel.net.

System administrators can:

  • Choose the host that is published in the SRV records.
  • Change the default host if they have an SSL-enabled host with an SSL certificate signed by a Certificate Authority.
  • Use their own server for Outlook® AutoDiscovery may enter that server’s FQDN in the available text box.
  • When you enable the Host to publish in the SRV records for Outlook autodiscover support. feature, the server that you specify is queried for the auto-discover settings. You must have a custom XML file for this feature to function properly.

note Note: For more information about how to use a custom XML file, visit Mozilla's autoconfiguration page, or the Exchange's autodiscover page.

note Note: You must enable the Thunderbird and Outlook autodiscover and autoconfig support (enables proxy subdomain and SRV record creation) option in order to configure this option.

More information about Microsoft Outlook®’s AutoDiscover feature is available.

Overwrite custom A records used for proxy subdomains

If you enable this setting, cPanel will remove any existing custom A records which match proxy subdomains that you create or remove.

PICK Important: If you turn off the Proxy subdomains option, this option will be disabled.

Overwrite custom SRV records used by Outlook AutoDiscover support

If you enable this setting, cPanel will remove any existing custom SRV records when Outlook AutoDiscover support is added or removed.

Proxy subdomain override

This item lets you allow users to create cPanel, webmail, Web Disk, and WHM subdomains that override automatically generated proxy subdomains. This means, for example, a user would be able to direct visitors accessing cpanel.example.com to a web page that user configures, such as mycontrolpanel.example.com.

To make your selection, click the button corresponding to the option you wish to use. This item’s default value is On.

note Note: Proxy subdomains allow you to reach particular interfaces within cPanel and WHM by entering a subdomain into your browser. For example, entering cpanel.example.com would reach the cPanel interface for example.com.

public_html subdomains only

Enabling this option prevents a user from creating subdomains outside of the user's own public_html directory. To make your selection, click the button corresponding to the option you wish to use. This item’s default value is Off.

Always use authoritative (registered) nameservers when creating a new DNS zone

Enabling this option will cause the server to use a new domain's authoritative nameservers—that is, the name servers on record with the domain's registrar. The server will ignore the nameservers specified by the user creating the domain.

To make your selection, click the button corresponding to the option you wish to use. This value defaults to Off.

Logging

Log dnsadmin requests

This setting allows you to select whether to log dnsadmin requests in /usr/local/cpanel/logs/dnsadmin_log. To make your selection, click the button corresponding to the option you wish to use. This item’s default value is Off.

Enable verbose logging of DNS zone syncing

Enabling this option causes your server to print DNS information to the command line interface whenever a DNS zone is synchronized. To make your selection, click the button corresponding to the option you wish to use. This value defaults to Off.

ALERT! Warning: This is for testing purposes only. Do not enable this option on a production server.

Mail

Initial default/catch-all forwarder destination

This item allows you to select the initial forwarding destination for new accounts’ catch-all/default addresses.

PICK Remember: Users may later modify this value for themselves via the Default Address interface in cPanel.

The catch-all or default address handles email sent to nonexistent users on your server's domains. Because a domain may receive a large number of spam messages sent to nonexistent users, opting to process such mail can cost you server resources.

To make your selection, click the button corresponding to the option you wish to use. You may choose:

  • System account (default) — Unroutable mail will be forwarded to the cPanel user’s main email account. If you choose this option, this account will mainly collect spam.
  • Fail — Discards the message and sends a notification to the sender.
    • This is usually the best choice if you are getting mail attacks.
  • Blackhole — Downloads the message, then discards it.

Discard FormMail-clone message with bcc:

This item allows you to select whether to silently discard FormMail-clone messages with a bcc: header in the subject line. Such messages are typically spam.

Click the button corresponding to the option you wish to select. This value defaults to On.

Mail authentication via domain owner password

This option allows you to specify whether the website owner’s password can be used to access any email address the owner created within the account. Click the button corresponding to the option you wish to select. This value defaults to Off.

Include mailman in disk usage calculations

This option allows you to decide whether Mailman mailing lists should be included in cPanel's calculations. Click the button corresponding to the option you wish to select. This value defaults to On.

Email delivery retry time

This item allows you to specify how long (in minutes) your mail server should wait before attempting to deliver a message after the message delivery has failed. To specify a new time, click the button next to the text field and enter the new time. This value defaults to 60 minutes.

Track email origin via X-Source email headers

note Note: This feature requires Exim 4.34+.

This item allows you to select whether to track the origins of messages sent through your mail server. This feature works by adding X-Source headers to email messages. Click the button corresponding to the option you wish to select. This value defaults to On.

Max hourly emails per domain

This item allows you to specify the maximum number of emails any domain can send per hour. To specify a new value:

  1. Click the button next to the text field.
  2. Enter the value you wish to set.

This value defaults to Unlimited.

ALERT! Warning: This setting will not override the following parameters in packages or users:
Maximum Hourly Email by Domain Relayed
Maximum percentage of failed or deferred messages a domain may send per hour

The percentage of email messages (above the domain's hourly maximum) to queue and retry for delivery.

Once a domain has reached its limit for outgoing messages per hour, this setting allows you to queue additional outgoing messages for later delivery. For example, if you set this value to 125, then once the domain reaches its hourly limit, Exim will queue any additional messages, up to 125% of the Max hourly emails per domain value. Once the account reaches 125% of the Max hourly emails per domain value, any additional outgoing messages are forced to fail.

To force failure of all outgoing messages once the domain has reached its limit, set this option to 100.

Count mailman deliveries towards a domain's Max hourly emails

This option allows you to count messages sent to Mailman mailing lists against an account's Max hourly emails per domain limit, set above. By default, this setting is Off.

note Note: This setting should remain Off if you wish to accommodate users with large Mailman mailing lists. If you turn this setting On, you may encounter issues with mailing list subscribers not receiving messages.

Maximum percentage of failed or deferred messages a domain may send per hour

This option allows you to specify the maximum percentage of failed or deferred messages a that domain can send. If the domain exceeds the limit, your server will temporarily block outgoing mail from that domain. The system examines all outgoing and local mail over the previous hour to determine whether the domain exceeds the limit. When a domain exceeds the limit, the domain cannot send mail until the domain no longer exceeds the limit.

To configure this option, click the button next to the available text field and specify the percentage you wish to use. This item is set to unlimited by default.

Also, you can configure this option for user accounts and account packages.

Restrict outgoing SMTP to root, exim, and mailman

Only allow the root, exim, and mailman users to send email messages. Enabling this option prevents other users on the system from sending mail. When this option is enabled, scripts and email users need to use the sendmail binary to send mail instead of using direct sockets access. Click the button corresponding to the option you wish to select. This value defaults to Off.

