Page tree
Skip to end of metadata
Go to start of metadata

 

For cPanel & WHM version 11.50

( Home >> Server Configuration >> Tweak Settings )

Accounts that can access a cPanel user account

This setting allows you to specify which users can log in to a cPanel account. This setting defaults to Root, Account-Owner, and cPanel User.

  • Root is the server owner.
  • Account-Owner is the account's owner (the root user or a reseller).
  • cPanel User is the cPanel account user.

Note:

If you disallow root or reseller logins to cPanel accounts, the disallowed root user or reseller cannot access the following items:

  • The cPanel icon in WHM's List Accounts interface (Home >> Account Information >> List Accounts), which provides access to the user's cPanel account.
  • The Live Editor feature in WHM's x3 Branding interface (Home >> cPanel >> x3 Branding).
  • The Locale Editor - Live Mode in WHM's Edit a Locale interface (Home >> Locales >> Edit a Locale).
  • The Customize HTML pages feature in WHM's Legacy Configure Customer Contact interface (Home >> Support >> Legacy Configure Customer Contact).

 

Allow server-info and server-status

This setting allows you to specify additional IP addresses and hostnames that can access the example.com/server-info and example.com/server-status pages, where example.com is the name of a domain. Enter the desired IP addresses or hostnames in the available text box, with one IP address or hostname per line.

Important:

We recommend that you use caution when you allow access to these pages. They display sensitive information about your server. For more information, view the Apache mod_access documentation.

 

Allow cPanel users to install SSL Hosts if they have a dedicated IP

This setting allows you to specify whether to allow cPanel users to install SSL hosts. This setting defaults to On.

 

Send anonymous usage data to cPanel

This setting allows you to specify whether to send anonymized usage information to cPanel, Inc. cPanel, Inc. uses this data to improve the product's functionality. This setting defaults to On.

 

Apache non-SSL IP/port

This setting allows you to specify a new port or IP address that Apache uses to listen for requests and serve web pages over an unsecured connection.

This setting defaults to 0.0.0.0:80, which indicates that Apache uses port 80 to serve content on an unsecured connection for all of your server's IP addresses.

Warning:

Enter an IP address to prevent Apache's ability to listen on all other IP addresses. This setting could deny HTTP traffic the ability to route correctly, which causes your site to be inaccessible to visitors.

 

Apache SSL port

This setting allows you to specify a new port or IP address that Apache uses to listen for requests and serve web pages over a secure connection.

This setting defaults to 0.0.0.0:443, which indicates that Apache uses port 443 to serve content on a secure connection for all of your server's IP addresses.

Warning:

Enter an IP address to prevent Apache's ability to listen on all other IP addresses. This setting could deny HTTP traffic the ability to route correctly, which causes your site to be inaccessible to visitors.

cPanel & WHM API Shell (for developers)

This setting allows you to add the following interfaces, which allow the root user and resellers to test API functions directly:

  • WHM's API Shell interface (Home >> Development >> API Shell)
  • cPanel's API Shell interface (Home >> Advanced >> API Shell)

    Note:

    To enable this feature for cPanel, you must grant the API Shell feature to the desired root user and resellers in WHM's Feature Manager interface (Home >> Packages >> Feature Manager), and then refresh your browser window.

This setting defaults to Off.

 

BIND deferred restart time

This setting allows you to specify the time (in seconds) that the dnsadmin service waits before it restarts BIND. The system silently discards additional restart requests in this time period.

Notes:

  • On busy servers, we recommend that you set this number to 300 or 600 to prevent multiple subsequent restarts. 
  • If your system experiences very few DNS changes, we recommend that you use the default setting of 0.

 

The number of seconds between ChkServd service checks

This setting allows you to specify the number of seconds between each chkservd daemon service check. You can specify any value between 60 and 7200. This setting defaults to 300.

Note:

Before you set a value below 300, we recommend that you use the /var/log/chksrvd file to verify the length of your system's chkservd checks. The settings that you choose in WHM's Service Manager interface (Home >> Service Configuration >> Service Manager) affect the length of these checks.

 

The number of times ChkServd allows a previous check to complete before termination

This setting allows you to specify the number of times that the chkservd daemon allows a check to complete before termination. You can specify any value between 1 and 20. This setting defaults to 2.

 

The option to enable or disable ChkServd HTML notifications

This setting allows you to enable or disable HTML notifications for the chkservd daemon. This setting defaults to On.

