Skip to content

Category: CPanel

Let’s Encrypt The World

lets-encrypt-logoI have been a big fan of free SSL certificate authority LetsEncrypt.org since it was in Private Beta. Now in Public Beta, and now being a Certificate Authority recognized by every major web browser, it’s time for you to start using it on your website!

The great thing about Let’s Encrypt is that it is free. Why? Because the sponsors behind it believe encryption is for the public good. And they are correct. No more do you need to pay $80/year or more for an SSL certificate through some company like GoDaddy. This all may sound too good to be true, but it isn’t.

Wait, what?

In case you are unfamiliar with what I’m talking about here, LetsEncrypt.org offers you free SSL (Secure Socket Layer) certificates for your website. This make your website secure and encrypted for your visitors, just like your bank does, by changing your site’s address from using http://  to https://.

Being a user of the WHM/CPanel web hosting tools for the handful of websites I run, I found a great set of instructions and scripts you can use to get this set up and running in that environment. Just follow the instructions in the WHM forum here. Be sure to set up the cron job so that your cert(s) get renewed automatically. If you forget, it’s very easy to do it by hand from the command line, but the cron job makes it so that you don’t need to remember.

Encrypt WordPress

If you are a WordPress website owner, you can configure it to use the SSL certificate by editing your site’s URL in Settings > General. I especially recommend this for WordPress admin area logins, but there’s not reason you shouldn’t be using SSL on your whole site anymore. This is especially true considering Google favoring SSL-enabled sites over non-SSL sites.

Redirect Traffic to HTTPS

Using an .htaccess file, you can set it up so that any traffic going to your http:// website is automatically redirected to your https:// version. This is the snippet I use in my .htaccess file for that:

RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Go forth and encrypt all the things!

Bellsouth Rejects Email

For two years, I have battled with this issue of Bellsouth.net (and AT&T in general) blocking email from any domain hosted on my web server.  I set up all kinds of security precautions, set up SPF records, and ran all sorts of tests in order to subdue the fears that somehow my server was being used as an open relay for spam.

I was so sure that it was all correct, and was so frustrated that the problem wouldn’t go away.  It only appeared to happen with Bellsouth addresses.

I used the AT&T Unblock request twice, which helped for a short time, but I would soon find email being blocked again and many of my hosted clients complaining.

But today, scouring through the CPanel user forums, I discovered the cause and solution!

I had a hosted client who wanted me to forward all of her email to her Bellsouth account a couple of years ago.  I did this, and then she soon complained that she wasn’t receiving any email. I never stopped to consider the fact that the forward itself was the cause of the problem, and that Bellsouth thought that there was spam being relayed from my server!

So, I have removed that forwarded email account (got her to set up a GMail account), have re-filed a request with Bellsouth to unblock my server, and all should be good again.

I hope this helps someone out there!