Prevent “nobody” from sending mail

This item allows you to prevent the system user nobody from sending mail to a remote address. Click the button corresponding to the value you wish to select. The default value for this item is Off.

PICK Remember: PHP and CGI scripts generally run as nobody. To use a PHP or CGI script to send mail, you will need to enable either suEXEC or mod_php in your Apache configuration.

Add X-PopBeforeSMTP header for mail sent via POP-before-SMTP

note Note: This item requires Exim 4.34-30+.

POP before SMTP is an email protocol that allows users to check email from different IPs without having to log in repeatedly.

Enabling this setting requires the mail server to append a list of email addresses a user checks using POP before SMTP to the X-PopBeforeSMTP headers of all that user's outgoing messages.

As this measure may compromise the privacy of your users, enabling it is not recommended unless absolutely necessary.

To make your selection, click the button corresponding to the option you wish to use. The default value for this item is Off.

Enable BoxTrapper spam trap

This item allows you to enable BoxTrapper. BoxTrapper is a spam prevention system that works using black-, white-, and ignore lists and an automated response-verification system.

To disable BoxTrapper, click the Off button. By default, BoxTrapper is On.

Enable Email Archiving support

This item allows you to enable or disable Email Archiving support. The Email Archiving feature allows you to keep a copy of each email sent to and from your server. An email is immediately archived when the server receives the message. This action takes place before any filters are applied to the message. Emails classified as spam and non-spam are archived. If you enable this feature, your disk space can quickly double. To enable this item, click the On button. By default, this item is Off.

Enable Horde Webmail

This item allows you to enable the Horde webmail client. Webmail allows cPanel users to access their email accounts using an Internet connection and a web browser. To disable the Horde webmail client, click the Off button. By default, this item is On.

Enable RoundCube webmail

This item allows you to enable the RoundCube webmail client. Webmail allows cPanel users to access their email accounts using an Internet connection and a web browser. To disable the RoundCube webmail client, click the Off button. By default, this item’s value is set to On.

Enable the SpamAssassin spam filter

PICK Important: If you make changes to SpamAssassin's configuration, you must run the following script for your changes to take effect: /usr/bin/sa-compile

SpamAssassin is a spam filtration program that works by scoring incoming email and checking that score against a predefined limit. If the spam score exceeds this limit, the server will take an action the domain owner has specified in the cPanel SpamAssassin interface. Available actions include discarding mail or placing it in a special folder (see below). For more information, see http://spamassassin.apache.org.

To disable SpamAssassin, click the Off button. By default, this item’s value is set to On.

Enable SpamAssassin Spam Box delivery for messages marked as spam (user configurable)

This item allows you to enable SpamAssassin’s spam box feature. The spam box, when enabled, can receive incoming mail that was marked as spam by SpamAssassin. This can be useful for users who have received a message falsely flagged as spam.

To enable SpamAssassin’s spam box feature, click the On button. By default, this feature is Off.

Enable SquirrelMail webmail

This item allows you to enable the SquirrelMail webmail client. Webmail allows cPanel users to access their email accounts using an Internet connection and a web browser. To disable the SquirrelMail webmail client, click the Off button. By default, this feature is On.

Prefix “mail.” onto Mailman URLs

This item allows you to specify whether Mailman URLs on your server should be prefixed with mail. Click the button corresponding to the option you wish to use. This value defaults to Off.

Default user-defined quota value for new email accounts

This item allows you to set the default quota that will appear in the Email Accounts feature in your users’ cPanel interfaces. To set a new value, click the button next to the text field and enter the desired default value. This value defaults to 250 megabytes.

  • note Note: The maximum value is 2,048 MB.

Default quota option for new email accounts

This item allows you to set the quota option that is preselected when users access the Email Accounts feature in their cPanel interfaces. To change the default option, click the button that corresponds to the option you wish to select. This value defaults to User-defined.

Notifications

System disk space usage warnings

This item allows you to enable disk space usage warnings. These warnings appear to cPanel users who are approaching their disk space quota.

To turn on disk space usage warnings, click the On button. Disk space usage warnings are Off by default. Once you enable disk space usage warnings, a number of other items become available. They are:

Account system disk usage “warn” percentage

This item allows you to specify the threshold at which a user’s disk usage is considered to enter the “warn” state. To specify a new value, click the button next to the available text field and enter the value you wish to use. This item’s default value is 80%.

You may also choose to disable these warnings by selecting Disable this notification.

Account system disk usage “critical” percentage

This item allows you to specify the threshold at which a user’s disk usage is considered to enter the “critical” state. To specify a new value, click the button next to the available text field and enter the value you wish to use. This item’s default value is 90%.

You may also choose to disable critical-state warnings by selecting Disable this notification.

Disk quota usage warnings

This item allows you to specify the threshold at which a user’s disk usage is considered to enter the full state. Click the button next to the available text field and enter the value you wish to use. This item’s default value is 98%.

You may also choose to disable full-state warnings by selecting Disable this notification.

Account disk quota "warn" percentage

Notify admin or reseller when disk quota reaches "warn" state

This item allows you to specify whether the server should send a notification to the administrator or reseller who owns the cPanel account that is in the “warn” state. Click the button corresponding to the value you wish to select. This value defaults to Off.

Account disk quota "critical" percentage

Notify admin or reseller when disk reaches "critical" state

This item allows you to specify whether the server should send a notification to the administrator or reseller who owns the cPanel account that is in the "critical" state. Click the button corresponding to the value you wish to select. This value defaults to On.

Account disk quota "full" percentage

Notify admin or reseller when disk quota reaches "full" state

This item allows you to specify whether the server should send a notification to the administrator or reseller who owns the cPanel account that is in the "full" state. Click the button corresponding to the value you wish to select. This value defaults to On.

Enable mailbox usage warnings

This item allows you to enable mailbox usage warnings. These warnings appear to cPanel users whose mailboxes are almost full.

To turn on mailbox usage warnings, click the On button. Mailbox usage warnings are Off by default.

Once you have enabled mailbox usage warnings, a number of other options become available. They are:

Mailbox disk quota “warn” percentage

This item allows you to specify the threshold at which a user’s mailbox is considered to enter the “warn” state.

To specify a new value, click the button next to the text field and enter the value you wish to use. This item defaults to 80%.

You may also choose to disable “warn” state warnings by selecting Disable this notification.

Mailbox disk quota “critical” percentage

This item allows you to specify the threshold at which a user’s mailbox is considered to enter the “critical” state.

To specify a new value, click the button next to the text field and enter the value you wish to use. This item defaults to 90%.

You may also choose to disable “critical” state warnings by selecting Disable this notification.

