TetraHost Bangladesh

The Official Company Blog

02 Feb

Securing Virtualizor Panel Access with Firewall and IP Restrictions

Virtualizor is a powerful virtualization control panel, but like any admin interface, it should never be publicly accessible. By default, Virtualizor uses ports 4084 and 4085, which are common targets for brute-force attacks if left open.

In this article, we’ll walk through how we secured our Virtualizor panel by restricting access to trusted IPs only, both at the firewall and application level.

Why Restrict Virtualizor Ports?

Leaving management ports open to the public internet can expose your infrastructure to:

  • Brute-force login attempts
  • API abuse
  • Unauthorized access attempts
  • Automated scans and exploits

The safest approach is layered security: firewall + application-level restrictions.

Step 1: Restrict Ports 4084 & 4085 Using iptables

We configured the server firewall to allow access only from our trusted IP and block everyone else.

# Allow trusted IP
iptables -A INPUT -p tcp -s YOUR.TRUSTED.IP.ADDRESS --dport 4084 -j ACCEPT
iptables -A INPUT -p tcp -s YOUR.TRUSTED.IP.ADDRESS --dport 4085 -j ACCEPT

# Block all other IPs
iptables -A INPUT -p tcp --dport 4084 -j DROP
iptables -A INPUT -p tcp --dport 4085 -j DROP

Important: Always ensure the ACCEPT rules come before the DROP rules to avoid locking yourself out.

You can verify the rule order using:

iptables -L INPUT -n --line-numbers

Step 2: Save Firewall Rules Permanently

On systemd-based servers, we saved the rules using:

iptables-save > /etc/sysconfig/iptables

This ensures the rules persist after reboot.

Step 3: Restrict Virtualizor Panel & API Access

Firewall protection alone is not enough. We also applied restrictions inside Virtualizor:

  • Panel Access Restriction
    Virtualizor >> Configuration >> Master Settings >> Security
    >> Allowed IP list to Access Panel
  • API Access Restriction
    Virtualizor >> Configuration >> Master Settings >> Security
    >> Allowed IP list to restrict API operations

This ensures that even if firewall rules change, access remains locked down.

Step 4: Enable Two-Factor Authentication (2FA)

Finally, we enabled Two-Factor Authentication from:

Virtualizor >> Configuration >> Two Factor Authentication

This adds an extra security layer even if credentials are compromised.

Final Thoughts

By combining:

  • Firewall-level IP restriction
  • Virtualizor panel & API IP whitelisting
  • Two-Factor Authentication

This should significantly reduce the attack surface of your Virtualizor environment.

Best practice: Admin panels should always be accessible only from trusted networks — never the open internet.

02 Dec

cPanel® Licensing Price Update Effective January 1, 2026

We hope you’re doing well. This post is to keep our community fully informed about an upcoming change related to cPanel® licensing costs, which will take effect on January 1, 2026.

Why This Update Is Happening

Since 2019, cPanel® has increased licensing prices several times. Throughout these years, we at TetraHost have absorbed these rising costs and kept our rate fixed at BDT 40/month. With the latest increase announced by cPanel®, we now need to adjust this fee to BDT 50/month.

This adjustment applies only to Reseller accounts and is a direct pass-through cost from cPanel®, not an increase in our hosting service pricing.

How the New Pricing Works

Here’s a simple example of how the updated pricing affects reseller accounts:

  • Before January 1, 2026:
    10 cPanel accounts ? 10 × 40 = 400 BDT/month
  • From January 1, 2026:
    10 cPanel accounts ? 10 × 50 = 500 BDT/month

Monthly vs. Annual Renewals

To ensure full clarity:

  • Monthly renewal customers will receive invoices with the updated cPanel fee starting January 1, 2026.
  • Annual renewal customers will continue under the current rate until their next renewal date, at which point the updated pricing will apply.

No Early Invoices or Forced Renewals

Any invoices already generated will remain unchanged. We are not issuing early invoices, nor are we asking customers to renew ahead of time. Our goal is simply to communicate this update early, transparently, and respectfully.

Our Commitment to You

Your cPanel® account will continue to include powerful features such as the WordPress Toolkit, DIY Site Builder, and other tools that make website management easier and more efficient.

We sincerely appreciate your trust and support. Thank you for being a part of the TetraHost community. We wish you and your loved ones a wonderful year ahead!

If you have any questions or need clarification, feel free to reach out to our support team.

03 Nov

How to Install and Use Composer in cPanel Terminal

If you have Terminal access in cPanel but get an error like:

bash: composer: command not found

— don’t worry! You can easily install Composer locally for your own user account without needing root access.