 

The option to enable or disable ChkServd recovery notifications

This setting allows you to enable or disable recovery notifications for the chkservd daemon. This setting defaults to On.

 

Conserve memory

This setting allows you to specify whether to conserve memory (RAM) at the expense of more CPU usage and disk I/O. This setting defaults to Off.

 

cpsrvd username domain lookup

This setting allows you to specify whether WHM automatically supplies a username (based on the account name) when a cPanel user enters a login password. This setting defaults to Off.

 

Gzip page compression

This setting allows you to specify whether to use gzip compression when you view cPanel & WHM interfaces in your web browser. This helps to reduce bandwidth usage. This setting defaults to On.

 

Use compiled dnsadmin

This setting allows you to specify whether to use a compiled version of DNSAdmin. DNSAdmin is a program that helps simplify management of your DNS data. This setting defaults to On.

Note:

Select Off to use system Perl modules within custom DNSAdmin hooks. This is necessary if you plan to customize your implementation of DNSAdmin, but increases DNSAdmin execution times.

 

Allow Sharing Nameserver IPs

This setting allows you to specify whether users can share nameserver IP addresses. Select On to decrease the number of IP addresses that you need in your IP address pool. This setting defaults to Off.

 

Cache disk quota information

This setting allows you to specify whether WHM caches disk usage information. If you select On, the cache process may result in disk usage information that is up to 15 minutes out-of-date. This setting defaults to On.

Warning:

If you disable this setting, it may result in a large performance degradation.

 

Reverse DNS lookup upon connect

This setting allows you to specify whether cPanel & WHM attempts to resolve a client’s IP address to a domain name whenever a user connects to a cPanel service. This setting defaults to Off.

Warning:

If you enable this setting, it may degrade your server's performance.

 

Enable optimizations for the C compiler

This setting allows you to specify whether the compiler optimizes code for your system. This setting defaults to Off.

Warning:

On some systems, compiler optimizations can trigger a bug in system libraries. 

 

Max HTTP submission size

This setting allows you to specify the maximum file size, in Megabytes, that a user can upload to your server. This setting applies to all uploads and form submissions in cPanel & WHM, which includes Webmail, cPanel's File Manager interface ( Home >> Files >> File Manager ), and phpMyAdmin.

Enter a value between 1 and 10240. This setting defaults to Unlimited.

 

File upload required free space

This setting allows you to specify the minimum filesystem quota space that the system requires after a file uploads to your server. This helps ensure that users do not meet or exceed their quota limits. This setting applies to all uploads and form submissions in cPanel & WHM, which includes Webmail , cPanel's File Manager interface ( Home >> Files >> File Manager ) , and phpMyAdmin.

This setting defaults to 5 MB.

 

Interval, in days, between rebuilds of the FTP quota and disk usage data (applies to Pure-FTPd only)

This setting allows you to specify the number of days between rebuilds of the FTP quota and disk usage data for Pure-FTP. This setting defaults to 30 days.

This interval allows the system to consider account disk usage information for files that other processes modify or add to a user's root FTP directory. A higher setting will reduce disk I/O, but lower the accuracy of the usage data. A lower setting will improve accuracy, but will consume more disk I/O.

 

Depth to recurse for.htaccess checks

This setting allows you to specify the maximum number of directories deep to look for .htaccess files when you change the PHP handler. This setting defaults to 2.

Warning:

We strongly recommend that you do not enter a value that is higher than 10. A value that is higher than 10 can degrade your server's performance.

Note:

This setting comments out any AddHandler directive lines in your users' .htaccess files that change how the system handles PHP.

For example, if the /home/user/public_html/ directory is your document root, and 2 is the value for this setting, the system searches the following directories for .htaccess files:

  • /home/user/public_html/
  • /home/user/public_html/directory1/
  • /home/user/public_html/directory2/

The system does not search the following directory:

  • /home/user/public_html/directory1/directorya/

 

Enable legacy warnings

This setting allows you to specify whether you receive warnings about features that future cPanel & WHM releases will deprecate. This setting defaults to On.

Warning:

If you disable this setting, you will not receive warnings about features that future releases remove. This could lead to a non-functional server when we remove these features.

 

I/O priority level at which bandwidth usage is processed

This setting allows you to specify the sever's I/O priority for bandwidth log processing. Enter a value between 0 and 7. This setting defaults to 4.

Notes:

  • Your operating system's kernel must support ionice, and ionice must exist on the server, for this setting to function properly.
  • This setting specifies the "best effort" priority.
  • A value of 0 grants the highest priority, while a value of 7 grants the lowest.