Mailbox disk quota “full” percentage

This item allows you to specify the threshold at which a user’s mailbox is considered to enter the “full” state.

To specify a new value, click the button next to the text field and enter the value you wish to use. This item defaults to 98%.

You may also choose to disable “full” state warnings by selecting Disable this notification.

Bandwidth limit check

This item allows you to select whether to automatically suspend HTTP service for accounts that exceed their bandwidth limit.

Disabling this option will disable all bandwidth notifications and treat all accounts as having unlimited bandwidth.

To make your selection, click the button corresponding to the value you wish to select. This item defaults to On.

Send bandwidth limit notification emails

This item allows you to specify whether the server should send notification emails to accounts that are approaching their bandwidth limits.

To make your selection, click the button corresponding to the value you wish to select. This item defaults to Off.

If you choose to enable this option, other items become available. They are:

Bandwidth usage warning: 70%

This item allows you to specify whether to send an email notification to users who have used 70% of their bandwidth.

To make your selection, click the button corresponding to the value you wish to select. This item defaults to Off.

Bandwidth usage warning: 75%

This item allows you to specify whether to send an email notification to users who have used 75% of their bandwidth.

To make your selection, click the button corresponding to the value you wish to select. This item defaults to Off.

Bandwidth usage warning: 80%

This item allows you to specify whether to send an email notification to users who have used 80% of their bandwidth.

To make your selection, click the button corresponding to the value you wish to select. This item defaults to On.

Bandwidth usage warning: 85%

This item allows you to specify whether to send an email notification to users who have used 85% of their bandwidth.

To make your selection, click the button corresponding to the value you wish to select. This item defaults to Off.

Bandwidth usage warning: 90%

This item allows you to specify whether to send an email notification to users who have used 90% of their bandwidth.

To make your selection, click the button corresponding to the value you wish to select. This item defaults to Off.

Bandwidth usage warning: 95%

This item allows you to specify whether to send an email notification to users who have used 95% of their bandwidth.

To make your selection, click the button corresponding to the value you wish to select. This item defaults to Off.

Bandwidth Usage Warning: 97%

This item allows you to specify whether to send an email notification to users who have used 97% of their bandwidth.

To make your selection, click the button corresponding to the value you wish to select. This item defaults to Off.

Bandwidth usage warning: 98%

This item allows you to specify whether to send an email notification to users who have used 98% of their bandwidth.

To make your selection, click the button corresponding to the value you wish to select. This item defaults to Off.

Bandwidth usage warning: 99%

This item allows you to specify whether to send an email notification to users who have used 99% of their bandwidth.

To make your selection, click the button corresponding to the value you wish to select. This item defaults to Off.

note Note: To modify your notification templates, read our notification template documentation.

PHP

The following five options configure PHP scripts that your users' cPanel accounts run.

To configure additional PHP settings, use the PHP Configuration Editor in WHM.

cPanel PHP max execution time

This item allows you to specify the number of seconds a cPanel PHP script is allowed to execute before it is terminated by the system. This limit prevents the slow down of your server by poorly written scripts.

To specify another value, click the button that corresponds to the s text box and enter the new value in seconds. This value defaults to 90 seconds.

cPanel PHP max POST size

This item allows you to specify the maximum size (in megabytes) that a POST request can be.

To specify a new value, click the button that corresponds to the MB text box and enter the new value in megabytes. The maximum value you can specify here is 2047 MB. This value defaults to 55 MB.

cPanel PHP register_globals

PICK Important: This feature is unavailable in PHP 5.4.

This item allows you to specify whether PHP scripts should be able to register global variables. This feature is deprecated as of PHP 5.3.0.

ALERT! Warning: We strongly recommend that you do not enable this option, as it can pose serious security risks to your server.

This item’s value defaults to Off.

cPanel PHP max upload size

This item allows you to specify the maximum file size that a PHP script may upload.

To specify a new value, click the button that corresponds to the MB text box and enter the new value in megabytes. The maximum value you can specify here is 2047 MB. This value defaults to 50 MB.

cPanel PHP loader

Click the box that corresponds to the PHP loader that you wish for cPanel to use in order to execute internal PHP scripts.

  • If you run cPanel 1.x or 2.x, click oldsourceguardian.
  • If you run a later version of cPanel, you may use the loader of your preference. However, you will need to install the loader in the proper directory.

This item defaults to none.

note Note: You may select more than one PHP loader.

Redirection

Always redirect to SSL

This feature option allows you to redirect users to the proper SSL/TLS ports when they access the following URLs (where example.com stands for the user's domain name):

  • www.example.com/cpanel
  • www.example.com/webmail
  • www.example.com/whm

This feature does not redirect users when they access the following URLs:

  • cpanel.example.com
  • webmail.example.com
  • whm.example.com

note Note: If you wish to force SSL with the above URLs, enable the Require SSL option in the Security section. The Require SSL option does function with proxy subdomains.

note Note: When you enable this feature, users will not be able to send their passwords to these links without encryption.

This item defaults to Off.

Non-SSL redirect destination

This option allows you to specify how you would like to redirect users who access cPanel & WHM without SSL. You may select:

  • Hostname — Redirects users to the server’s hostname (for example, host.example.com:2082 where host.example.com is the server's hostname).
  • Origin Domain Name — Redirects a user to his or her main domain (for example, example.com:2082 where example.com is the user's domain). This option is selected by default.

This rule applies when a user visits:

  • www.example.com/cpanel
  • www.example.com/webmail
  • www.example.com/whm

This rule does not apply when a user visits:

  • cpanel.example.com
  • webmail.example.com
  • whm.example.com

SSL redirect destination

This option allows you to specify how you would like to redirect users who access cPanel & WHM with SSL. You may select:

  • SSL Certificate Name — Redirects users to the domain listed in the SSL certificate used by cPanel, WHM, and webmail. You can view this certificate on the Manage Service SSL Certificates screen. This option is selected by default.
  • Hostname — Redirects users to the server’s hostname (for example, host.example.com:2083 where host.example.com is the server's hostname).
  • Origin Domain Name — Redirects a user to his or her main domain (for example, example.com:2083 where example.com is the user's domain).

This rule applies when a user visits:

  • www.example.com/cpanel
  • www.example.com/webmail
  • www.example.com/whm

This rule does not apply when a user visits:

  • cpanel.example.com
  • webmail.example.com
  • whm.example.com

Logout redirection URL

This item allows you to redirect users to a specific URL after they log out of cPanel.

To specify a new URL, click the button next to the text box, and enter the URL. This item’s default value is No redirection.

CageFS may alter how some URLs are redirected. Close

When users acces their websites and include the directory /whm, /cpanel, or /webmail, they are redirected away from the website to their WHM, cPanel, or webmail account. CageFS prevents users from being redirected.

