iManila Help Center

Hosting Solutions

Website Protection

Tools

Hosting

Our hosting solutions are engineered for powerful and reliable performance online. From shared and dedicated hosting to SSL certificates and web security and backup, you can rely on our solutions to provide 99.5% uptime and availability whenever, wherever!

Technical Support

Our IT specialists provide your business with solutions to help with common software and hardware issues across all devices whether on desktop, laptop, or on mobile.

Digital Marketing

Expand your reach online, and efficiently hit business objectives by implementing strategic digital marketing campaigns.

Web

In this digital age, a well-designed website is a game changer. But "well-designed" doesn't just mean aesthetics, but overall user experience. We create highly-functional websites that can support your business objectives -- whether that means driving awareness, lead generation, or even sales.

Author: iManila Support

Why can’t I access my Website, cPanel and Webmail?

Written on . Posted in Knowledgebase.

Sometimes you find the website hosted with iManila inaccessible and more than that, you are not able to access cPanel and webmail. The links http://yourdomain.com/cpanel and http://mail.yourdomain.com/webmail are displaying an error message Server connection timed out. What is happening? Most likely, your public IP address was blocked by our Firewall.

Firewall is a network security device designed to protect networks from unauthorized access, while permitting legitimate communications to pass. For obvious security reasons, a Firewall has to be installed in any server. A standard practice not just by hosting providers but, by anyone who puts up a service accessible in the cloud.

Automatic firewall blocks are created for a certain external IP address from which unauthorized access attempts were noticed by the Firewall monitoring program. In case of 5 failed login attempts from your IP address, it gets temporarily blocked for 20 minutes. If more failed login attempts are detected during this period, the IP gets blocked permanently. If the server detects 15 failed login attempts from different IP addresses, this account will be temporarily locked for 10 minutes.

So, if you find yourself not being able to connect to the website, cPanel and webmail from a certain computer, most likely, you have triggered the Firewall rules. Please contact our Support and we will assist you on unblocking your IP address.

How to identify your IP address? A simple Google search of “what is my ip” will give a result of your current public IP address.  You can also check your IP address from here .

What can be the reason of the IP being blocked and how to avoid it?

  • Exceeding the number of failed cPanel login attempts
    When you were not able to log into cPanel for the first time, please do not try to do it as many times as possible. Once you have used the incorrect login details 5 times, the IP gets blocked. To avoid that, please check your login details in the Welcome Email Guide that was sent to the email account associated with the hosting package. Otherwise, feel free to send a request for the cPanel password reset via our support email
  • Failed POP3/IMAP/SMTP or Webmail login
    Apart from cPanel login protection, Firewall also prevents unauthorized access to mail service.

    • Block due to webmail failed login attempts – If you were having issues with logging into webmail and, as a result, both cPanel and webmail are no longer available, most likely you have triggered a similar IP block for email access.
    • Block due to failed POP3/IMAP login attempts – If you start receiving errors/pop-up windows related to IMAP/POP3 failed authentication in your email client, then it is possible that login credentials for the email account are outdated/incorrect. Unfortunately, in this case the email client will not stop trying to access the mail server which may in time result in a permanent IP block as well.
    • Block due to failed SMTP login attempts – This kind of block occurs when SMTP authentication data is not valid so you can’t send mail from the email client (you can still have correct settings for the incoming mail server and receive new emails without issues). Usual symptoms for such issue are the emails that do not leave the “Outbox” folder or errors/pop-up messages that notify about failed SMTP authentication. Make sure that SMTP login is your full email address, and the password is the same as for the incoming mail server. If you still can’t log in with the old password, consider resetting it once your IP address is unlocked. You can do it in your cPanel account on the Email accounts page:
  • Incorrect email client settings
    The email client settings may also cause an IP block, so if you are struggling with an email client setup, it is better to delete the non-functioning email account from the email client and start from scratch later. You can find the correct settings hereNOTE: Frequent POP3 queries to the server can cause high general server load. In order to avoid this, we have implemented the limit of 10 POP3 connections per hour from a single IP address for all shared users. Therefore, it is not recommended to set POP3 mail check interval to less than 5 minutes in order to avoid IP blocking.
  • PortScan activity
    Port scan is an attack that sends requests of a client to a range of server port addresses on a host with the goal of finding an active port and exploiting a known vulnerability of that service. To avoid that, please make sure your clients are configured in a way not to permanently attempt to scan ports of a server. Reduce timeout intervals on all FTP and mail clients in your network. If there are many users in your network, and all of them are accessing the Internet from an external IP address, make sure they do not reconnect using FTP or mail clients frequently. Connection requests coming from one IP can trigger the firewall to block the IP.

cPanel – ModSecurity

Written on . Posted in SECURITY. Leave a Comment

Overview
ModSecurity is an open-source web-based firewall application (WAF) supported by different web servers like Apache, Nginx and IIS.

