20 May

How to Check Server Load and Resource Usage on a Windows VPS

Windows provides several easy ways to check CPU usage, RAM consumption, disk activity, and running processes. In this article, we will show you some simple methods to monitor your Windows server resources.

1. Using Task Manager

Task Manager is the easiest way to monitor server performance on Windows.

How to open:

Press:

Ctrl + Shift + Esc

What you can check:

CPU usage
Memory (RAM) usage
Disk usage
Network activity
Running applications and services

The Performance tab gives a live overview of your server resources.

2. Using Resource Monitor

Resource Monitor provides more detailed information compared to Task Manager.

How to open:

Press:

Windows + R

Then type:

resmon

Features:

Detailed CPU monitoring
Memory usage breakdown
Disk activity tracking
Network connection monitoring

This tool is very useful for identifying which application or service is consuming high resources.

3. Check CPU Usage from Command Prompt

Open Command Prompt and run:

wmic cpu get loadpercentage

This will show the current CPU load percentage of the server.

4. Check Memory Usage

Run the following command in Command Prompt:

systeminfo

You will find:

Total Physical Memory
Available Physical Memory

This is similar to checking RAM usage on Linux using free -m.

5. View Running Processes

To see all running processes, use:

tasklist

This command works similarly to the ps aux command on Linux servers.

6. Check Active Network Connections

To view active network connections and listening ports:

netstat -ano

This can help identify unusual connections or troubleshoot network-related issues.

Final Words

Monitoring your Windows VPS regularly helps maintain server stability and quickly identify resource-related problems. Tools like Task Manager and Resource Monitor make it easy even for beginners, while Command Prompt and PowerShell commands provide more advanced monitoring options for administrators.

If you need assistance managing your Windows VPS or Dedicated Server, feel free to contact our support team anytime.

13 May

Temporary Restriction of cPanel & WHM Access Due to Critical Security Vulnerabilities

We have been alerted to several critical cPanel vulnerabilities that may allow elevated access to affected hosting infrastructure:

CVE-2026-29205
CVE-2026-29206
CVE-2026-32991
CVE-2026-32992
CVE-2026-32993

As a precautionary security measure, we have temporarily restricted access to the following services:

cPanel
WHM

We are currently awaiting official security patches from cPanel and expect further updates within the next 24 hours. Once the patches are released, applied, and all security checks are completed, access restrictions will be lifted accordingly.

If you require any urgent account or service-related changes during this period, please contact our support team by opening a support ticket.

We appreciate your patience and understanding as we work to ensure the continued security and stability of all services.

08 May

Critical cPanel Security Notice

We have been alerted to three critical cPanel vulnerabilities:

CVE-2026-29201
CVE-2026-29202
CVE-2026-29203

These vulnerabilities may allow elevated access to affected hosting infrastructure.

As a precautionary measure, we have temporarily restricted access to:

cPanel
WHM

We are currently awaiting official patches from cPanel and expect further updates within the next 24 hours. Once patches are applied and security checks are completed, access restrictions will be lifted.

If you require any urgent account or service changes during this period, please contact our support team through an support ticket.

We appreciate your patience and understanding while we work to keep all services secure.

30 Apr

Temporary cPanel Suspension for Security Protection

We would like to inform clients that cPanel/WHM related services has been temporarily suspended as a precaution.

This is due to a recently announced critical cPanel security vulnerability that may allow unauthorized access on unpatched systems. If attackers gain access to a control panel, they may be able to modify or delete user data. To help prevent such risks, we have taken this temporary step as we highly value the security of client data.

For details, please refer to the following articles:

Our team is currently applying security updates, performing checks, and securing the server before restoring access.

As this matter is beyond our direct control, we are unfortunately unable to provide an estimated timeframe at this moment.

We apologize for the inconvenience and appreciate your patience.

Further updates will be shared soon.

28 Apr

How to Reduce Incoming Spam Emails in cPanel

Receiving spam emails is a common issue for many email users. In most cases, this happens when an email address becomes publicly exposed on websites, social media, contact forms, data leaks, or is collected by automated bots that scan the internet for email addresses.