If /bin/sh or /bin/bash is in the /etc/cagefs/black.list file, the above internal server errors may occur when you access:

  • example.com/whm
  • example.com/cpanel
  • example.com/webmail

To avoid this error, you may either:

  • Disable cageFS for the user of the domain.
  • Remove /bin/sh or /bin/bash from the /etc/cagefs/black.list file.

SQL

Include databases in disk usage calculations

This item allows you to select whether to include databases in disk usage calculations.

Click the option you wish to select. This item defaults to On.

Let cPanel determine the best value for your MySQL open_files_limit configuration

This item allows cPanel to determine the best value for your MySQL open_files_limit​ setting in your my.cnf configuration file.

Newer versions of MySQL require additional file descriptors for each open table. A server with a large number of open tables (For example, servers with multiple installations of WordPress) may require a value of open_files_limit greater than the default value of 2048. However, an extremely large open_files_limit setting requires more memory, and may cause performance issues.

Click the button that corresponds to the value that you wish to use. This item defaults to On.

Use INFORMATION_SCHEMA to acquire MySQL disk usage (MySQL 5+ required)

Using the MySQL INFORMATION_SCHEMA view causes the system to include disk usage by all MySQL tables in the disk usage totals.

Enabling this setting can degrade performance, causing MySQL to become unresponsive until data collection is complete.

If you disable this setting, WHM queries the filesystem for disk usage information. This may not account for all data, depending on table type usage and local configuration.

This feature defaults to On.

note Note: If you use a remote MySQL server, you must turn this setting On in order to calculate MySQL disk usage. To use this setting, MySQL version 5 or higher is required.

Use pre-4.1-style MySQL passwords

This item allows you to select whether or not you wish to use old-style MySQL 4.0 passwords with MySQL 4.1+. This can be useful if you experience authentication problems with PHP scripts.

Click the button corresponding to the value you wish to use. This item defaults to Off.

note Note: Run Update Server Software, then EasyApache (Apache Update), to cause your changes to take effect.

Security

Always autocomplete in login screens.

This item allows the user to save the cPanel, WHM, and webmail login passwords in the browser's cache.

This item defaults to On.

note Note: If you change the setting to Off, login themes older than cPanel & WHM 11.32 are not affected.

CGIEmail and CGIEcho

This item controls whether CGIEmail and CGIEcho are available on the system. These two legacy cgi-sys scripts treat all files in a user's public_html directory as potential input templates if they contain the characters [ and ]. Setting this option to Off will disable CGIEmail and CGIEcho completely, which will improve the security of the system. This item's default value is On for backward compatibility.

Cookie IP validation

This item allows you to validate IP addresses used in all cookie-based logins. Enabling this option helps to prevent attackers from capturing cPanel session cookies in order to gain access to your server's cPanel and WHM interfaces.

note Note: To use this feature most effectively, you should also disable the Proxy subdomain settings in the Domains section of Tweak Settings.

Click the button corresponding to the option you wish to select:

  • disabled — Does not validate IPs.
  • loose — The access IP address and the cookie IP address must be in the same class C subnet.
  • strict — The access IP address and the cookie IP address must match exactly. This is the default value.

Generate core dumps

Selecting this option allows cPanel’s services to create core dumps. These can be useful for debugging purposes.

ALERT! Warning: Core dumps contain sensitive information. Be sure to keep them secure.

Click the button corresponding to the option you wish to choose. This item defaults to Off.

Send passwords when creating a new account

This option allows you to choose whether to send new users their passwords in plaintext over email when you create a new account.

ALERT! Warning: Enabling this option is a security risk.

Click the button corresponding to the option you wish to select. This item defaults to Off.

Blank referrer safety check

Enabling this option limits the functions that cPanel and WHM perform by requiring that each attempt to submit data to cPanel or WHM is accompanied by a referring URL. This helps to prevent cross-site request forgery (XSRF) attacks, but may break integration with other systems, login applications, and billing software.

note Note: The visitor or querying application must have cookies enabled in order for this feature to take effect.

Click the button that corresponds to the option you wish to select. This item defaults to Off.

Referrer safety check

Enabling this option limits the functions that cPanel and WHM perform by requiring that each attempt to submit data to cPanel or WHM is accompanied by a referring URL whose domain or IP and port number exactly match those of the destination URL. This helps to prevent cross-site request forgery (XSRF) attacks. However, enabling this option may break integration with other systems, login applications, and billing software.

note Note: The visitor or querying application must have cookies enabled in order for this feature to take effect.

Click the button that corresponds to the option you wish to select. This item defaults to Off.

Require SSL

Enabling this option requires that passwords and other sensitive information use SSL encryption.

Click the button that corresponds to the option you wish to use. This item defaults to On.

note Note: We strongly recommend that you enable this option.

Enable HTTP authentication

Enabling HTTP authentication (also called "basic access authentication") causes your server to rely on a username and password to verify a user's identity. This exposes your server to a certain type of cross-site request forgery (XSRF) attack that relies on cached HTTP authentication credentials.

Disabling this option forces cookie authentication.

Click the button that corresponds to the option you wish to select. This item defaults to Off.

Allow PHP to be run by resellers in WHM

This item determines whether resellers are allowed to run PHP in WHM. You should take special precautions when enabling this functionality as WHM's PHP is run under the root system user.

To enable this option, select the On option. This value defaults to Off.

Allow WHM apps registered with AppConfig to be executed even if a Required ACLs list has not been defined

This setting allows applications and addons that are registered with AppConfig to execute even if a Required ACL has not been defined.

If you disable this setting, applications and addons that are registered with AppConfig are forced to set an ACL list before they can be executed.

The default value is on.

Allow cPanel and Webmail apps registered with AppConfig to be executed even if a Required Features list has not been defined

This setting allows cPanel and Webmail apps that are registered with AppConfig to execute even if a required features list has not been defined.

If you disable this setting, cPanel and Webmail apps that are registered with AppConfig are forced to set a Required Features list before they can be executed.

The default value is on.

Allow apps that have not registered with AppConfig to be run when logged in as a reseller in WHM

This setting allows applications that are not registered with AppConfig to be run when logged in as a reseller in WHM.

If you disable this setting, resellers will be unable to run applications that are not registered with AppConfig.

note Note: This option was introduced in cPanel version 11.38.1 to provide additional visibility of installed applications and addon, and their privilege levels.

The default value is on.

Allow apps that have not registered with AppConfig to be run when logged in as root or a reseller with the "all" ACL in WHM

This setting allows applications that are not registered with AppConfig to be run when logged in as root or a reseller in WHM with the all ACL.

