Why I need SSL certicate for my Website ?

SSL allows you to secure pages on your site so that information such as logins, credit card numbers, etc are sent encrypted instead of plain text. It is important to secure your site’s login areas, shopping areas, and other pages where sensitive information could be sent over the web.

How do I install SSL certificate through WHM/cPanel?

All SSL certificates require a dedicated IP. So first step is to purchase a dedicated IP for your domain. We offer an additional $2/month for an IP. A dedicated IP address is required and is not included with the SSL Certificate.

Next step is to change Site’s IP Address to this dedicated IP.

There are options in WHM to change a sites IP address. The Change Site’s IP Address feature allows you to select an account and change its IP address.

If you purchase IP address from direct DataCentre you need to add this IP address first in your WHM.

To change a site’s IP address:

1) Select the account or user from the list under Account Selection.
You may also use the Account Search feature to search for an account by domain or by user.
2) Click Change.
Select the new IP address from the New Address pull-down menu.
3) Click Change.

Change in site IP address caused some “DNS propagation delay”. The change in DNS setting information should be passed on to all the DNS servers in the world which is eventually used to update the DNS servers of the ISP (Internet Service Provider). If you want to lower this propagation delay please contact nixwind support team, we will assist you to do this with a minimum propagation delay of about 10 minutes with a minimal rate.

For purchasing a SSL certificate from NixWind Technologies or from any other SSL providers you need to generate Certificate Signing Request (CSR).

Certificate Signing Request (CSR)
CSR is a message sent from an applicant to a certificate authority in order to apply for a digital identity certificate. CSR request is a block of encrypted text that is generated on the server that the certificate will be used on. CSR contains information such as your organization name, domain name, your locality, and country. A private key is usually created at the same time that you create the CSR.

How do I generate a CSR and private key?

1) Generating CSR using CPanel.

a) Login to cPanel.

First of all you need to generate a private key for your domain. This private key is secret and should not be given out. Also, there is no way to recover a private key file if it is lost. You can generate Private Key for your domain by going through “SSL/TLS Manager”

After generating your private key, you can generate CSR by going through “SSL/TLS Manager” under the section Security. Please select the hostname that you want to install SSL. For the CSR to be valid the following information needs to be entered in the following fields:

Country, State, City, Company, Company Division, Email and Pass Phrase.

2) Generating CSR using WHM.

a) Login to WHM.
Generate a SSL Certificate & Signing Request

3) Generating CSR using SSL.

If you have shell access to your server you can easily generate CSR. You can use the following command to generate a CSR and private key:

openssl req -new -keyout server.key -out server.csr

You can easily decode your CSR. In order to decode a CSR on your own machine using OpenSSL, use the following command:

openssl req -in server.csr -noout -text

Please get back to us with your private key and CSR so that we will provide you with a certificate, typically in a zip file sent through email.

You can easily install this SSL certificate which is in zip file. If you are purchasing this SSL with NixWind technologies we will install it for you.

Installing SSL which is in zip format.

1) Through WHM.
You can use WHM’s Install a SSL Certificate option to setup SSL for your domain.
(Main >> SSL/TLS >> Install a SSL Certificate and Setup the Domain)

Copy and paste the certificate into the Install A SSL Cert field. Then click the Submit button. This step will install the SSL certificate for your domain. You should receive a message of success.

2) Thorugh SSL.

You can verify SSL whether it installed correctly by going through http://www.sslshopper.com/ssl-checker.html
This SSL Checker will help you diagnose problems with your SSL certificate installation. You can verify the SSL certificate on your web server to make sure it is correctly installed, valid, trusted and doesn’t give any errors to any of your users.

You can use Import Addresses / Forwarders to create multiple email address or email forwarders. . Excel spreadsheet  (.xls) or comma-separated values ( .cvs ) can be used to create mutiple email addresses/forwarders.

1) Click on the “Import Addresses / Forwarders””  in the Mail area.


By clicking this you will get a section like below.

Click any one option, whether you would like to import email accounts or forwarders.

To Import data Excel spreadsheet files (.xls) or comma-separated values sheet (.csv), browse the file path in the text box under step 2

Click on “Next” for importing the file.