Usage
The module is configured to protect web applications from various attacks. ModSecurity supports flexible rule engine to perform both simple and complex operations. It comes with OWASP (Open Web Application Security Project) ModSecurity™ CRS (Core Rule Set). The OWASP ModSecurity™ CRS is a set of rules that Apache’s ModSecurity™ module can use to help protect your server. While these rules do not make your server impervious to attacks, they greatly increase the amount of protection for your web applications.

It comes with a Core Rule Set (CRS) which has various rules for:

  • cross website scripting
  • bad user agents
  • SQL injection
  • trojans
  • session hijacking
  • other exploits

Why should I use the OWASP ModSecurity rule set?

  • Protection from insecure web application design — ModSecurity rule sets can provide a layer of protection for web applications such as WordPress, phpBB, or other types of web applications. It can potentially protect against vulnerabilities in out-of-date web applications that protect against vulnerabilities in unpatched, out-of-date applications. If the developer of an application makes a security mistake, ModSecurity may block a security attack before it can access the vulnerable application.
  • Protection against operating system level attack — ModSecurity rule sets can protect against attacks that exploit the operating system of your server. For example, in 2014, there was a security flaw in the Bash shell program that Linux servers use. Security experts created ModSecurity rules to disallow the use of the exploit thought Apache. Server administrators used these ModSecurity rules and added additional security to their system until the release of a security patch for Bash shell.
  • Protect against generalized malicious traffic — Some of the security threats that server administrators face may not directly attack a program or application on your server. DoS (Denial of Service) attacks, for example, are common attacks. You can reduce the impact of such malicious traffic through the use of ModSecurity rules.

What are the risks?
As with any mechanism that blocks web traffic, OWASP rules could block legitimate traffic (false positives). While both OWASP and cPanel, L.L.C. aim to curate the OWASP rule set to reduce the potential for false positives, the rule set may block legitimate traffic.

cPanel – Two Factor Authentication

Written on . Posted in SECURITY. Leave a Comment

Overview
Two-factor authentication (2FA) is a security measure that requires two forms of identification. After you enter your password, you must enter a security code. An application on your smartphone supplies this code. Without your smartphone, you cannot log in.

Note:
2FA requires a smartphone with a supported time-based one-time password (TOTP) app. We suggest the following apps:

Important:
2FA supports only one concurrent session for any user. If you open several browser windows to cPanel and log out in one of them, the server will log out the other windows.
To configure 2FA, perform the following steps:
  1. The Two-Factor Authentication menu can be found in the cPanel >> Security >> Two-Factor Authentication:
  2. Go to the Two-Factor Authentication menu and click on the Set Up Two-Factor Authentication button:
  3. Connect your cPanel to your Authenticator app.

    There are 2 ways to connect the app:

    • Automatically create the link by scanning the displayed QR code with your app
    • Manually create the link by entering the provided Account and Key information in your app
  4. After the app is installed and connected to the cPanel, continue by entering the six-digit security code into the cPanel >> Security >> Two-Factor Authentication >> Step 2 >> Security code:

  5. You should receive the following success message:
  6. During the next cPanel login, after you enter your username and password, you will be redirected to the next page to enter the security code:

 

 

How to transfer your WordPress website to your iManila Hosting Account

Written on . Posted in Knowledgebase, Website.

Overview

This tutorial explains how to migrate a hosted WordPress® installation to iManila server. This is useful, for example, if you develop your website on a locally-hosted server and wish to deploy your work to a public-facing server. This also applies if you are trying to transfer your WordPress website to your iManila hosting account.

Warning:

  • Your website will likely experience downtime during this process.
  • Website migration is not part of our FREE Standard Support. Please contact us if you need assistance on this matter.

Pre-migration requirements.

Before you begin, make certain that you possess the following:

  • An active domain that has an active hosting account with iManila.
  • Admin access to your domain to update DNS records.
  • An File Transfer Protocol (FTP) client and account.
  • Your iManila Hosting account IP address

 

Step 1 – Export the WordPress database.

Export your WordPress installation’s database with the phpMyAdmin tool. To do this, perform the following steps:

(if phpMyAdmin is not available in your current environment, you may need to export your database manually. Please ask your current hosting provider on how to do this.)

