All cloud web hosting, semi-dedicated, and reseller hosting services include enterprise level email spam filtering through SpamExperts. Clients looking to enable SpamExperts on their account can refer to our KB article Enabling SpamExperts through cPanel

Once SpamExperts has been enabled on your domain there are two ways to access the SpamExperts management panel.

Accessing SpamExperts Through cPanel

1. Login to cPanel for your account and once you've logged into cPanel search for the "Professional Spam Filter" interface:
   
   
   
   
2. Under the Professional Spam Filter interface in cPanel click on the Login button to the right of the listed domain:
   
   
   
   
3. After clicking Login you will be redirected to the SpamExperts web interface as the main/primary domain user for this account. You can use this interface to manage all SpamExperts settings, train / release emails, etc.
   
   

Creating Separate SpamExperts Users for External Access Outside cPanel

These steps assume you have already enabled SpamExperts enterprise email filtering on your account.

1. Login to cPanel for your account and once you've logged into cPanel search for the "Professional Spam Filter" interface:
   
   
   
   
2. Under the Professional Spam Filter interface in cPanel click on the Login button to the right of the listed domain:
   
   
   
   
3. After clicking Login you will be redirected to the SpamExperts web interface as the main/primary domain user for this account.
   
   
4. From the SpamExperts web interface scroll down to the bottom left side menu titled "Users & Permissions". Click "Manage Email Users":
   
   
   
   
5. From the Manage Email Users interface click the "Add" button:
   
   
   
   
6. Fill out the provided username, password, and status fields:
   
   
   
   
7. Save your changes to create your SpamExperts user.
   
   
8. You will now be able to use this new username/password you've created to login to https://se001.arandomserver.com directly without requiring going through cPanel first.

Our default firewall rules allow most applications/software to run without issues on our shared, cloud web hosting, semi-dedicated, and reseller hosting plans. If you're running an application/software which requires we whitelist an IP or open a non-standard port please open a ticket with our support department and provide us with:

• The port(s) and/or IP(s) you need whitelisted.
  
  
• An explanation of why the whitelist is necessary.
  
  
• The name of the application/software you're attempting to use.

Any website hosted through Hawk Host which is using Hawk Host's nameservers (nsX.hawkhost.com) will have full control over their DNS zone using the Zone Editor interface found in cPanel. You can use this interface to add or edit your domains A, AAAA, CAA, CNAME, DMARC, MX, SRV, and TXT records.

Editing existing DNS Records for your domain

1. Login to your hosting accounts cPanel and use the search to access the "Zone Editor" interface:
   
   
   
   
2. You will be redirected to the Zone Editor and a list of all domains hosted from your account will be shown.
   
   
3. Locate the domain you're looking to modify and to the right of the domain click the "Manage" button:
   
   
   
   
4. After clicking Manage you will be redirected to your domain DNS zone. All your existing DNS records will be listed with an "Edit" button listed to the right of each record. Use this button to edit any of the provided values for your existing DNS records.
   
   

Adding an A Record to your domain

1. Login to your hosting accounts cPanel and use the search to access the "Zone Editor" interface:
   
   
   
   
2. You will be redirected to the Zone Editor and a list of all domains hosted from your account will be shown.
   
   
3. Locate the domain you're adding an A record to and to the right of the domain click the "+A Record" button:
   
   
   
   
4. A popup window will appear asking for your domain for the new record along with the IP address where the record should be pointed. For example if we wanted to add an A record for blog.yourdomain.com pointed to the IP address 1.2.3.4 we would enter those details as follows:
   
   
   
   
5. Click "Add An A Record" to save your changes and add the record to your DNS zone for your domain.
   
   

Adding a CNAME Record to your domain

1. Login to your hosting accounts cPanel and use the search to access the "Zone Editor" interface:
   
   
   
   
2. You will be redirected to the Zone Editor and a list of all domains hosted from your account will be shown.
   
   
3. Locate the domain you're adding an A record to and to the right of the domain click the "+CNAME Record" button:
   
   
   
