1. cPanel & WHM Documentation
  2. WHM
  3. Server Configuration
  4. Tweak Settings — Domains
server whmui jupiter

Tweak Settings — Domains

Valid for versions 124 through the latest version

Version:

110

112

116

118

120

124

Last modified: October 16, 2024

Looking for this interface?
Note:

Your hosting provider can enable or disable this interface for resellers in WHM's Edit Reseller Nameservers and Privileges interface (WHM >> Home >> Resellers >> Edit Reseller Nameservers and Privileges).

The Domains section includes the following settings:

Setting Description Values Default
Allow users to park subdomains of the server’s hostname. This setting allows users to park subdomains on your server’s main domain. For example, for a user creating the subdomain.server.example.com alias on the server.example.com FQDN, On would cause the action to succeed.
  • On — Allow creation of subdomains on the server’s hostname.
  • Off — Don’t allow creation of subdomains on the server’s hostname. If a cPanel user tries to create a subdomain, they receive an error message.
 Off
Allow cPanel users to create subdomains across accounts This setting allows a cPanel user to create an addon domain or subdomain on a domain that another user owns. For example, if a user owns the example.com domain, another user could create the store.example.com subdomain.
  • On — Allow creation of subdomains across accounts. Do not enable this option. It can cause serious security issues.
  • Off — Don’t allow creation of subdomains across accounts. If a cPanel user tries to create a subdomain on another account, they receive an error message.
 Off
Allow WHM users to create subdomains across accounts This setting allows WHM users to create an addon domain or subdomain for a domain that another user owns. For example, if a cPanel user owns the example.com domain, a WHM user could add a DNS zone for the store.example.com subdomain.
  • On — Allow creation of subdomains across accounts. Do not enable this option. It can cause serious security issues.
  • Off — Don’t allow creation of subdomains across accounts. This is the default setting.
 Off
Allow Remote Domains This setting allows the creation of parked domains (aliases) and addon domains that resolve to other servers.
  • On — Allow creation. Do not enable this option. It can cause serious security issues.
  • Off — Don’t allow creation.
 Off
Allow resellers to create accounts with subdomains of the server’s hostname. This setting allows resellers to create accounts with subdomains on your server’s main domain. For example, if your hostname is server.example.com, enable this setting to redirect user.server.example.com visitors to the reseller’s website.
  • On — Allow creation.
  • Off — Don’t allow creation.
 Off
Allow unregistered domains This setting lets users add domains without assigning any nameserver records to them.
  • On — Allow creation.
  • Off — Don’t allow creation.
 Off
Automatically add A entries for registered nameservers when creating a new zone This setting controls whether to add A entries automatically for a domain’s nameservers when a user creates a domain.
  • On — Create.
  • Off — Don’t create.
 On
Replace service SSL certificates that do not match the local hostname This setting changes how the /usr/local/cpanel/scripts/checkallsslcerts script functions. If you enable this, the system replaces SSL certificates that don’t match the server’s hostname. The system replaces them with a cPanel-signed certificate. This also applies to wildcard certificates.
  • On — Replace the certificates.
  • Off — Retain the certificates.
 On
Prevent cPanel users from creating specific domains This setting prevents creating domains whose names appear in the /var/cpanel/commondomains file. If you enable this, cPanel users can’t create any domains (addon or parked) that exist in the /var/cpanel/commondomains and /usr/local/cpanel/etc/commondomains files.
Note:
Do not edit the /usr/local/cpanel/etc/commondomains file directly. If you do, the system will overwrite your changes whenever cPanel & WHM updates.
  • On — Prevent creation.
  • Off — Allow creation.
 On
Check zone syntax This setting allows the system to check zone file syntax each time it saves or syncs DNS zone files.
  • On — Check the syntax.
  • Off — Don’t check the syntax.
 On
Check zone owner This setting allows the system to check a DNS zone’s owner whenever it saves or syncs DNS zone files.
  • On — Check the owner.
  • Off — Don’t check the owner.
 On
Enable DKIM on domains for newly created accounts DKIM (DomainKeys Identified Mail) verifies a message’s sender and integrity. It allows an email system to prove that a message is valid, not forged, and came from the specified domain. This setting allows you to specify whether to enable DKIM for new accounts by default.

  • The /scripts/enable_spf_dkim_globally script allows you to enable SPF and DKIM for accounts that exist on the server, and to create the appropriate DNS records for their domains. For more information, read our The SPF and DKIM Global Settings Script documentation.
  • On — Enable DKIM.
  • Off — Don’t enable DKIM.
 On
Enable DMARC on domains for newly created accounts A DMARC record sets a policy that tells servers how to handle mail based on the domain’s SPF and DKIM records. This setting allows you to specify whether to enable DMARC for new accounts by default.
Important:
DMARC requires valid DKIM and SPF records. To enable this setting, you must also select the Enable DKIM on domains for newly created accounts and Enable SPF on domains for newly created accounts settings.
  • On — Enable DMARC.
  • Off — Don’t enable DMARC.
 On
Enable SPF on domains for newly created accounts SPF (Sender Policy Framework) keeps spammers from sending email that shows your domain as the sender (spoofing). This adds addresses to a list of computers that you authorize to send mail from your domain. It verifies that your domain’s sent messages come from the listed sender. This reduces the amount of backscatter that you receive. This setting allows you to specify whether to enable SPF for new accounts by default.

