Now that we have a clean installation of CyberPanel, there are some immediate steps that should be taken with regards to configuration. Part 3 of the series will focus on these. Specifically, this article will step through the following:
- Introduction - Watch on YouTube
- Update CyberPanel admin account - Watch on YouTube
- Create a root website for web and e-mail - Watch on YouTube
- Configure NameServers in CyberPanel - Watch on YouTube
- Review DNS Records - Watch on YouTube
- Run DNS check - Watch on YouTube
- Enable SSL on the mail server - Watch on YouTube
- Create an e-mail account - Watch on YouTube
- Get e-mail server details for 3rd party mail clients - Watch on YouTube
- Test mail using Rainloop webmail - Watch on YouTube
- Run mail-tester.com test on mail server - Watch on YouTube
- Configure and test Thunderbird with SSL/TLS enabled protocols - Watch on YouTube
- Video Walk-through
Let’s get started with the configuration now!
Update CyberPanel admin account
- Log into your freshly installed CyberPanel page at https://your-server-FQDN:8090
- Click Users, then Modify User
- Select the “admin” account from the dropdown
- Update the first & last name fields, e-mail address, and validate the password.
- Optionally enable 2 Factor Authentication. I would highly recommend this! Just be sure to have a phone/tablet ready with your Authentication app. Personally, I use 1Password since it can scan the QR code and store the TOTP with a password entry. This makes it particularly easy to fill-in the TOTP when prompted at login!
Create a root website for web and e-mail
Next, we’ll get a root website setup with SSL and enable e-mail.
- Under “Websites” on the left, click “Create Website”
- For Website Details:
- Select Package: Defaults
- Select Owner: admin
- Domain Name: type in your root domain name here
- Email: specify your e-mail address
- Select PHP: Select your desired PHP version. You cannot leave this unselected as it will prevent you from submitting the from.
- Additional Features: Check the additional features.
- SSL: will enable Lets Encrypt automatic SSL Ceritifcate for the website
- DKIM Support: Creates necessary DNS records (default RSA sha256 domainkey) in the CyberPanel DNS Server
- Open basedir protection: prevents PHP sccripts from accessing files outside of the website’s root directory
- Create Mail Domain: (optional) This will create a child domain (and relevant DNS records) named mail.your-root-domain (for example, mine created mail.mylab.page)
Configure NameServers in CyberPanel
Now let’s get our CyberPanel setup for NameServer functionality.
- On the left side of the page, click “DNS”, then “Config Default Nameservers”
- Enter the FQDN of each of the Nameservers you defined with your registrar
- Click “Save” when done
Now that the Nameservers are defined, let’s actually create them!
- On the left side of the page, click “DNS”, then “Create Nameserver”
- For Domain Name, enter your root domain name that these Nameservers will be servicing
- Next, for First and Second Nameserver, Enter the FQDN of each of the Nameservers you defined with your registrar
- Finally, enter the IP Address of the server (VPS) that you have installed CyberPanel on
- Click “Create Nameserver” when done
Review DNS Records
The Nameserver is setup, so it’s time to verify all the necessary records have also been initialized.
- On the left side of the page, click “DNS”, then “Add/Delete Records”
- Next, select your root domain from the Select Domain dropdown
- Click the “A” to review your “A” records, then proceed through each of the tabs. CNAME, MX, TXT, NS, and SOA should all have records in them
Run DNS check
It’s a good idea to use some external tools to verify that the world sees your DNS server and can properly do lookups with your DNS server. Here are a couple great tools to check your records and DNS health:
Enable SSL on the mail server
Being able to have secure authentication when sending and receiving e-mail is a critical feature of mail that cannot be ignored these days. In order to allow for SSL/TLS enabled connections to the mail server, a valid SSL Certificate must be installed on the mail server, and each component told where to find the certificate files. Fortunately, CyberPanel makes this a pretty easy task due to its integration with Lets Encrypt. Follow these steps to enable SSL for the mail services in your newly installed server:
- On the left side of the page, click SSL, then select “MailServer SSL”
- When the right side of the page loads, click the “Select Website” dropdown and select your mail server address; this should match the MX record.
If you had selected Create Mail Domain when creating the website earlier, then your MX record and FQDN of the mail server will be 'mail.your-domain'
- Click the “Issue SSL” button
Create an e-mail account
Now that e-mail should be configured, you need an account to test things and use for any site notifications. Right now is a good time to create an address for your admin account.
- On the left, click Email, then select Create Email
- Click the “Select Website” dropdown and select your root domain.
While the mail server is mail.domain, you want the e-mail address to be account@domain. If you were to choose the mail.domain from the dropdown and create an address there, the resulting address would be firstname.lastname@example.org instead of account@domain!
- Specify the User Name you wish to create as an email address. (Note that to the right of the User Name field, the remaining part of the address is shown. @mylab.page for example…)
- For Password, enter a secure password (or optionally use the Generate button) - be sure to save/document the password for this address.
Make sure to use a secure password. Ideally, it should be different than your CyberPanel login password.
- Click Create Email
Get e-mail server details for 3rd party mail clients
While webmail offers a bit of convenience, it is not always the preferred method of accessing email. People will need to know the server info to use in their desktop/mobile email clients such as Outlook, Thunderbird, Apple Mail, etc… You can find this information as follows:
- On the left, click Email, then List Emails
- Select Domain, choose your root domain (or whichever domain you had created the account on)
- Retrieve the necessary SSL details for POP3, IMAP, and SMTP.
Test mail using Rainloop webmail
CyberPanel does have a built in webmail client: Rainloop. It can be accessed at the same address as your CyberPanel admin page + /rainloop. For example, https://your-server-address:8090/rainloop
- Enter the full e-mail address in the Email field
- Enter the password you set for the account and hit [ENTER]
- You will then be able to manage your mail:
Run mail-tester.com test on mail server
Now that you have a mail account setup, you should do some basic tests yourself with an additional account. An extra step is to use a simple 3rd party website like Mail-Tester to run some extra checks:
The goal with Mail-Tester is to score 10/10.
If you want more in-depth analysis of your Mail configuration, take a look at the great tools by MX Toolbox:
Configure and test Thunderbird with SSL/TLS
Everything is looking good, now we can proceed with setting up a mail client to confirm SSL/TLS connectivity. Since I’m using a Linux Mint OS at the time of this tutorial, I’ll setup Thunderbird. These settings are used in just about any mail client, regardless of OS.
When Thunderbird is launched, you are prompted for an e-mail account. Enter the appropriate details. Double-check that the Server address, ports, SSL, and Authentication are all specified correctly. As seen in the video, Thunderbird did not include the “mail.” prefix to my domain name when it auto-detected the mail settings based on my mail address.
That’s it for Part 3. Join me again for Part 4 where we get a nicer URL for our CyberPanel admin access (and Rainloop), remove the need to use port 8090, enable Dark Mode for CyberPanel, and install Wordpress!
Any comments? Please post them on the YouTube Video - thanks!