If you disable this setting, root and reseller accounts with root privileges can only run applications that are registered with AppConfig.

note Note: This option was introduced in cPanel version 11.38.1 to provide additional visibility of installed applications, addons, and their privilege levels.

The default value is on.

For more information about how to register applications with AppConfig, please read our AppConfig documentation.

Use MD5 passwords with Apache

This item allows you to specify whether the system should use MD5 hashing for new passwords saved in Apache .htpasswd files. When this option is disabled, crypt hashing is used.

Because Apache .htpasswd files can contain a mix of crypt- and MD5-encoded passwords without issue, this setting does not change the encoding of any existing passwords.

MD5-encoded passwords are more secure than crypt-encoded passwords. Crypt only uses the first 8 characters of the password for authentication. MD5 passwords can be any length.

Click the button that corresponds to the option you wish to use. This item defaults to On.

**EXPERIMENTAL: Jail Apache Virtual Hosts using mod_ruid2 and cPanel® jailshell.

When you enable this setting, the mod_ruid2 module chroots Apache virtual hosts. This action will run Apache virtual hosts in a chrooted environment.

  • You can use this option with versions 5 and 6 of CentOS or Red Hat Enterprise Linux.
  • If you compiled Apache through EasyApache and installed mod_ruid2 version 0.9.4a or later, then this option will be available.
  • This option defaults to Off.

ALERT! Warning: We do not recommend that system administrators use this option with CentOS 5 or Red Hat Enterprise Linux 5 because these operating systems distribute older kernels with certain limitations. The Linux kernel versions installed on these operating systems and the number of bind mounts that VirtFS requires make it difficult to ensure system stability.

  • note Note: This option will be unavailable on systems that run CentOS or Red Hat Enterprise Linux version 5 with 256 or more users.

Once you enable this option, each user who has jailshell or noshell configured as their shell will experience the following changes:

  • The user's Apache Virtual Hosts will be jailed into their /home/virtfs directory via chroot.
  • The RDocumentChRoot directive will be added to the user's Virtual Host in httpd.conf
    • The following example is an RDocumentChRoot directive:
          <IfModule mod_ruid2.c>
              RMode config
              RUidGid kellyp kellyp
       ==>    RDocumentChRoot /home/virtfs/kellyp /home/kellyp/public_html <==
          </IfModule>
      

The user's filesystem view will be limited to their /home/virtfs/$USER filesystem. Various jail shell-related options in WHM's Tweak Settings control the /home/virtfs/$USER filesystem configuration.

When you enable this setting, you will enable the JailManager TailWatch Driver module. JailManager keeps each VirtFS filesystem jail shell in sync with the root filesystem. JailManager also returns the VirtFS filesystem jailed shells to a usable state when the system is rebooted. There is no need to enable or disable JailManager in the Service Manager because this setting controls the module's state.

Security Tokens

This item allows you to require security tokens for all interfaces. This helps to protect your server against cross-site request forgery (XSRF) attacks. However, enabling this option may break integration with other systems, login applications, billing software, and third-party themes.

Click the button that corresponds to the option you wish to select. This item defaults to Off. -->

Software

Enable FormMail-clone CGI

Enabling this option makes the FormMail-clone CGI script available to your users via cPanel's CGI Center. This script allows a user to publish a form which allows website visitors to email him or her.

note Note: If this script is not used properly, it could pose security risks for your server. We recommend selecting Off.

Click the button that corresponds to the option you wish to select. This item defaults to Off.

Urchin installation path

This item allows you to specify a path to your Urchin installation. Urchin is a web statistics analysis program.

If you wish to specify a new path, click the button next to the text field and enter the path. This item defaults to Auto-detect.

Dormant services

Enabling this option for a service causes the service to unload itself from memory after being idle for 5 minutes, while opening a listening service in its place. This reduces the amount of memory used by the system; however, responses from dormant services are delayed.

Select the services for which you wish to enable Dormant services:

Stats Programs

Statistical analysis programs allow your users to view information about their site visitors.

This section lets you make statistical analysis programs available to users on your server. For more configuration options, see the WHM Statistics Software Configuration screen.

Awstats reverse DNS resolution

Enabling this item allows AWStats to interpret visitors' domain names as IP addresses. Disabling this option conserves server resources.

This value defaults to Off.

Enable Analog stats

This item allows you to enable the Analog statistical analysis program.

Click the button corresponding to the option you wish to select. This value defaults to On.

Enable AWStats stats

This item allows you to enable the AWStats statistical analysis program.

Click the button corresponding to the option you wish to select. This value defaults to On.

Enable Logaholic stats

This item allows you to enable the Logaholic statistical analysis program.

Click the button corresponding with the option you wish to select. This value defaults to Off.

Enable Webalizer stats

This item allows you to enable the Webalizer statistical analysis program.

Click the button corresponding to the option you wish to select. This value defaults to On.

Stats and Logs

Allow users to update Awstats from cPanel

This option lets you specify whether the server should allow your cPanel users to update the AWStats web statistics program.

Click the button that corresponds to the value you wish to select. This item defaults to Off.

Delete each domain's access logs after stats run

This item allows you to specify whether the server should delete each domain’s access log after statistics are processed. Enabling this option can help conserve disk space.

Click the button corresponding to the value you wish to use. This item defaults to On.

Archive logs in the user's home directory at the end of each stats run unless configured by the user

This option archives logs in the user's home directory at the end of each statistics run.

  • If this option is set to off, the logs will not be archived.
  • The user may override this behavior in their configuration.
  • The default value is on.

Remove the previous month's archived logs from the user's home directory at the end of each month unless configured by the user

This option removes the archived log files from the user's home directory at the end of each month.

  • If this option is set to off, the archived logs will be retained.
  • The user may override this behavior in their configuration.
  • The default value is on.

Extra CPUs for server load

This item allows you to specify a value to add to the number of physical CPUs in your server. The sum of these 2 numbers will become the value at which cpuwatch, cpanellogd, backups, and CPU stats will consider the system to be in a critical load state.

Click the button next to the text field and enter the value you wish to use. This value defaults to 0.

Include password in the raw log download link in cPanel (via FTP)

This item allows you to specify whether the server should include the password in the raw log download link on the cPanel FTP Accounts screen.

Click the button corresponding to the value you wish to select. This item defaults to On.

Keep master FTP log file

Enabling this option will prevent the system from deleting /usr/local/apache/domlogs/ftpxferlog whenever FTP logs are parsed by domain.

Click the button corresponding to the option you wish to select. This item defaults to Off.

Keep log files at the end of the month

This option allows you to keep log files at the end of each month, instead of deleting them.

note Note: Selecting this option is not recommended, as log files can quickly use up your server's disk space.

Click the button corresponding to the option you wish to select. This item defaults to Off.