   
4. A popup window will appear asking for your domain for the new record along with the CNAME (destination) where the record should be pointed. For example if we wanted to a CNAME record for blog.yourdomain.com and redirect those requests to yourotherdomain.com we would enter those details as follows:
   
   
   
   
5. Click "Add A CNAME Record" to save your changes and add the record to your DNS zone for your domain.
   
   

Adding an MX Record to your domain

1. Login to your hosting accounts cPanel and use the search to access the "Zone Editor" interface:
   
   
   
   
2. You will be redirected to the Zone Editor and a list of all domains hosted from your account will be shown.
   
   
3. Locate the domain you're adding an MX record to and to the right of the domain click the "+MX Record" button:
   
   
   
   
4. A popup window will appear asking for MX Priority (0 is the lowest possible) along with the Destination (your email server) where the record should be pointed. For example if we wanted to an MX record for with a priority 0 and route mail through yourdomain.com we would enter that information as follows:
   
   
   
   
5. Click "Add An MX Record" to save your changes and add the record to your DNS zone for your domain.
   
   

Adding a DMARC Record to your domain

Please refer to our KB article How do I create DMARC entries for my domain names? for a guide on creating DMARC records for your domain.

Adding other (AAAA, CAA, SRV, TXT) DNS Records to your domain

1. Login to your hosting accounts cPanel and use the search to access the "Zone Editor" interface:
   
   
   
   
2. You will be redirected to the Zone Editor and a list of all domains hosted from your account will be shown.
   
   
3. Locate the domain you're looking to modify and to the right of the domain click the "Manage" button:
   
   
   
   
4. From the middle-right of the Zone Records page click the arrow dropdown next to "+ Add Record" to add your new record. Select your record type from the provided dropdown:
   
   
   
   
5. Follow the provided prompts to complete the process of adding your new record to this domains zone file.

Unfortunately Cloudflare has formally announced the deprecation of their cPanel plugin, as a result of this notice access to the Cloudflare cPanel plugin will be removed from Hawk Host’s cPanel as of June 15 2022. Cloudflare will continue to serve sites originally configured through the cPanel plugin however you will need access to your direct cloudflare.com account to continue managing and modifying your DNS zones.

To transition all your existing Cloudflare powered sites from cPanel to Cloudflare directly you can login to your account at https://dash.cloudflare.com/login. The email address and password used will be the same ones used when first enrolling through the cPanel plugin. If you do not have your credentials available the form at https://dash.cloudflare.com/login offers password reset and account recovery options.

Any issues with accessing your account or importing your sites can be resolved directly with Cloudflare support through https://support.cloudflare.com/hc/en-us. Unfortunately Hawk Host support is unable to assist with account access or import issues when transitioning to your direct Cloudflare account.

When checking the "Email Deliverability" interface in cPanel it may show a PTR/rDNS error which reads "Problems Exist (Reverse DNS)":

All of our servers already have proper PTR/rDNS records setup. This error message from cPanel is a known bug which has been reported to the cPanel development team. This bug will not cause any issues with email delivery and can be safely ignored.

If you have any further questions regarding this please open a ticket with our support department through your helpdesk account.

As of September 2019 cPanel has adjusted their pricing structure from a flat fee per license to a usage based structure, meaning as a cloud compute customer you are limited to the number of cPanel accounts you can create depending on the license you are using. Hawk Host currently offers the following four license options for cloud compute plans:

cPanel License Type	Number of cPanel Accounts	Monthly Price
cPanel Admin Cloud	5	$17.00
cPanel Pro Cloud	30	$23.00
cPanel Plus Cloud	50	$33.00
cPanel Premier Cloud	100	$42.00

For example, if you intended on hosting 25 cPanel accounts from your cloud compute, you would require the cPanel Pro Cloud license. If your usage grew and required 31 or more cPanel accounts, you would need to upgrade to the cPanel Plus Cloud license.