  1. Navigate to localexample.com/phpmyadmin, where localexample represents your locally-hosted domain. The phpMyAdmin interface will appear.
  2. Click Export in the toolbar. A new interface will appear.

  3. Under the Export Methods: heading, select either of the following export methods:

    • Quick — This method displays the minimum options.
    • Custom — This method displays all possible options.

    Notes:

    We recommend that you select Quick.

  4. Select the database’s format from the Format: menu. This option defaults to SQL

  5. Click Go. The system will create a download file that contains your database information.

Step 2 – Upload the files to the new server.

Connect to your web hosting account via your preferred FTP client and upload your WordPress files to your web host account’s public_html directory.

Step 3 – Create a MySQL® database.

Create a MySQL database to which to import the WordPress database in cPanel’s MySQL Databases interface (cPanel >> Home >> Databases >> MySQL® Databases).

Step 4 – Import the WordPress database to cPanel & WHM.

Import your WordPress database backup file to cPanel & WHM. To do this, perform the following steps:

  1. Navigate to cPanel’s phpMyAdmin interface (cPanel >> Home >> Databases >> phpMyAdmin).
  2. Click Databases in the toolbar and then click the database that you created in the previous step.
  3. Click Import in the toolbar. A new interface will appear.
  4. Click Choose File and select the database backup file that you created in Step 1.
  5. Click Go. The system will import your WordPress database.

Step 5 – Change the website URL.

It is important to change your website URL specially if you are using a different domain with your current hosting provider. You must change the website URL in your database so that the database connects with your WordPress site. To do this, perform the following steps in cPanel’s phpMyAdmin interface ( cPanel >> Home >> Databases >> phpMyAdmin ):

  1. Locate the wp_options table and click Browse.
  2. Under the option_name column, locate the siteurl entry and click Edit.
  3. In the option_value column, enter your website’s new URL in the text box and click Go.
  4. Locate the home entry and click Edit.
  5. In the option_value column, enter your website’s new URL in the text box and click Go.

Step 6 – Configure the WordPress database settings.

You must configure your WordPress database settings to use the information for the database that you created in step 3. To do this, perform the following steps:

  1. Navigate to cPanel’s FileManager interface (cPanel >> Home >> Files >> File Manager).
  2. Open the public_html directory and locate the wp-config.php file.
  3. Right-click the wp-config.php file and click Edit. A pop-up window will appear.
  4. Click Edit in the pop-up window. The editor will appear in a new browser tab.

  5. Edit the DB_NAMEDB_USER, and DB_PASSWORD lines to match the information for the database that you created in step 3. This will resemble the following example:

Step 7 – Update links and images.

Your website may contain broken links and broken images after you migrate your website. To update the links and images to use your new website’s URL, perform the following steps:

  1. Navigate to cPanel’s phpMyAdmin interface (cPanel >> Home >> Databases >> phpMyAdmin).
  2. Click Databases in the toolbar and then click the database that you created in step 3.
  3. Click SQL in the toolbar.

  4. In the text box, enter an SQL query to update your URLs. For example:

    UPDATE wp_posts SET post_content = REPLACE(post_content, 'localexample.com/, www.mrfrog.com/')
  5. Click Go to run the query.

Step 8 – Save the changes in WordPress interface.

After you updates your links and images, save the changes in the WordPress dashboard to update the URL. To do this, perform the following steps:

  1. Log in to the WordPress dashboard.
  2. Navigate to the General interface (Main >> Settings >> General.)
  3. Click Save at the bottom of the interface.
  4. Navigate to the Permalink interface (Main >> Settings >> Permalink).
  5. Click Save at the bottom of the interface.

Step 9 – Update your domain’s DNS record.

Migrating your website to a new hosting provider or server means a new IP address. Update your website’s A DNS record to point your domain to your iManila hosting account.

  1. Login to your cPanel.
  2. Navigate to Domains > Zone Editor
  3. Select Manage beside your domain name.
  4. Then update your A DNS record, pointing to your iManila Hosting account IP address. The IP address can be found in the right-side pane of your cPanel Homepage > GENERAL INFORMATION.

Let's work together!

Make the first move! Let iManila help you maximize your presence online.

Just fill out your contact details and tell us what you need, then we’ll be sure to get back to you as soon as possible.



 

About

Connect with us

Services

Get in touch

Quicklinks

Terms and Conditions | Privacy Policy
Copyright © 2023 iManila