 

I/O priority level at which stats logs are processed

This setting allows you to specify the server's I/O priority when it processes statistics logs. Enter a value between 0 and 7. This setting defaults to 4.

Notes:

  • Your operating system's kernel must support ionice, and ionice must exist on the server, for this setting to function properly.
  • This setting specifies the "best effort" priority.
  • A value of 0 grants the highest priority, while a value of 7 grants the lowest.

 

I/O priority level at which nightly backups are run

This setting allows you to specify the disk's I/O priority for nightly backups. Enter a value between 0 and 7. This setting defaults to 3.

Notes:

  • Your operating system's kernel must support ionice, and ionice must exist on the server, for this setting to function properly.
  • This setting specifies the "best effort" priority.
  • A value of 0 grants the highest priority, while a value of 7 grants the lowest.

 

I/O priority level at which cPanel-generated backups are run

This setting allows you to specify the server's I/O priority for cPanel-generated user backups. Enter a value between 0 and 7. This setting defaults to 5.

Notes:

  • Your operating system's kernel must support ionice, and ionice must exist on the server, for this setting to function properly.
  • This setting specifies the "best effort" priority.
  • A value of 0 grants the highest priority, while a value of 7 grants the lowest.

 

I/O priority level for user-initiated processes

This setting allows you to specify the server's I/O priority for certain user-initiated processes. This setting applies to a few especially I/O-intensive user functions, such as actions that cPanel's File Manager interface (Home >> Files >> File Manager) initiates. Enter a value between 0 and 7. This setting defaults to 5.

Notes:

  • Your operating system's kernel must support ionice, and ionice must exist on the server, for this setting to function properly.
  • This setting specifies the "best effort" priority.
  • A value of 0 grants the highest priority, while a value of 7 grants the lowest.

 

I/O priority level at which quota checks are run

This setting allows you to specify the server's I/O priority for quota checks. Enter a value between 0 and 7. This setting defaults to 6.

Notes:

  • Your operating system's kernel must support ionice, and ionice must exist on the server, for this setting to function properly.
  • This setting specifies the "best effort" priority.
  • A value of 0 grants the highest priority, while a value of 7 grants the lowest.

 

The I/O priority level at which FTP quota checks are run (when Pure-FTPd is enabled)

This setting allows you to specify the server's I/O priority for FTP quota checks for Pure-FTPd. Enter a value between 0 and 7. This setting defaults to 6.

Notes:

  • Your operating system's kernel must support ionice, and ionice must exist on the server, for this setting to function properly.
  • This setting specifies the "best effort" priority.
  • A value of 0 grants the highest priority, while a value of 7 grants the lowest.

 

I/O priority level at which email_archive_maintenance is run

This setting allows you to specify the server’s I/O priority level for the email_archive_maintenance script. Enter a value between 0 and 7. This setting defaults to 6.

Notes:

  • Your operating system's kernel must support ionice, and ionice must exist on the server, for this setting to function properly.
  • This setting specifies the "best effort" priority.
  • A value of 0 grants the highest priority, while a value of 7 grants the lowest.

 

Use cPanel® jailshell by default

This setting allows you to configure accounts to use the cPanel jailshell by default. This setting defaults to Off.

Notes:

  • We strongly recommend that you enable these options.
  • Jailed shell systems, by default, mount all filesystems with the nosetuid option. The nosetuid option blocks the operation of setuid and setgid commands, such as the ping command. However, this does not apply to Exim's /usr/sbin/ directory.
  • For more information, read our How to Create Custom Jailed Shell Mounts documentation.

 

Jailed /proc mount method

This setting allows you to permit the use of the /proc virtual filesystem in a jailshell. This setting defaults to Mount limited /proc (RHEL/CentOS 6)+, Full /proc (RHEL/CentOS 5/xenpv).

Note:

If the system runs any version of Red Hat® Enterprise Linux (RHEL) or CentOS on XenPV, the /proc virtual filesystem inside of the jailshell functions in the same way that it does on version 5.x of RHEL or CentOS.

You can choose from the following options:

  • Always mount a full /proc — The /proc virtual filesystem includes all processes.
  • Mount limited /proc (RHEL/CentOS 6), Full /proc (RHEL/CentOS 5/7/xenpv).
    • In versions 6 of RHEL and CentOS, the system limits the /proc virtual filesystem to the processes in the user's jailshell session.

    • In version 5 and 7 of RHEL and CentOS, the /proc virtual filesystem includes all processes. We strongly recommend that you do not run RHEL, CentOS, or CloudLinux 5.