At TetraHost, we have already applied server-side spam protection settings to help reduce unwanted emails reaching user inboxes. However, no spam filtering system can block 100% of spam, so some unwanted emails may still arrive.

How Users Can Further Reduce Spam from cPanel

You can improve spam protection easily from your cPanel account:

1. Enable and Adjust Spam Filters

Go to cPanel > Spam Filters

From there you can:

Lower the spam score sensitivity to catch more spam emails
Automatically move detected spam to the Spam folder
Automatically delete high-score spam emails

2. Block Specific Email Addresses or Domains

If you keep receiving spam from the same sender:

Create email filters in cPanel > Email Filters
Block specific email addresses
Block entire domains

3. Use Strong Privacy Practices

To reduce future spam:

Avoid posting email addresses publicly online
Use contact forms instead of writing email addresses on websites
Do not reply to suspicious emails
Avoid subscribing your main email to unknown websites

4. Mark Spam in Webmail

If using webmail, mark unwanted emails as spam. This helps train filters over time.

By combining our server-level protections with these manual tweaks, you can significantly reduce the noise in your inbox.

22 Apr

What Is Spam? How It’s Detected on cPanel Servers and by Providers Like Gmail & Hotmail

What is spam?

Spam is any unsolicited or unwanted email sent in bulk. It can be promotional, misleading, or malicious (phishing, malware). Modern mail systems don’t rely on a single rule—they score multiple signals to decide whether a message is legitimate or spam.

What makes an email look like spam?

These are the main triggers:

1) Email body (content)

Excessive promotional language (“Buy now”, “100% FREE”, “Act fast”)
Too many links or shortened URLs
Mismatch between link text and actual URL
Poor formatting (all caps, too many colors, hidden text)
Suspicious HTML or tracking elements

2) Subject line

Clickbait or misleading wording
ALL CAPS or excessive punctuation (!!!)
Irrelevant to the actual content

3) Signature

Missing or inconsistent sender identity
No physical address or company details (for business emails)
Links to unrelated or low-reputation domains

4) Attachments

Executable files or risky types (.exe, .js, macro-enabled docs)
Password-protected archives (hard to scan)
Files that don’t match the context of the email

5) Sending system (very important)

Missing or incorrect SPF, DKIM, DMARC
No rDNS (PTR) for the sending IP
IP/domain listed on blacklists
Sudden spikes in sending volume
Poor sending history (high bounce or complaint rate)

How spam is detected on a cPanel server (Exim-based)

On most cPanel servers, email passes through Exim and spam filters like SpamAssassin.

Key mechanisms

1. SpamAssassin scoring

Each email gets a spam score based on rules
Factors include content, headers, links, and reputation
If score exceeds a threshold ? marked as spam or rejected

2. RBL (Realtime Blackhole Lists)

Checks if the sender IP is listed on known spam databases
If listed, emails may be rejected or heavily penalized

3. Authentication checks

SPF: verifies sending server is allowed
DKIM: verifies message integrity
DMARC: enforces policy and alignment

4. Rate limits & failure tracking

cPanel can block sending if:
- Too many failed or deferred emails per hour
- High percentage of delivery issues
Helps stop spam bursts or compromised accounts

5. Exim rules & ACLs

Server admins can define custom rules:
- Block certain patterns, domains, or behaviors
- Limit per-user sending rate

How providers like Gmail & Hotmail detect spam

Large providers (like Google and Microsoft) use advanced, multi-layered filtering:

1) Machine learning models

Analyze billions of emails daily
Learn from user behavior (opens, replies, spam reports)
Continuously adapt to new spam techniques

2) Sender reputation

IP and domain reputation over time
Considers:
- Bounce rate
- Spam complaints
- Engagement (opens/clicks)

3) Authentication & alignment

Strict checks for SPF, DKIM, DMARC
Misalignment (From vs actual sender) increases spam score

4) User feedback signals

“Mark as spam” ? negative signal
“Not spam” ? positive signal
Deleting without reading can also affect reputation

5) Content & intent analysis

Natural language processing to detect:
- Phishing attempts
- Social engineering
- Deceptive wording