Step 1: Open the Terminal

Log in to your cPanel account and open the Terminal app from your dashboard.
If you don’t see it, your hosting provider might need to enable SSH or Terminal access for your account.

Step 2: Install Composer for your user

Run the following commands one by one:

mkdir -p ~/bin
cd ~
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
php composer-setup.php --install-dir=$HOME/bin --filename=composer
rm composer-setup.php
echo 'export PATH="$HOME/bin:$PATH"' >> ~/.bashrc
source ~/.bashrc

These commands will:

  • Download the Composer installer
  • Create a personal bin folder in your home directory
  • Install Composer there
  • Update your system path so you can run composer directly

Step 3: Verify the installation

Run:

composer -V

If the installation is successful, you’ll see something like:

Composer version 2.x.x

Step 4: Use Composer in your project

Go to the directory where your composer.json file is located. For example:

cd ~/public_html/myproject
composer install

Composer will download all dependencies and create a vendor/ folder automatically.

Optional: Run with a specific PHP version

If your hosting server runs multiple PHP versions (like PHP 8.1 or 8.2), use this format:

/opt/cpanel/ea-php82/root/usr/bin/php ~/bin/composer install

Just replace ea-php82 with your actual PHP version path (found under Select PHP Version in cPanel).

Done!

You’ve successfully installed Composer on your cPanel account and can now manage PHP packages or frameworks (like Laravel) directly from Terminal — just like a VPS or local setup.

21 Oct

How to Install and Configure CSF (ConfigServer Security & Firewall) on a Linux cPanel Server [Updated for 2025]

If you’re managing a cPanel server, ConfigServer Security & Firewall (CSF) has long been one of the most popular and trusted security tools. It provides a simple way to configure your server’s firewall (iptables) and manage login failures, port access, and intrusion attempts — all through a friendly WHM interface.

However, as of August 31, 2025, the developers of CSF have officially discontinued active support and maintenance. The good news?
They’ve released CSF as open source under the GPLv3 license, which means you can still install, use, and even modify it freely.

In this guide, we’ll walk you through the latest method to install CSF on a Linux cPanel server, configure it properly, and ensure it’s ready for production.

Important Notes Before Installation

  • CSF is no longer maintained by ConfigServer. Use it at your own discretion.
  • The latest open-source GPLv3 version is still fully functional.
  • CSF does not work with firewalld, so you must remove it before installation.
  • Always take a server snapshot or backup before modifying firewall configurations.

Step-by-Step Guide to Install CSF on cPanel Server

Step 1: Log in to your server via SSH

Use your terminal or an SSH client like PuTTY to log in as the root user.

ssh root@your-server-ip

Step 2: Go to the root directory

Change to the root directory:

cd /root

Step 3: Remove firewalld (if installed)

CSF and firewalld cannot run together. Remove firewalld with:

yum remove firewalld -y

Step 4: Download the latest open-source CSF package

The open-source version is now available on GitHub:

wget https://github.com/waytotheweb/scripts/raw/refs/heads/main/csf.tgz

Step 5: Extract the CSF files

Unpack the downloaded file:

tar -xzf csf.tgz

Then move into the extracted folder:

cd csf

Step 6: Run the installer

For cPanel servers, use the installation script:

./install.cpanel.sh

This script automatically integrates CSF with WHM and configures the essential ports.

Configure CSF from WHM

Once installation completes, log in to your WHM panel and go to:

WHM » Home » Plugins » ConfigServer Security & Firewall

From here, you can manage your firewall rules, open or close ports, and configure login failure alerts.

Verify Installation

To confirm that CSF and LFD are running properly, use these commands in SSH:

csf -v
systemctl status lfd

You should see CSF version details and that LFD (Login Failure Daemon) is active.

Why Still Use CSF in 2025?

Even though it’s discontinued, CSF remains one of the most feature-rich firewall management tools for cPanel environments. It offers:

  • IP blocking and whitelisting
  • Brute-force protection via LFD
  • Port scanning detection
  • Email alerts for suspicious activity
  • Easy WHM integration

Since it’s now open source, the community can continue to patch, improve, or fork it for future use.

Final Thoughts

While CSF may no longer receive official updates, it’s still a powerful and reliable firewall solution for cPanel servers.
If you’re looking for a free, configurable, and battle-tested security tool, installing the open-source version of CSF is still worth it — especially if you understand basic Linux server management.

However, for long-term stability, keep an eye on community forks or consider alternatives like CSF-ng (if developed), UFW, or iptables directly.