DNS check with intodns

Into DNS Description

IntoDNS checks the health and configuration and provides DNS report and mail servers report. It also provides suggestions to fix and improve them, with references to protocols’ official documentation.

www.intodns.com

Please enter the Domain Name that you wants to check the DNS report

While we checked a domain name with intodns we get a detailed report about DNS report. The detailed DNS report are divided into five major sections.

The five major sections are below

1) Parent

2) NS – Name Server

3) SOA – Start of Authority

4) MX – Mail Exchanger Record

5) www

1) Parent Servers

The output of dns report for your domain, shows the NS records at the parent server.

Parent Server are the original authenticate servers from which the new domain arise.For example in google.com the parent server of com is the root server(.) The parent server of google is .com

 

a) Domain NS records

It is the name server output returned by the parent servers (ie,when we check a domain name it forward a request to 13 root name servers ranges from A to M. The root servers has all the updated details from the registrant end.)

OUTPUT

We can see any 2 or 3 nameserver name,its ip and Time to live (TTL) value.

Time to live (TTL) is a mechanism that limits the lifespan of data in a computer or network. When a caching (recursive) nameserver queries the authoritative nameserver for a resource record, it will cache that record for the time (in seconds) specified by the TTL. If a stub resolver queries the caching nameserver for the same record before the TTL has expired, the caching server will simply reply with the already cached resource record rather than retrieve it from the authoritative nameserver again.

The corresponding name of the root nameserver from which the request domain query executed in the output.

b) TLD Parent Check

We can also display the result of Top Level Domain check in the parent server that we interrogated,(ie,the output from any 13 root nameserver form which the request domain query executed)

c) Your nameservers are listed

In this entry it check whether the parent server (ie,the output from any 13 root nameserver form which the request domain query executed) has your nameservers entry.

d) DNS Parent sent Glue

A glue record is a hint that is provided by the parent DNS server. In the case of shibin.com, the .com GLTD (Global Top Level Domain) servers would provide the glue records. The glue records are simply additional A records that are returned with the DNS response. These additional A records allow the DNS client to locate the name servers.

A glue record is the IP address of a name server held at the domain name registry.
Glue records are required when you wish to set the of a domain name to a hostname
under the domain name itself.
For example if you wished to set the name servers of example.com to ns1.example.com and ns2.example.com you would need to also provide the glue records (i.e. the IP addresses) for ns1.example.com and ns2.example.com.

If you did not provide the glue records for these name servers then your domain name would not work as anyone requiring DNS information for it would get stuck in a loop:

What is the name server for example.com? -> ns1.example.com
What is the IP address of ns1.example.com? -> don’t know, try looking at name server for example.com
What is the name server for example.com? -> ns1.example.com

…and so on.

With the glue record in place the registry will hold the IP address and the loop will not occur:

Without a proper glue an extra A record lookup is required in order to get the IPs of your NS records.

e) Nameservers A records

This must check every nameserver listed in parent server has A records.

A record is the actual record that which one and only IP address at which the domain pointed.

2) NS – Name Server

In this section the output will get from name server end

 

a) NS records from your nameservers

NS records got from your nameservers listed at the parent NS

 

b) Recursive Queries

A recursive query is one where the DNS server will fully answer the query (or give an error).

 

c) Same Glue

The A records (the GLUE) got from the parent zone check are the same as the ones got from your nameservers.This tests only nameservers that are common at the parent and at your nameservers.

d) Glue for NS records

When I asked your nameservers for your NS records they also returned the A records for the NS records. This is a good thing as it will spare an extra A lookup needed to find those A records.

e) Mismatched NS records

This will check whether identical ns record at our nameservers entry. Identical name server is okay

f) DNS servers responded

Check whether all nameservers listed at the parent server responded.