6) Link and domain reputation

URLs inside emails are checked:
- Known phishing domains
- Newly registered domains (high risk)
- URL shorteners

7) Attachment scanning

Malware detection
Suspicious file types blocked or quarantined

Key difference: cPanel vs Gmail/Hotmail

Feature	cPanel Server	Gmail / Hotmail
Filtering type	Rule-based + scoring	AI + behavioral + reputation
Learning ability	Limited	Advanced machine learning
User feedback impact	Minimal	Very high
Reputation tracking	Basic (RBL)	Deep historical tracking

Best practices to avoid spam classification

Configure SPF, DKIM, DMARC correctly
Maintain clean email lists (no invalid addresses)
Avoid bulk sending spikes
Use clear, honest subject lines
Include proper sender identity/signature
Monitor logs and bounce reports
Keep server and websites secure (no spam scripts)

Final takeaway

Spam detection is not triggered by a single factor—it’s a combination of content, technical setup, and reputation. Even perfectly written emails can land in spam if the sending system or history is poor.

Understanding these layers helps you not just fix issues—but build long-term email deliverability.

02 Feb

Securing Virtualizor Panel Access with Firewall and IP Restrictions

Virtualizor is a powerful virtualization control panel, but like any admin interface, it should never be publicly accessible. By default, Virtualizor uses ports 4084 and 4085, which are common targets for brute-force attacks if left open.

In this article, we’ll walk through how we secured our Virtualizor panel by restricting access to trusted IPs only, both at the firewall and application level.

Why Restrict Virtualizor Ports?

Leaving management ports open to the public internet can expose your infrastructure to:

Brute-force login attempts
API abuse
Unauthorized access attempts
Automated scans and exploits

The safest approach is layered security: firewall + application-level restrictions.

Step 1: Restrict Ports 4084 & 4085 Using iptables

We configured the server firewall to allow access only from our trusted IP and block everyone else.

# Allow trusted IP
iptables -A INPUT -p tcp -s YOUR.TRUSTED.IP.ADDRESS --dport 4084 -j ACCEPT
iptables -A INPUT -p tcp -s YOUR.TRUSTED.IP.ADDRESS --dport 4085 -j ACCEPT

# Block all other IPs
iptables -A INPUT -p tcp --dport 4084 -j DROP
iptables -A INPUT -p tcp --dport 4085 -j DROP

Important: Always ensure the ACCEPT rules come before the DROP rules to avoid locking yourself out.

You can verify the rule order using:

iptables -L INPUT -n --line-numbers

Step 2: Save Firewall Rules Permanently

On systemd-based servers, we saved the rules using:

iptables-save > /etc/sysconfig/iptables

This ensures the rules persist after reboot.

Step 3: Restrict Virtualizor Panel & API Access

Firewall protection alone is not enough. We also applied restrictions inside Virtualizor:

Panel Access Restriction
Virtualizor >> Configuration >> Master Settings >> Security
>> Allowed IP list to Access Panel
API Access Restriction
Virtualizor >> Configuration >> Master Settings >> Security
>> Allowed IP list to restrict API operations

This ensures that even if firewall rules change, access remains locked down.

Step 4: Enable Two-Factor Authentication (2FA)

Finally, we enabled Two-Factor Authentication from:

Virtualizor >> Configuration >> Two Factor Authentication

This adds an extra security layer even if credentials are compromised.

Final Thoughts

By combining:

Firewall-level IP restriction
Virtualizor panel & API IP whitelisting
Two-Factor Authentication

This should significantly reduce the attack surface of your Virtualizor environment.

Best practice: Admin panels should always be accessible only from trusted networks — never the open internet.

02 Dec

cPanel® Licensing Price Update Effective January 1, 2026

We hope you’re doing well. This post is to keep our community fully informed about an upcoming change related to cPanel® licensing costs, which will take effect on January 1, 2026.

Why This Update Is Happening

Since 2019, cPanel® has increased licensing prices several times. Throughout these years, we at TetraHost have absorbed these rising costs and kept our rate fixed at BDT 40/month. With the latest increase announced by cPanel®, we now need to adjust this fee to BDT 50/month.