References

15 Sep

How to Safely Backup Your Website Data on cPanel

At TetraHost, we understand that your website data is important to you. Whether it’s files, emails, or databases, having a backup gives peace of mind in case something unexpected happens. That’s why we make it easy for you to download and secure your own backups, and we also maintain backups on our side for extra protection.

In this article, we’ll walk you through the different ways you can back up your website data using cPanel, and we’ll also share how we help keep your data safe.

1. Downloading a Full Backup from cPanel using Backup

The easiest way to take a complete backup of your website is through the Full Backup option in cPanel. This backup includes your website files, databases, emails, and settings.

Steps:

  1. Log in to your cPanel account.
  2. Go to Backup.
  3. Under Full Backup text click on Download a Full Account Backup.
  4. Here under Generate a Full Backup text select Backup Destination as Home Directory Backup which should be selected already and under Email Address text box give your email address where a confirmation email will be sent once the server completes backup generation of your account.
  5. Use Generate Backup text box to start the backup generation process in backup.

Note: A full backup cannot be restored directly from cPanel by the user, but it’s very useful to keep as a safety copy. It will be stored under your home directory(/home/username) which you can access and download from File Manager. If you ever need to restore, our support team can help.

2. Downloading a Full Backup from cPanel using Backup Wizard

The easiest way to take a complete backup of your website is through the Full Backup option in cPanel. This backup includes your website files, databases, emails, and settings.

Steps:

  1. Log in to your cPanel account.
  2. Go to Backup or Backup Wizard.
  3. Click on Download a Full Website Backup.
  4. Save the file to your computer or external storage.

Note: A full backup cannot be restored directly from cPanel by the user, but it’s very useful to keep as a safety copy. If you ever need to restore, our support team can help.

3. Manually Backing Up Website Files

If you only want your web content (for example, your HTML, PHP, or WordPress files), you can use the File Manager in cPanel.

Steps:

  1. Open File Manager in cPanel.
  2. Select your website folder (usually public_html).
  3. Use the Compress option to zip the files.
  4. Download the zipped file to your device.

This method is quick if you want to keep a copy of your website files only.

4. Backing Up Databases with phpMyAdmin

Your website databases (for example, WordPress or other CMS data) can be backed up separately.

Steps:

  1. Open phpMyAdmin from your cPanel.
  2. Select the database you want to back up.
  3. Click Export ? choose Quick and SQL format.
  4. Download the file to your device.

This ensures you have a safe copy of your website’s data and content stored in the database.

5. Email Backups

If you use cPanel emails, you can back them up by:

  • Downloading mail folders from File Manager (inside the “mail” directory), or
  • Setting up your email account in an email client (like Outlook or Thunderbird), which downloads and stores a copy of your emails locally.

6. Our Automatic Backups with R1Soft

Along with the options above, we also maintain backups of customer data using R1Soft backup software. This allows us to restore your data in case of accidental deletion, corruption, or other issues. Our team is always here to assist you if you ever need help with recovery.

7. Other Good Practices for Backup

  • External Storage: Keep an extra copy of your backups in an external hard drive or cloud storage service (like Google Drive, Dropbox, or OneDrive).
  • Regular Schedule: Try to take backups regularly—especially before making big updates or changes to your site.
  • Test Your Backups: Occasionally restore a backup on a test environment to make sure everything works properly.

Final Thoughts

Your data is safe with us, but it’s always a good idea to keep your own copies too. With cPanel, you have easy tools to download and manage your backups anytime. And remember, our team is always here to help if you need support.

At TetraHost, your website’s safety and security are our priority.

07 Sep

Upcoming Domain Price Adjustment – Effective October 4, 2025

Upcoming Domain Price Adjustment

Effective October 4, 2025

We would like to inform you that, due to global market changes and rising operational costs, our domain registration, renewal, transfer, and restore prices will be adjusted.

The new pricing will take effect on October 4, 2025.

Please note: The registry has not yet confirmed the final price. As soon as we get to know the price, you will be notified immediately.

We remain committed to providing reliable services at competitive rates and appreciate your continued trust in TetraHost Bangladesh.

CONTACT SPPORT

If you have any questions, feel free to reply to this email or open a support ticket.

12 Aug

How to Enable Ping (ICMP) on Windows Server 2019

By default, Windows Server 2019 blocks ICMP (ping) requests through the Windows Firewall. This means if someone tries to ping your server from another machine, they’ll get no response — even if the server is online.