 

e) Name of nameservers are valid

Check all our name servers have a specific IP

f) Multiple Nameservers

Check all our multiple name server is okay. We can add multiple nameservers upto 7

g) Nameservers are lame

Checking all the name servers entry in parent server answer authoritatively

h) Missing nameservers reported by parent

Comparing ns record in parent and nameservers.

i) Missing nameservers reported by your nameservers

Its also the same comparision

j) Domain CNAMEs

Check whether any CNAME is present in the ns record.

k) NS CNAME check

Check whether any CNAME is present in the ns record.

l) Different subnets

Check whether nameservers have different subnets.

m) IPs of nameservers are public

To prevent DNS delay the ip address may be public.In this section it check whether the ip address is public.

n) DNS servers allow TCP connection

Checking whether DNS servers allow TCP connections.

 

 

o) Different autonomous systems

In this section it will check whether the name servers are from different location. So that it can prevent a lot of problems if one nameserver goes down.

p) Stealth NS records sent

A stealth server is defined as being a name server which does not appear in any publicly visible NS record for the domain.

3) SOA

(Start of Authority) Record is the most essential part of a Zone file. A Zone file can contain only one SOA Record.The SOA resource record indicates that this DNS name server is the best source of information for the data within this DNS domain.

A properly optimized and updated SOA record can reduce bandwidth between nameservers, increase the speed of website access and ensure the site is alive even when the primary DNS server is down.

a) SOA record

It display the following details

Primary nameserver: This is the zone’s master DNS server

Hostmaster E-mail address: This record specifies the email address of the person/authority that is in charge of managing the domain name

Serial #:whenever a change to the zone file on the master DNS server is changed, the serial number must be increased by some value.That way, any slave server will know that an update has been made

Refresh:This value is configured to point the period at which the secondary or slave servers should poll the master server to check if the serial number of the zone file has been modified.

Retry: A value, typically an hour or less, that specifies the timeframe within which the slave server should repeat the update request, if the master DNS server for the zone has failed to answer its latest query

Expire: The ‘Expire’ value outlines the period of time for which the slave server will continue to use the existing data in case of a failure of the master DNS server.

Default TTL: TTL Negative responses (typically occurring when a requested record does not exist) can be also cached on non-authoritative servers. Small time periods are recommended (15min to 2h).

 

b) NSs have same SOA serial

Check whether SOA serial may changed.

 

c) SOA MNAME entry

Checking whether both nameserver and parent server has the same MNAME entry

d) SOA Serial

Check whether the serial number is in recommended format of YYYYMMDDnn.

e) SOA REFRESH

Check the refresh rate

f) SOA RETRY

Check the SOA RETRY value

g) SOA EXPIRE

Check the SOA EXPIRE number

h) SOA MINIMUM TTL

This value was used to serve as a default TTL for records without a given TTL value and now is used for negative caching (indicates how long a resolver may cache the negative answer)

3)MX

a) MX Records

Your MX records that were reported by your nameservers

b) Different MX records at nameservers

Checking all your nameservers have the same set of MX records.This tests to see if there are any MX records not reported by all your nameservers and also MX records that have the same hostname but different Ips.

c)MX name validity

Checking result of invalid hostnames for your MX records

d) MX IPs are public

Checking The Ip are public.

e) MX CNAME Check

Checking the canonical name.

f) MX A request returns CNAME

Checking whether CNAMEs returned for A records lookups.

g) MX is not IP

Checking MX records are host names or IP. MX entry will be a hostname is an necessity.

h) Number of MX records

Checking the number of mail servers.You should be careful about what you are doing since you have a single point of failure that can lead to mail being lost if the server is down for a long time.

i)Mismatched MX A

Checking MX has different A record.

j) Duplicate MX A records

Checking duplicate IP(s) for your MX records.

h) Reverse MX A records (PTR)

Used to reveres map IP addresses to a FQDN. Checking whether Reverse MX A records exist.

4) WWW

a) WWW A Record

Checking Whether we have a CNAME.

b) IPs are public

Checking whether WWW IPs appear to be public IPs.

c) WWW CNAME

Checking CNAME entry will returns the A record for the CNAME entry

 

  1. Login to Webmin
  2. Select Virtualmin
  3. Edit Databases

Screenshot from 2018-07-05 09-38-04

 

Screenshot from 2018-07-05 09-42-54

Screenshot from 2018-07-05 09-44-27

 

 

Virtualmin :: Create a Static page

To add a new site/domain (Virtual Server) to Webmin please use the following steps.