If your needs exceed more than 100 total cPanel accounts please contact our sales team and we can provide pricing for the right license based on your growth and future needs.

cPanel has included video tutorials for every option under the control panel. To access these tutorials and get help with the options, look for the "Video Tutorials" section in your cPanel.

You can add custom error pages by logging into cPanel and selecting the the "Error pages" under "Advanced". From you you can add custom error pages in HTML and SHTML form.

ErrorDocument 403 /403.html

ErrorDocument 404 /404.html

Example Error Codes (Full list)

400 - Bad Request
401 - Authorization Required
403 - Forbidden
404 - Not Found
405 - Method Not Allowed
406 - Not Acceptable (encoding)
407 - Proxy Authentication Required 
408 - Request Timed Out
409 - Conflicting Request
410 - Gone
411 - Content Length Required
412 - Precondition Failed
413 - Request Entity Too Long
414 - Request URI Too Long
415 - Unsupported Media Type
500 - Internal Server Error
501 - Not Implemented
502 - Bad Gateway 
503 - Service Unavailable
504 - Gateway Timeout505 - HTTP Version Not Supported

You can view the CPanel documentation at the official website: http://www.cpanel.net/support/docs/index.htm

SpamExperts is an enterprise level email filtering solution that is included for free with all shared, reseller, and semi-dedicated hosting plans. If you'd like to utilize our incoming email filtering on your account, you can do so through cPanel. Activation takes less than 5 minutes, at which point all of your incoming mail will be passed through our filtering/detection systems. By default, all outgoing email is filtered through our systems. As a result no action is necessary on your behalf to utilize outgoing filtering. To enable SpamExperts incoming filtering:

1. Login to cPanel for your account.
   
   
2. Once you've logged in to cPanel use the search bar to look for the "Professional Spam Filter" and click on the link:
   
   
   
   
3. Under the Professional Spam Filter interface, click the link titled "Login". This will activate and configure SpamExperts on your hosting account:
   
   
   
   
4. You will then be redirected to your SpamExerts user interface. From here you can configure your settings, search for filtered mail/spam, create whitelists and blacklists, and much more. We suggest spending 10-15 minutes familiarizing yourself with the user interface/control panel.
   
   

Please note that the default settings we create when you activate SpamExperts will address nearly all of the common requirements for most users. You're not required to do any further configuration or modification unless you deem it necessary for your domain(s)/setup. Should you experience any issues activating SpamExperts, or if you're unsure about a specific feature or setting, our support team would be happy to help. Please submit a ticket at https://my.hawkhost.com/submitticket.php for further assistance.

Proactive Defense is a unique Imunify360 feature that can prevent malicious activity through PHP scripts. It is available as a PHP module for Apache and LiteSpeed web servers and analyzes script activity using known patterns like obfuscated command injection, malicious code planting, sending spam, SQL injection etc. This feature is available on all shared, cloud web hosting, semi-dedicated, and reseller hosting plans.

To enable Proactive Defense:

1. Login to cPanel and use the search to locate the Imunify360 interface. Click the Imunify360 icon.
   
   
   
   
2. From the Imunify360 interface, select the Proactive Defense option from the top menu navigation.
   
   

Using Proactive Defense:

1. Proactive Defense offers three modes:
   
   Disabled: Proactive Defense will not be used for your account.
   Log only: Proactive Defense will detect/identify malicious PHP scripts, code, etc. but it will not take action, only log the events.
   Kill Mode: Proactive Defense will immediately kill the PHP script performing malicious activity under your account. Kill Mode also logs events in addition to killing scripts.
   