This adjustment applies only to Reseller accounts and is a direct pass-through cost from cPanel®, not an increase in our hosting service pricing.

How the New Pricing Works

Here’s a simple example of how the updated pricing affects reseller accounts:

Before January 1, 2026:
10 cPanel accounts ? 10 × 40 = 400 BDT/month
From January 1, 2026:
10 cPanel accounts ? 10 × 50 = 500 BDT/month

Monthly vs. Annual Renewals

To ensure full clarity:

Monthly renewal customers will receive invoices with the updated cPanel fee starting January 1, 2026.
Annual renewal customers will continue under the current rate until their next renewal date, at which point the updated pricing will apply.

No Early Invoices or Forced Renewals

Any invoices already generated will remain unchanged. We are not issuing early invoices, nor are we asking customers to renew ahead of time. Our goal is simply to communicate this update early, transparently, and respectfully.

Our Commitment to You

Your cPanel® account will continue to include powerful features such as the WordPress Toolkit, DIY Site Builder, and other tools that make website management easier and more efficient.

We sincerely appreciate your trust and support. Thank you for being a part of the TetraHost community. We wish you and your loved ones a wonderful year ahead!

If you have any questions or need clarification, feel free to reach out to our support team.

03 Nov

How to Install and Use Composer in cPanel Terminal

If you have Terminal access in cPanel but get an error like:

bash: composer: command not found

— don’t worry! You can easily install Composer locally for your own user account without needing root access.

Step 1: Open the Terminal

Log in to your cPanel account and open the Terminal app from your dashboard.
If you don’t see it, your hosting provider might need to enable SSH or Terminal access for your account.

Step 2: Install Composer for your user

Run the following commands one by one:

mkdir -p ~/bin
cd ~
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
php composer-setup.php --install-dir=$HOME/bin --filename=composer
rm composer-setup.php
echo 'export PATH="$HOME/bin:$PATH"' >> ~/.bashrc
source ~/.bashrc

These commands will:

Download the Composer installer
Create a personal bin folder in your home directory
Install Composer there
Update your system path so you can run composer directly

Step 3: Verify the installation

Run:

composer -V

If the installation is successful, you’ll see something like:

Composer version 2.x.x

Step 4: Use Composer in your project

Go to the directory where your composer.json file is located. For example:

cd ~/public_html/myproject
composer install

Composer will download all dependencies and create a vendor/ folder automatically.

Optional: Run with a specific PHP version

If your hosting server runs multiple PHP versions (like PHP 8.1 or 8.2), use this format:

/opt/cpanel/ea-php82/root/usr/bin/php ~/bin/composer install

Just replace ea-php82 with your actual PHP version path (found under Select PHP Version in cPanel).

Done!

You’ve successfully installed Composer on your cPanel account and can now manage PHP packages or frameworks (like Laravel) directly from Terminal — just like a VPS or local setup.

21 Oct

How to Install and Configure CSF (ConfigServer Security & Firewall) on a Linux cPanel Server [Updated for 2025]

If you’re managing a cPanel server, ConfigServer Security & Firewall (CSF) has long been one of the most popular and trusted security tools. It provides a simple way to configure your server’s firewall (iptables) and manage login failures, port access, and intrusion attempts — all through a friendly WHM interface.

However, as of August 31, 2025, the developers of CSF have officially discontinued active support and maintenance. The good news?
They’ve released CSF as open source under the GPLv3 license, which means you can still install, use, and even modify it freely.

In this guide, we’ll walk you through the latest method to install CSF on a Linux cPanel server, configure it properly, and ensure it’s ready for production.

Important Notes Before Installation

CSF is no longer maintained by ConfigServer. Use it at your own discretion.
The latest open-source GPLv3 version is still fully functional.
CSF does not work with firewalld, so you must remove it before installation.
Always take a server snapshot or backup before modifying firewall configurations.