  1. Login to Webmin
  2. Select Virtualmin
  3. Select  the Create Virtual Server option
  4. Fill in the required information for the domain
    • Domain name
    • Description
    • Administration password
    • Server configuration template
    • Account plan
    • Administration username

Screenshot from 2018-07-05 01-33-33

For Creating a HTML page.

  • Select File Manager.
    • File >> Create new file.

Screenshot from 2018-07-05 09-25-29

  • Add the file name that you want to create. (eg : Index.html)

For Editing  a file.

  • Press “Left” click on the desired file that you need to edit.

Screenshot from 2018-07-05 09-16-28

Screenshot from 2018-07-05 09-30-36

  • For saving the html file.

Screenshot from 2018-07-05 09-30-50

For Uploading a file from local computer.

File >> Upload to current directory

Screenshot from 2018-07-05 01-39-04

 

 

 

 

 

 

 

Virtualmin :: Adding new website

To add a new site/domain (Virtual Server) to Webmin please use the following steps.

  1. Login to Webmin
  2. Select Virtualmin
  3. Select  the Create Virtual Server option
  4. Fill in the required information for the domain
    • Domain name
    • Description
    • Administration password
    • Server configuration template
    • Account plan
    • Administration username

Screenshot from 2018-07-05 01-33-33

 

 

 

 

Click Create Server

Virtualmin :: Account Plans

Each plan defines disk quotas, limits on domains, mailboxes and aliases, allowed features and allowed editing capabilities for servers.

Creating Plans::

Plans can be created by the master administrator and by resellers.

By default a newly installed Virtualmin system will have a single Default Plan, but you can create others by following the steps below :

  • Open the System Settings menu, and click on Account Plans.
  • Click on Add a new account plan.
  • Enter a unique name for the plan, and fill in the limits as you wish. Typical plans include disk quota, domain and bandwidth limits.
  • Click the Create button.

For making the new plan as default plan

Set default plan menu and click Change Default.

 

Virtualmin :: Create an email account

  1. Choose the domain you would like to add the email account to. You can do that by selecting the domain name from the drop-down box on the top-left.
  2. Click Edit Users.
  3. Click Add a user to this server.
  4. You can now enter the email address, full name, and password to use for this email account.
  5. Click Create, and Virtualmin will add the email account to your server.

This short article is to give an idea on how you can install latest version of wordpress on your hosting account.

You need to have,

Filezilla click here to get it ( or any other FTP client )
A cPanel hosting account. Get it here

Step 1

Download latest wordpress version. Click here to get it.

Step2

Uncompress latest.zip file.

Step3

Use Filezilla to upload the uncompressed files to the desired hosting account location. You can upload to public_html or any other location inside.

Uploading with filezilla

Uploading with filezilla


 

 

 

 

 

 

 

Step 4

Create database and users with your cPanel, Please see this article,

Step 5

Access the url were wordpress files are uploaded. You will get a screen as below . Click on create a configuration file.

Wordpress Installation

 

 

 

 

Step 6

Give the database and user details you have created with cPanel on the below stepWordPress Installation 2. Click on submit button.

 

 

 

 

 

 

On next screen click on run the install

 

Wordpress Installation 3

 

 

 

Step 7

Give site name, user name password and your email address on the next screen and click Install

Wordpress Installation 4

 

 

 

 

 

 

 

All set login and go !!!

The main purpose of Google APPS is ability to host mail service outside of your main domain and get full functionality of gmail services. To set up google MX as your mail server.

1. Log in to your cPanel account with the provided login credentials.

2. Under the Mail header click MX Entry in your cpanel.

google-cPanel-MXentry

3. Choose the domain for which you wish to use external email.

4. Three new sections will show up and under the Email Routing section you will want to select Remote Mail Exchanger.

5. Under the Add New Record section you will want to add your external mail server records.

For Google Apps you can see a list of servers at http://www.google.com/support/a/bin/answer.py?answer=174125

6. Once you have added your external MX Entries, you will want to make sure to remove any other entries.

Congratulations! You have successfully pointed MX records to your external mail provider. Keep in mind that changes to MX records may take up to 48 hours to take effect.