   
2. When Kill Mode is enabled, any detected malicious PHP scripts and their actions will be displayed under Detected Events. When an event is detected you will be given Action options on how to handle the Detected Event. Options include:
   
   View file content: View the content (code) of the malicious PHP script
   Move IP to the Black List: Block the IP which called the script and prevent it from completing the same request in the future
   Move file to Ignore List (ignore detected rule): Allows you to exclude the file from Proactive Defense analysis for a particular rule. Useful in the case of a false-positive detection, or when debugging a detection issue.
   Move file to Ignore List (ignore all rules): Allows you to exclude the file from Proactive Defense for all rules
   Remove file from Ignore List: Removes the file form your Ignore List and will enable Proactive Defense detection on the file again

Additional reading/details about Proactive Defense can be found on the the Imunify360 Documentation Page

We allow you to change your primary domain or your accounts username. All you'd need to do is submit a support ticket providing the domain you'd like to change to, or the new user name you'd like.

Note: The username cannot start with a number, it must start with a letter and is limited to 8 characters. Resellers also are unable to change their username.

Our AutoSSL system will email your cPanel contact email address when there is a successful renewal, expiration, or installation failure. If you wish to modify your notifications you can do so using the "Contact Information" interface in cPanel:

1. Login to cPanel for your account (login details can be found in your client area).
   
   
2. Once you've logged in to cPanel, search for the "Contact Information" interface. Click on the "Contact Information" icon.
   
   
   
   
   
   
3. Within the "Contact Information" interface you will see multiple options related to AutoSSL. Select the check box next to each option to enable/disable per your notification preferences.
   
   
   
   
   
   
4. Scroll down and click "Save" when you've made the desired changes.

If you've lost your hardware device previously used to configure cPanel Two-Factor Authentication please refer to this KB article on how to disable 2FA.

If you still have access to your hardware device and still wish to disable Two-Factor Authentication for cPanel please follow the steps below:

1. Login to cPanel for your account and use the search bar to locate the 'Two-Factor Authentication' interface. Click the 'Two-Factor Authentication' icon that appears.
   
   
2. You will see an icon titled 'Remove Two-Factor Authentication'. Click this button.
   
   
3. You will be asked 'Are you sure you want to remove two-factor authentication from your account?'. If you wish to proceed click 'Remove'.
   
   
4. You will be prompted to enter the current 6 digit 2FA code from your hardware device. Enter the code and click 'Proceed'.
   
   
5. Two-Factor Authentication will now be disabled on your cPanel account.

All of our shared, cloud web hosting, semi-dedicated, and reseller hosting plans support enabling DNSSEC. To enable DNSSEC on your domains:

1. Login to cPanel for your hosting account and use the search bar to look for the "Zone Editor" interface:
   
   
   
   
2. From the "Zone Editor" interface select the "DNSSEC" button to the right of your domain:
   
   
   
   
3. From the "Zone Editor DNSSEC" page click "Create Key":
   
   
   
   
4. You will then be met with a popup dialogue window titled "Confirm Create". For most users the default values will be accepted by the registry, but if you do have special requirements use the "Customize" interface. Otherwise, click "Create":
   
   
   
   
5. Once you click create you will be redirected to the "DNSSEC Key Details" page which contains all the DNSSEC information necessary to configure DNSSEC on your domain with your registrar:
   
   
   
   
6. You will now be able to view these DNSSEC keys at any time through cPanel in the Zone Editor:
   
   

All shared, reseller, and semi-dedicated services have ModSecurity (Modsec) enabled by default. ModSecurity is a standard ruleset that enables an extra layer of security in front of your sites, keeping them safe from known exploits with software used in our environment. It is generally best practice to keep Modsec enabled.

A 403 error is a common symptom of triggering a Modsec rule. If you find your site hitting a 403 error you can contact our support team and ask we review our logs for the specific Modsec rule you're triggering. We will require you provide your personal IP (https://myip.hawkhost.com) to identify the Modsec rule(s) you're hitting. Once the Modsec rule ID is identified, that specific rule can be disabled through your .htaccess using the following syntax:

SecRuleRemoveById 12345

In the above example you'd replace "12345" with the rule ID identified through our logs by working with our support team.