  • The /scripts/enable_spf_dkim_globally script allows you to enable SPF and DKIM for accounts that exist on the server, and to create the appropriate DNS records for their domains. For more information, read our The SPF and DKIM Global Settings Script documentation.
  • On — Enable SPF.
  • Off — Don’t enable SPF.
 On
DNS request management application This setting determines which application handles DNS management requests.
  • dnsadmin, auto-detect SSL — Use dnsadmin.
  • Select the text box and enter the path to another application.
 dnsadmin, auto-detect SSL
Service subdomains This setting gives users access to cPanel & WHM through standard HTTP ports (80 and 443).
  • If you enable this setting, the system creates an entry in the httpd.conf file.
  • Do not manually disable the mod_rewrite, mod_headers, or mod_proxy settings in the httpd.conf file.
If you enable this setting, the system creates these service subdomains, where example.com is the domain:
  • cpanel.example.com directs users to cPanel’s Home interface.
  • whm.example.com directs users to WHM’s Home interface.
  • webmail.example.com directs users to the Webmail interface.
  • webdisk.example.com directs users to cPanel’s Web Disk interface (cPanel » Home » Files » Web Disk).
The settings in the Redirection section below do not apply to service subdomains. For more information about service subdomains, read our Service and Proxy Subdomains documentation.
  • On — Allow ports and create service subdomains.
  • Off — Don’t allow.
 On
Thunderbird and Outlook autodiscover and autoconfig support (enables service subdomain and SRV record creation) This setting creates the autodiscover and autoconfig service subdomains when you create a domain. It also creates autodiscover and autoconfig SRV records.
  • Local domains require these for Microsoft Outlook® and Thunderbird.
  • If you set the Service Subdomains option to Off, the system disables this setting.
  • If you disable this setting, your users may have issues when they set up their email, calendars, or contacts.
For more information about service subdomains, read our Service and Proxy Subdomains documentation.
  • On — Create service subdomains.
  • Off — Don’t create service subdomains.
 On
Preferred mail service to configure to use for Thunderbird and Outlook autodiscover and autoconfig support This setting lets you choose the email transfer method to use with Thunderbird and Outlook for Autodiscover and AutoConfig support.
Note:
You must enable the Thunderbird and Outlook autodiscover and autoconfig support (enables service subdomain and SRV record creation) setting to configure this setting.
  • imap — Use IMAP.
  • pop3 — Use POP3.
 imap
Host to publish in the SRV records for Outlook autodiscover support. The Microsoft Outlook® Autodiscover service searches DNS records. It searches for the SRV record for a domain that points to a particular Autodiscover server. This setting lets you take these actions:
  • Choose the host to publish to the SRV records.
  • Change the default host to an SSL-enabled host with a CA-signed SSL certificate.
  • Use your own server for Outlook® Autodiscover. Enter the Fully Qualified Domain Name (FQDN) in the available text box.
Note:
  • When you input a server in the Host to publish in the SRV records for Outlook autodiscover support setting, the system queries that server for autodiscover settings. If you use your own server for autodiscover, you must have a custom XML file configured on it for autodiscover to work. For more information, read Microsoft’s Autodiscover documentation.
  • You must enable the Thunderbird and Outlook autodiscover and autoconfig support (enables service subdomain and SRV record creation) setting to configure this setting.
  • Click to view… cpanelemaildiscovery.cpanel.net
  • A valid hostname.
Click to view… cpanelemaildiscovery.cpanel.net
Overwrite custom A records used for service subdomains This setting removes A records that match your service subdomains.
  • For more information about service subdomains, read our Service and Proxy Subdomains documentation.
  • If you set the Service subdomains setting to Off, the system disables this setting.
  • On — Remove A records.
  • Off — Don’t remove A records.
 Off
Overwrite custom SRV records used by Outlook AutoDiscover support This setting removes SRV records when adding or removing Outlook Autodiscover support.
Note:
You must set the Thunderbird and Outlook autodiscover and autoconfig support (enables service subdomain and SRV record creation) setting to On to toggle this setting.
  • On — Remove SRV records.
  • Off — Don’t remove SRV records.
 Off
Service subdomain override This setting creates cPanel, Webmail, Web Disk, and WHM subdomains that override the default service subdomains. For example, a user could direct cpanel.example.com visitors to mycontrolpanel.example.com. For more information about service subdomains, read our Service and Proxy Subdomains documentation.
  • On — Create subdomains.
  • Off — Don’t create subdomains.
 On
Restrict document roots to public_html This setting keeps users from creating addon domains and subdomains outside of their public_html directory. For example, if you enable this option and create the example.com addon domain, the system creates the /home/username/public_html/example.com directory and not the /home/username/example.com directory.
  • On — Prevent creation outside of the public_html directory.
  • Off — Allow creation in other locations.
 On
Share the document root by default when creating a domain This setting automatically selects the Share document root checkbox in the Create a New Domain interface within cPanel’s Domains interface (cPanel » Home » Domains » Domains).
  • On — Automatically select the checkbox.
  • Off — Automatically deselect the checkbox.
 On
Always use authoritative (registered) nameservers when creating a new DNS zone. This setting lets a new domain use authoritative nameservers. If you enable this setting, the server won’t use the nameservers you set when creating the domain.
  • On — Allow authoritative nameservers.
  • Off — Don’t allow.
 Off