Keep stats logs

Enabling this option will keep the stats log (/usr/local/cpanel/logs/stats_log) between cPanel restarts.

note Note: If you have used WHM's cPanel Log Rotation Configuration option to configure the log to be archived monthly, it may interfere with this option by deleting the log after archiving it.

Click the button corresponding to the option you wish to select. This item defaults to Off.

Apache log file chmod value

This item allows you to set the Apache log file’s chmod value. The chmod value sets permissions for who can read, write to, and execute a file.

For more information on chmod, use the following command from the command line interface: man chmod

For more information about file permissions, visit the Wikipedia article.

Click the button next to the text field and enter the chmod value you wish to use. This item defaults to 0640.

Show bandwidth usage in megabytes by default in WHM

This item allows you to specify whether WHM should display bandwidth usage in megabytes.

Click the button corresponding to the value you wish to select. This item defaults to Off.

Stats log level

This item allows you to specify how much information the server should include in /usr/local/cpanel/logs/stats_log.

This item is capable of accepting integers between 1 and 10. Higher numbers indicate greater detail. This item’s default value is 1.

Click the button next to the text field and enter the integer you wish to use.

Log rotation size threshold

This item allows you to specify a threshold, above which cpanellogd will rotate log files.

Click the button next to the text field and enter the value you wish to use. This item defaults to 300 megabytes.

Use RRDtool binary instead of native Perl RRDtool implementation

RRDtool is a utility that cPanel & WHM uses to store bandwidth data. cPanel & WHM now includes native Perl bindings to the RRD system. Perl bindings to the RRD system are enabled by default, as they are faster and impose less load on your server.

If the Perl bindings are not functioning correctly, you can select On to force cPanel & WHM to use the RRDtool binary. This value defaults to Off.

The interval, in days, to retain Exim stats in the database

This option allows you to specify the number of days you wish to keep Exim stats.

To specify a new value, click the button next to the available text field and enter a new value. This item's default value is 90.

Use delayed sql inserts in the eximstats process to reduce the number of disk writes.

This option queues SQL inserts into memory until they can be written as a single block. In general, this action is much faster than when multiple separate inserts are performed. However, this action uses additional memory while the rows are queued.

Click the button which corresponds to the value that you wish to select. The default value is On.

Status

Critical load threshold

This item allows you to specify the minimum CPU load that will cause the server load to appear red on the WHM Service Status page and the cPanel Server Status page.

This item defaults to 2.

  • To specify a new value, click the button next to the text field and enter the value you wish to specify.
  • You may also select # of CPUs (autodetect). This option automatically sets the appropriate value based on the number of processors your server has.

Support

Send update analyses to cPanel

This option allows you to select whether or not you wish to send an analysis file to cPanel whenever you update your server.

Click the option you wish to select. This option is Off by default.

Update analysis log files are stored in /usr/local/cpanel/logs/update_analysis.

Update analysis retention interval

This item allows you to specify how long you wish to keep the update analysis log files you send cPanel.

To specify a new value, click the button next to the available field and enter the number of days you wish to keep the log files. Entering a non-integer value into this field will result in the log files being kept indefinitely. This item defaults to 90 days. If you do not wish to remove the update analysis log files, you may select Never delete. This item's minimum value is 1.

Update analysis log files are stored in /usr/local/cpanel/logs/update_analysis.

System

Accounts that can access a cPanel user account

This setting specifies which user(s) can log into a cPanel account.

  • Root is the server owner.
  • Account-Owner can be the server owner or a reseller, depending on who owns the cPanel account.
  • cPanel User is the user of the cPanel account.

Click the button that corresponds to the option you wish to use. This option defaults to Root, Account-Owner, and cPanel User.

note Note: If you disallow root or reseller logins to cPanel accounts, then the disallowed root user or reseller will no longer be able to access:

  • The cPanel icon (cPanel icon) on the WHM List Accounts screen. (This provides access to the user's cPanel.)
  • The Live Editor feature on the WHM Branding screen.
  • The Locale Editor - Live Mode on the WHM Edit a Locale screen.
  • The Customize HTML pages feature on the WHM Configure Customer Contact screen.

Allow server-info and server-status

This item allows you to specify additional IP addresses and hostnames that should have access to example.com/server-info and example.com/server-status. These pages display sensitive information about your server. Therefore, you should be selective in allowing access to them.

Enter the desired IP addresses or hostnames into the available text field. Each new value should have its own line.

For more information on entering the data properly, view the Apache mod_access documentation.

Allow cPanel users to install SSL Hosts if they have a dedicated IP

This item allows you to choose whether to allow cPanel users with dedicated IP addresses to install SSL hosts.

Click the button corresponding to the value you wish to select. This item defaults to On.

Send anonymous usage data to cPanel

cPanel, Inc. uses anonymized data about our customers' usage of our products to improve cPanel & WHM functionality.

Click Off to opt out of having your anonymized usage information sent to cPanel, Inc. This item defaults to On.

Apache non-SSL IP/port

This item allows you to specify a new port or IP address that Apache will use to listen for requests and serve web pages over an unsecured connection.

To specify a new value, click the button next to the available field and enter the value you wish to use. This item defaults to 0.0.0.0:80, indicating that Apache will use port 80 to serve content on an unsecured connection for all IP addresses associated with your server.

ALERT! Warning: Entering an IP will prevent Apache from listening on all other IPs. This could prevent HTTP traffic from being routed correctly, making your site inaccessible to visitors.

Apache SSL Port

This item allows you to specify a new port or IP address that Apache will use to listen for requests and serve web pages over a secure connection.

Click the button next to the available field and enter the value you wish to use. This items defaults to 0.0.0.0:443, indicating that Apache will use port 443 to serve content on a secure connection for all IP addresses associated with your server.

ALERT! Warning: Entering an IP will prevent Apache from listening on all other IPs. This could prevent HTTP traffic from being routed correctly, making your site inaccessible to visitors.

cPanel & WHM API Shell (for developers)

This item adds the API Shell interface to cPanel and WHM, which allows you to test API functions directly in the interface.

This item defaults to Off

note Note: To enable this feature for cPanel, you must grant the API Shell feature to the desired users within the Feature Manager interface in WHM. Also, you must refresh your browser window.

The number of seconds between ChkServd service checks.

The number of times ChkServd allows a previous check to complete before termination.

The option to enable or disable ChkServd HTML notifications.

The option to enable or disable ChkServd recovery notifications.

BIND deferred restart time

This item allows you to specify the time (in seconds) that dnsadmin will wait before restarting BIND. Additional restart requests during this period will be discarded silently.

On busy servers, setting this number to 300 or 600 can lower memory consumption by preventing multiple subsequent restarts. If your system experiences very few DNS changes, we recommend the default setting of 0.