If you wish to fully disable Modsec this can be done through the ModSecurity interface in cPanel:

1. Login to cPanel for your account and use the top-right search to look for the ModSecurity interface:
   
   
   
   
2. From the ModSecurity interface, locate the domain(s) you wish to disable Modsec. To the right of the domain is an On|Off toggle, switch the status accordingly:
   
   
   
   
3. Modsec will now be disabled and you should no longer see a 403 error on your site(s).

You can install the WordPress CLI (wp-cli) on any hosting plan by following these instructions:

1. Connect to your hosting plan via SSH
   
   
2. Once connected run the following command in your SSH terminal: curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
   
   
3. The phar file needs to be executable so we'll chmod it by typing: chmod +x wp-cli.phar
   
   
4. Now that the wp-cli is installed we'll modify your .bashrc file to respect the wp command. To do this, type the following in your SSH terminal: alias wp='~/wp-cli.phar'
   
   
5. Next type the following command in your terminal: echo "alias wp='~/wp-cli.phar'" >> .bashrc
   
   
6. Lastly we'll use the source command to make sure bash initializes properly: source .bashrc

You should now be able to change to your active Wordpress installation directory and use the wp command.

All shared, reseller, and semi-dedicated hosting services with us allow you to mass install free and trusted SSL certificates from Let's Encrypt. Our servers have AutoSSL enabled meaning we will attempt to automatically install an SSL certificate on your domains. If you wish to disable AutoSSL on a domain hosted from your account please follow these instructions:

1. Login to cPanel for your account (login details can be found in your client area).
   
   
   
2. Once you've logged in to cPanel, search for the "SSL/TLS Status" interface. Click on the "SSL/TLS Status" icon.
   
   
   
   
   
3. By default all of your domains will be included in AutoSSL. To exclude a domain, use the provided search bar to locate the domain name. Select the domain(s) you wish to disable and then click "Exclude Domains from AutoSSL":
   
   
   
   
   
4. The previously selected domain names will now be excluded from future AutoSSL runs.

The following rules can be added to your sites .htaccess file to force visitors to use SSL/HTTPS when visiting your website.

To force SSL on all websites located under your .htaccess, add this rule:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

To force SSL on a single/specific website and not all websites, add this rule:

RewriteEngine On
RewriteCond %{HTTP_HOST} ^domain\.com [OR,NC]
RewriteCond %{HTTP_HOST} ^www\.domain\.com [NC]
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

In the above example you would replace "domain.com" with your specific domain name.

Please note that in order for SSL/HTTPS to work you must first have an SSL certificate install on your site. We offer free SSL certificates through Let's Encrypt. Instructions on how to install your free SSL certificates can be found here: How to install your free Let's Encrypt SSL Certificates

These instructions are for a purchased SSL certificate. All shared, cloud web hosting, semi-dedicated, and reseller plans include free SSL via Let's Encrypt: How to install Let's Encrypt SSL

You can easily generate a CSR (Certificate Signing Request) for an SSL certificate through the SSL/TLS manager in cPanel. The generated CSR can be used for certificates purchased from Hawk Host or any other third party CA (certificate authority).

1. Login to cPanel for the account you wish to generate the CSR for. Once you've logged in, type 'SSL' into the top left finder and select the "SSL/TLS" interface:
   
   
   
   
2. Before you can generate a CSR, you must generate a private key for the domain. Select the option to 'Generate, view, upload or delete your private keys.' under the Private Keys (KEY) section:
   
   
   
   
3. Your key size should be either 2,048 or 4,096 bits. For the "Description", enter the domain name that will have this SSL certificate:
   
   
   
   
4. Once generated, you will be redirected to a page which displays your Private Key information. Scroll to the bottom and click "Return to SSL Manager"
   
   
5. Now that you have a Private Key generated for your domain, you will want to generate a Certificate Signing Request (CSR) for the host. From the SSL/TLS manager page in cPanel, select the 'Generate, view, or delete SSL certificate signing requests under the Certificate Signing Request (CSR) section:
   
   
   
   
6. You will now be on the page to generate a new CSR. From the Key* dropdown, select the key you generated