Step-by-Step Guide to Install CSF on cPanel Server

Step 1: Log in to your server via SSH

Use your terminal or an SSH client like PuTTY to log in as the root user.

ssh root@your-server-ip

Step 2: Go to the root directory

Change to the root directory:

cd /root

Step 3: Remove `firewalld` (if installed)

CSF and firewalld cannot run together. Remove firewalld with:

yum remove firewalld -y

Step 4: Download the latest open-source CSF package

The open-source version is now available on GitHub:

wget https://github.com/waytotheweb/scripts/raw/refs/heads/main/csf.tgz

Step 5: Extract the CSF files

Unpack the downloaded file:

tar -xzf csf.tgz

Then move into the extracted folder:

cd csf

Step 6: Run the installer

For cPanel servers, use the installation script:

./install.cpanel.sh

This script automatically integrates CSF with WHM and configures the essential ports.

Configure CSF from WHM

Once installation completes, log in to your WHM panel and go to:

WHM » Home » Plugins » ConfigServer Security & Firewall

From here, you can manage your firewall rules, open or close ports, and configure login failure alerts.

Verify Installation

To confirm that CSF and LFD are running properly, use these commands in SSH:

csf -v
systemctl status lfd

You should see CSF version details and that LFD (Login Failure Daemon) is active.

Why Still Use CSF in 2025?

Even though it’s discontinued, CSF remains one of the most feature-rich firewall management tools for cPanel environments. It offers:

IP blocking and whitelisting
Brute-force protection via LFD
Port scanning detection
Email alerts for suspicious activity
Easy WHM integration

Since it’s now open source, the community can continue to patch, improve, or fork it for future use.

Final Thoughts

While CSF may no longer receive official updates, it’s still a powerful and reliable firewall solution for cPanel servers.
If you’re looking for a free, configurable, and battle-tested security tool, installing the open-source version of CSF is still worth it — especially if you understand basic Linux server management.

However, for long-term stability, keep an eye on community forks or consider alternatives like CSF-ng (if developed), UFW, or iptables directly.

TetraHost Bangladesh

The Official Company Blog

1. Using Task Manager

How to open:

What you can check:

2. Using Resource Monitor

How to open:

Features:

3. Check CPU Usage from Command Prompt

4. Check Memory Usage

5. View Running Processes

6. Check Active Network Connections

Final Words

How Users Can Further Reduce Spam from cPanel

1. Enable and Adjust Spam Filters

2. Block Specific Email Addresses or Domains

3. Use Strong Privacy Practices

4. Mark Spam in Webmail

What is spam?

What makes an email look like spam?

1) Email body (content)

2) Subject line

3) Signature

4) Attachments

5) Sending system (very important)

How spam is detected on a cPanel server (Exim-based)

Key mechanisms

How providers like Gmail & Hotmail detect spam

1) Machine learning models

2) Sender reputation

3) Authentication & alignment

4) User feedback signals

5) Content & intent analysis

6) Link and domain reputation

7) Attachment scanning

Key difference: cPanel vs Gmail/Hotmail

Best practices to avoid spam classification

Final takeaway

Why Restrict Virtualizor Ports?

Step 1: Restrict Ports 4084 & 4085 Using iptables

Step 2: Save Firewall Rules Permanently

Step 3: Restrict Virtualizor Panel & API Access

Step 4: Enable Two-Factor Authentication (2FA)

Final Thoughts

Why This Update Is Happening

How the New Pricing Works

Monthly vs. Annual Renewals

No Early Invoices or Forced Renewals

Our Commitment to You

Step 1: Open the Terminal

Step 2: Install Composer for your user

Step 3: Verify the installation

Step 4: Use Composer in your project

Optional: Run with a specific PHP version

Done!

Important Notes Before Installation

Step-by-Step Guide to Install CSF on cPanel Server

Step 1: Log in to your server via SSH

Step 2: Go to the root directory

Step 3: Remove firewalld (if installed)

Step 4: Download the latest open-source CSF package

Step 5: Extract the CSF files

Step 6: Run the installer

Configure CSF from WHM

Verify Installation

Why Still Use CSF in 2025?

Final Thoughts

References

Step 3: Remove `firewalld` (if installed)