Click the button next to the available field and enter the desired value in the text box.

Conserve memory

This option allows you to specify whether to conserve virtual memory (RAM) at the expense of using more CPU usage and disk I/O.

Click the button corresponding to the value you wish to select. This item defaults to Off.

cpsrvd username domain lookup

This item allows you to specify whether WHM will automatically supply a username (based on the account name) when a cPanel user enters a login password.

Click the button corresponding to the value you wish to select. This item defaults to Off.

Gzip page compression

This item allows you to specify whether to use gzip compression when viewing cPanel & WHM pages in your web browser. This will help reduce bandwidth usage.

Click the button corresponding to the value you wish to select. This item defaults to On.

Use compiled dnsadmin

This item allows you to specify whether to use a compiled version of DNSAdmin. DNSAdmin is a program that helps simplify management of your DNS data.

Turning this option Off allows you to use system Perl modules within custom DNSAdmin hooks. This is necessary if you plan to customize your implementation of DNSAdmin. It will, however, increase DNSAdmin execution times.

Click the button corresponding to the value you wish to select. This item defaults to On.

Allow Sharing Nameserver IPs

This item allows you to specify whether users can share nameserver IP addresses. Clicking On will decrease the number of IPs you need in your IP pool.

Click the button corresponding to the value you wish to select. This item defaults to Off.

Cache disk quota information

Setting this option to On causes WHM to cache disk usage information. This may result in disk usage information being up to 15 minutes out of date.

ALERT! Warning: Disabling this option may result in a large performance degradation.

Click the button corresponding to the value you wish to use. This item defaults to On.

Reverse DNS lookup upon connect

This item allows you to specify whether cPanel & WHM should attempt to resolve a client’s IP address to a domain name whenever a user connects to a cPanel service.

Click the button corresponding to the value you wish to select. This item defaults to Off.

ALERT! Warning: Enabling this option may degrade your server’s performance.

Enable optimizations for the C compiler

Max HTTP submission size

This item allows you to specify the maximum file size in megabytes that a user is allowed to upload to your server. This setting applies to all uploads and form submissions in all web interfaces throughout cPanel & WHM.

To specify a new value, click the button next to the available text field and enter a value between 1 and 10240. This item defaults to Unlimited.

File upload required free space

This item allows you to specify the minimum filesystem quota space required after a file is uploaded to your server. This prevents users from meeting or exceeding their quota limits. This item applies to all uploads and form submissions in all web interfaces throughout cPanel & WHM.

Click the button next to the available text field and enter the new value. This item defaults to 5 MB.

The interval, in days, between rebuilds of the FTP quota and disk usage data (applies to Pure-FTPd only)

If you use Pure-FTP, setting this interval can allow the system to take into account disk usage information for files that are modified or added to a user's root FTP directory by processes other than the FTP server. A higher setting will reduce disk I/O but lower the accuracy of the usage data. A lower setting will improve accuracy, but consume more disk I/O.

Click the button next to the text field to enter a new value. This item defaults to 30 days.

Depth to recurse for .htaccess checks

This option allows you to specify the maximum number of directories deep to look for .htaccess files when the PHP handler is changed. Any AddHandler directive lines in your users' .htaccess files that change PHP handling will be commented out.

For example, if /home/user is your home directory, and 2 is the value for this option, the following directories will be searched for .htaccess files:

  • /home/user/
  • /home/user/directory1/
  • /home/user/directory1/directory2/

The following directory will not be searched:

  • /home/user/directory1/directory2/directory3/

To configure this option, click the button next to the available text field and enter the new value. The default value is 2.

ALERT! Warning: We strongly recommend that you do not enter a value higher than 100. A value that is set higher than 100 can degrade your server's performance.

Enable legacy warnings

This item allows you to specify whether you will receive warnings about features that will become deprecated in future cPanel & WHM releases.

ALERT! Warning: If you disable this, you will not be able to learn about features that will be removed in future releases. This could lead to a non-functional server when such features are finally removed.

Click the button corresponding to the value you wish to select. This item defaults to On.

I/O priority level at which bandwidth usage is processed

This item allows you to specify the sever's I/O priority for bandwidth log processing.

This item's default value is 4. The maximum priority you may specify is 7.

note Note: ionice must be available and supported by your operating system's kernel for this functionality to work.

I/O priority level at which stats logs are processed

This item allows you to specify the server's I/O priority for stats log processing.

This item's default value is 4. The maximum priority you may specify is 7.

note Note: ionice must be available and supported by your operating system's kernel for this functionality to work.

I/O priority level at which nightly backups are run

This item allows you to specify the disk's I/O priority for nightly backups.

This item's default value is 3. The maximum priority you may specify is 7.

note Note: ionice must be available and supported by your operating system's kernel for this functionality to work.

I/O priority level at which cPanel-generated backups are run

This item allows you to specify the server's I/O priority for cPanel-generated user backups.

This item's default value is 5. The maximum priority you may specify is 7.

note Note: ionice must be available and supported by your operating system's kernel for this functionality to work.

I/O priority level for user-initiated processes

This setting applies to a few especially I/O-intensive user functions, such as actions initiated through the cPanel File Manager interface. 0 is the highest priority, 7 is the lowest priority.

This item's default value is 5. The maximum priority you may specify is 7.

note Note: ionice must be available and supported by your operating system's kernel for this functionality to work.

I/O priority level at which quota checks are run

This item allows you to specify the server's I/O priority for quota checks.

This item's default value is 6. The maximum priority you may specify is 7.

note Note: ionice must be available and supported by your operating system's kernel for this functionality to work.

The I/O priority level at which FTP quota checks are run (when Pure-FTPd is enabled)

This item is only available if you are using the Pure-FTPd daemon. This item allows you to specify the server's I/O priority for FTP quota checks for Pure-FTPd.

This item's default value is 6. The maximum priority you may specify is 7.

note Note: ionice must be available and supported by your operating system's kernel for this functionality to work.

I/O priority level at which optimizefs is run

optimizefs is a file system optimization utility used by cPanel & WHM. This item allows you to specify the server's I/O priority for optimizefs.

This item's default value is 6. The maximum priority you can specify is 7.

note Note: ionice must be available and supported by your operating system's kernel in order for this functionality to work.

I/O priority level at which email_archive_maintenance is run

This item allows you to specify the server’s I/O priority level for the email_archive_maintenance script.

This item’s default value is 6. The maximum priority that you may specify is 7.

note Note: ionice must be available and supported by your operating system's kernel for this functionality to work.

Use cPanel® jailshell by default

This option allows system administrators to configure new accounts and modified accounts to use the cPanel jailshell by default.

note Note: In a jailed shell, by default, all filesystems are mounted with the nosetuid option. The nosetuid option blocks the operation of setuid and setgid commands, such as ping. This does not apply to Exim's /usr/sbin/ directory.