  • Mount limited /proc (RHEL/CentOS 6), No /proc (RHEL/CentOS 5/7/xenpv).

    • In versions 6 of RHEL and CentOS, the system limits the /proc virtual filesystem to the processes in the user's jailshell session.
    • In version 5 and 7 of RHEL and CentOS, the system does not mount the /proc virtual filesystem inside the jail. We strongly recommend that you do not run RHEL, CentOS, or CloudLinux 5.

 

Jailed /bin mounted suid

This setting allows you to permit the use of the setuid option in the /bin directory in a jailshell. This setting defaults to Off.

This setting is useful for system administrators who wish to run setuid commands, such as the /bin/ping command.

Note:

This setting has no effect on servers that run CentOS 7.

 

Jailed /usr/bin mounted suid

This setting allows you to permit the use of the setuid option in the /usr/bin directory in a jailshell. This setting defaults to Off.

This setting is useful for system administrators who wish to run setuid commands (for example, the /usr/bin/crontab command).

Note:

We do not recommend that you enable this setting. When you enable this setting, users can install a crontab that runs outside of their jailed shells. This action allows users to escape from the jailed environment.

 

Max cPanel process memory

This setting allows you to specify the maximum amount of memory that a cPanel process can use before the system automatically kills it. This setting defaults to 512 MB.

Select Unlimited if you do not want to impose a memory limit on cPanel processes.

Important:

We strongly recommend that you specify a value of 512 or higher.

 

Max cPanel/WHM/Webmail service handlers

This setting allows you to specify the maximum number of concurrent connections for the cPanel daemon, cpsrvd. This setting defaults to 160.

 

SSL Support for cPanel daemons (no stunnel)

This setting allows you to specify whether to use native SSL support, which negates the need for Stunnel. Stunnel is a program that provides encrypted data transfer between clients and servers which do not communicate natively via SSL. This setting defaults to On.

 

Send language file changes to cPanel

This setting allows you to select whether to send changes to your cPanel & WHM language files to cPanel during software updates. This setting defaults to On.

 

Remote WHM timeout

This setting allows you to specify the number of seconds to allow a connection between this server and other remote WHM servers to remain idle before it times out. This setting defaults to 35 seconds.

 

Disk usage/quota bailout time

This setting allows you to specify the maximum amount of time, in seconds, during which the system may attempt to retrieve disk usage and quota information before it considers the data to be unavailable. This setting defaults to 60 seconds.

 

Email password reset

This setting allows you to specify whether cPanel users can request an Account Password Reset email. This email contains a confirmation code and SSL- and non-SSL reset links that allow the recipient to reset the cPanel account's password. The link to request this email displays in the cPanel login interface. This setting defaults to Off.

 

Server Locale

This setting allows you to specify the locale that the system uses whenever a user selects a cPanel locale that does not exist, or whenever a user's web browser requests an invalid locale in the HTTP Accept-Language header. Set this value to a locale that administrators, resellers, and users are likely to understand.

Warning:

When you modify this setting and click Save, the system applies the new language to your WHM interface immediately.

 

Send a notification when a user's backup has errors

This setting allows you to specify whether the server notifies you when a user’s cPanel backup file contains errors. This setting defaults to Off.

 

Allow other applications to run the cPanel and admin binaries

This setting allows you to specify whether cPanel and admin binaries run from applications other than the cPanel server daemon (cpsrvd). This setting is useful for advanced administrators who are familiar with Perl scripting and who wish to run cPanel from their own custom programs. This setting defaults to Off.

 

Enable WHOIS lookups for the nameserver IP manager

This setting allows you to specify whether to allow WHM's NS Record Report interface (Home >> DNS Functions >> NS Record Report) to perform WHOIS lookups. This setting defaults to On.

 

ChkServd TCP check failure threshold

This setting allows you to specify the number of times that a chkservd daemon TCP check must fail before the system restarts the service and sends a notification. On heavily loaded systems, these types of service checks fail occasionally, which produces erroneous indications that services are down. This setting defaults to 3.

Notes:

  • We recommend a value of three or higher for most systems.
  • To disable notifications and restarts, select Disable notifications and restarts from TCP checks.

 

Number of seconds an SSH connection related to an account transfer may be inactive before timing out

This setting allows you to specify a number of seconds of inactivity after which account transfers' SSH connections time out. Enter any number between 900 and 172800. This setting defaults to 500 seconds.