Enabling ping can be useful for network troubleshooting, monitoring, or confirming that a server is reachable.
In this guide, we’ll show you how to allow ping (ICMP) traffic in Windows Server 2019 using Windows Defender Firewall.

Step 1: Open Windows Defender Firewall with Advanced Security

  1. Log in to your Windows Server 2019 as an administrator.
  2. Press the Windows key and type firewall in the search box.
  3. Click Windows Defender Firewall with Advanced Security from the search results.

Step 2: Go to Inbound Rules

  1. In the left-hand menu, click Inbound Rules.
  2. You’ll now see a list of predefined firewall rules.

Step 3: Enable the ICMP (Ping) Rule

  1. Scroll through the list and find the rule named:
    File and Printer Sharing (Echo Request – ICMPv4-In).
    • This rule allows IPv4 ping requests.
  2. Right-click the rule and select Enable Rule.

If you also want to allow IPv6 ping requests, enable the rule:
File and Printer Sharing (Echo Request – ICMPv6-In).

Step 4: Test the Ping

  1. Open Command Prompt on another computer.
  2. Type: ping IP-ADDRESS-OF-THE-SERVER (example: ping 10.10.10.10)
  3. Press Enter.
    • If the firewall rule is enabled, you’ll see Reply from… messages.
    • If the rule is disabled, you’ll get Request timed out.

You have successfully enabled ping (ICMP) on your Windows Server 2019.
Remember, while ping is useful for diagnostics, enabling it can expose your server to unnecessary network probes. Consider allowing ping only from trusted IP addresses for security.

12 Aug

How to Enable Remote Desktop (RDP) on Windows Server 2019

Remote Desktop Protocol (RDP) allows you to connect to your Windows Server 2019 from another device. This is useful for server management, remote assistance, or accessing files and applications without being physically present at the server.

By default, RDP is disabled in Windows Server 2019 for security reasons. This guide will show you how to enable it and give users the necessary permissions.

Step 1: Enable Remote Desktop in Server Manager

  1. Log in to the server using an account with administrator rights.
  2. Open Server Manager.
    • You can find it in the Start menu, or it may open automatically after login.
  3. In the left panel, click “Local Server”.
  4. On the right, find the Remote Desktop section and click the text that says “Disabled”.
  5. In the System Properties window:
    • Select “Allow remote connections to this computer”.
    • (Optional) Click “Select Users…” to add other accounts that can connect via RDP.
  6. A warning will appear saying this will enable the necessary firewall rules. Click OK.
  7. Close the window and refresh Server Manager — the Remote Desktop status should now show Enabled.

Step 2: Allow RDP Through Windows Firewall (if needed)

In most cases, enabling Remote Desktop in Server Manager will automatically update the firewall rules.
If you still can’t connect, check the firewall settings:

  1. Open Windows Defender Firewall from the Start menu.
  2. Click Allow an app or feature through Windows Defender Firewall.
  3. Ensure Remote Desktop is allowed for the appropriate network profiles.

Step 3: Grant User Permissions for RDP

By default, members of the Administrators group can connect using RDP. If you want to allow other users:

  1. Press Windows + R, type compmgmt.msc, and press Enter to open Computer Management.
  2. Go to Local Users and Groups ? Users.
  3. Double-click the user account you want to allow.
  4. In the Member Of tab, add the user to the Remote Desktop Users group.
    (This is the standard method; the Dial-in tab is for VPN access, not RDP.)
  5. Click OK to save.

Step 4: Connect to the Server via RDP

Now that RDP is enabled and permissions are set:

  1. From another computer, open the Remote Desktop Connection app (mstsc).
  2. Enter the IP address or hostname of your Windows Server 2019.
  3. Log in using the account you configured.

? You’ve successfully enabled RDP on Windows Server 2019.
For better security, consider:

  • Changing the default RDP port.
  • Limiting access to trusted IP addresses via firewall.
  • Using strong passwords and enabling Network Level Authentication (NLA).

26 Apr

How to Check PHP Version and Settings on a cPanel Server

Want to know which PHP version your site is using or check settings like memory limit, upload size, etc.? Here’s a quick way to do it using a phpinfo() file.

Step 1: Create a phpinfo.php File

  • Log in to cPanel and go to File Manager.
  • Inside public_html or go to the desired folder, create a new file named phpinfo.php.
  • Edit it and add:
<?php phpinfo(); ?>

Step 2: View It in Your Browser

Visit https://yourdomain.com/phpinfo.php — this shows:

  • PHP version
  • Active php.ini settings
  • Installed PHP extensions

Step 3: Delete the File

For security, delete phpinfo.php after you’re done.