More information regarding setuid and setgid is available.

The System tab in the Tweak Settings feature includes options for system administrators to enable or disable certain settings in a jailed shell.

This option defaults to Off.

We strongly recommend that you enable these options.

Jailed /proc mount method

This option allows system administrators to permit the use of the /proc virtual filesystem in a jailshell.

There are 3 different options:

  • Always mount a full /proc
    • The /proc virtual filesystem will have full privileges.

  • Mount limited /proc (RHEL/CentOS 6)+, Full /proc (RHEL/CentOS 5/xenpv)
    • In version 6.x of Red Hat Enterprise Linux and CentOS, the /proc virtual filesystem will be limited to the processes created in the user's jailshell session.
      • note Note: If the system runs any version of Red Hat Enterprise Linux and CentOS on XenPV, then the /proc inside of the jailshell will behave the same as it does on version 5.x of Red Hat Enterprise Linux and CentOS.
    • In version 5.x of Red Hat Enterprise Linux and CentOS, the /proc virtual filesystem will have all processes.
    • This is the default option.
    • We highly recommend that you upgrade to version 6.x of Red Hat Enterprise Linux and CentOS.

  • Mount limited /proc (RHEL/CentOS 6)+, No /proc (RHEL/CentOS 5/xenpv)
    • In version 6.x of Red Hat Enterprise Linux and CentOS, the /proc virtual filesystem will be limited to the processes created in the user's jailshell session.
      • note Note: If the system runs on any version of Red Hat Enterprise Linux and CentOS on XenPV, then the /proc inside of the jailshell will behave the same as it does on version 5.x of Red Hat Enterprise Linux and CentOS.
    • In version 5.x of Red Hat Enterprise Linux and CentOS, the /proc virtual filesystem will not be mounted inside the jail.

Jailed /bin mounted suid

This option allows system administrators to permit the use of the setuid option in /bin in a jailshell.

This option is useful for system administrators who wish to run setuid commands, such as /bin/ping.

This option defaults to Off.

Jailed /usr/bin mounted suid

This option allows system administrators to permit the use of the setuid option in /usr/bin in a jailshell.

This option is useful for system administrators who wish to run setuid commands, such as /usr/bin/crontab.

This option defaults to Off.

note Note: We do not recommend that you enable this option. Under this option, users can install a crontab that runs outside of their jailed shell. This action would allow users to escape from their jailed environment.

Max cPanel process memory

This item allows you to specify the maximum amount of memory a cPanel process is able to use before it is automatically killed.

To specify a new value, click the button corresponding to the available text field and enter the value you wish to use.

  • This item defaults to 128 MB.
  • You may also select Unlimited if you do not want to impose a memory limit on cPanel processes.

Max cPanel/WHM/Webmail service handlers

This item lets you specify the maximum number of concurrent connections the cPanel daemon, cpsrvd, can have.

To specify a new value, click the button corresponding to the available text field and enter the value you wish to use.

  • This item defaults to 160.
  • The maximum number you can specify is 16384.

SSL Support for cPanel daemons (no stunnel)

This item allows you to specify whether to use native SSL support, negating the need for Stunnel. Stunnel is a program which provides encrypted data transfer between clients and servers which do not communicate natively via SSL.

Click the button corresponding to the value you wish to select. This item defaults to On.

Send language file changes to cPanel

If you've made changes to your cPanel & WHM language files, this item allows you to select whether to send them to cPanel during software updates.

Click the button corresponding to the value you wish to select. This item defaults to On.

Remote WHM timeout

This item allows you to specify the number of seconds to allow a connection between this server and other remote WHM servers to remain idle before timing out.

Click the button corresponding to the available text field and enter the value you wish to use. This item defaults to the minimum: 35 seconds.

Disk usage/quota bailout time

This item allows you to specify the maximum amount of time (in seconds) to allow the system to spend retrieving disk usage and quota information before the data is considered unavailable.

Click the button corresponding to the available text field and enter the value you wish to use. This item defaults to 60 seconds.

Email password reset

This item allows you to specify whether cPanel users can request an Account Password Reset email. This email will contain a confirmation code and SSL- and Non-SSL Reset Links that allow the recipient to reset the cPanel account's password.

Click the button that corresponds to the value that you wish to choose. This item defaults to Off.

Server Locale

This locale is used whenever a user selects a cPanel locale that does not exist, or whenever a user's web browser requests an invalid locale via the HTTP Accept-Language header. You should set this value to a locale that administrators, resellers, and users are likely to understand.

Use the pull-down menu to select a valid fallback locale.

Send a notification when a user's backup has errors

This item allows you to specify whether the server should notify you when a user’s cPanel backup file has errors.

Click the button corresponding to the value you wish to choose. This item defaults to Off.

Allow other applications to run the cPanel and admin binaries

Enabling this option allows cPanel and admin binaries to run from other applications besides the cPanel server (cpsrvd). This option is useful for advanced administrators familiar with Perl scripting, who wish to run cPanel from their own custom programs.

Click the button corresponding to the value you wish to choose. This item defaults to Off.

Enable WHOIS lookups for the nameserver IP manager

This item allows you to specify whether to enable the WHM Nameserver IPs screen to perform WHOIS lookups.

Click the button corresponding to the value you wish to choose. This item defaults to On.

ChkServd TCP check failure threshold

This item allows you to specify the number of times a ChkServd TCP check must fail before the service is restarted and a notification is sent. On heavily loaded systems, these types of service checks fail occasionally, producing erroneous indications that services are down.

A value of 3 or higher is recommended for most systems. This item defaults to 3.

To specify a new value, click the button corresponding to the available text field and enter the new value.

  • You may also disable notifications and restarts by selecting Disable notifications and restarts from TCP checks.

Number of seconds an SSH connection related to an account transfer may be inactive before timing out

This setting allows you to specify a number of seconds of inactivity after which account transfers' SSH connections will time out. You can specify any number of seconds that is between 300 and 3600.

This setting defaults to 300 seconds.

Use safe quotas

This item lets you choose whether to enable the Safe Quota Setting. We recommend selecting On if you are experiencing quota corruption problems, and are not running a software RAID.

ALERT! Warning: In a software RAID environment, setting this option to On can degrade performance significantly.

Click the button corresponding to the value you wish to choose. This item defaults to Off.

note Note: This tweak is not compatible with Virtuozzo or OpenVZ environments. If you are running a Virtuozzo or OpenVZ system, this option will not appear in the WHM interface.

Topic revision: r98 - 27 Jan 2014 - 16:26:25 - Main.LaurenceSimon