📚
💡
🖥️
🔧
🌐

Comprehensive Knowledge Base

Access tutorials, guides, and support documentation with Lyvora Technologies to maximize your hosting and web solutions.

Knowledge Base
1 — Hosting Types & How to Choose

Hosting options are tailored to different needs. Below is a concise decision guide with pros/cons and when to choose each:

  • Shared Hosting — budget friendly; server resources shared; ideal for small blogs, portfolios, small business sites. Good for: low traffic, minimal configuration. Not ideal for: high-traffic or resource-heavy sites.
  • VPS (Virtual Private Server) — virtualized slices on a host; dedicated vCPU/RAM; root access possible; ideal for predictable performance and moderate traffic or custom server software.
  • Dedicated Servers — whole physical server for one customer. Use when you need full control or very high throughput / IOPS.
  • Cloud Hosting — horizontal scaling and pay-as-you-go; great for unpredictable spikes and auto-scaling applications.
  • Managed WordPress Hosting — tuned stack for WordPress with caching and automatic updates; perfect for WP shops that want hands-off server ops.
2 — Buying & Activating a Hosting Account (Step-by-step)
  1. Compare plans: evaluate disk (SSD vs NVMe), RAM, vCPU, monthly bandwidth, backup frequency, included SSL, staging, control panel, and SLA/support hours.
  2. Select domain option: register new domain or use existing (update nameservers later).
  3. Choose billing term: annual is often cheaper per month and prevents accidental expiry.
  4. Complete purchase: receive confirmation and login credentials to client portal and cPanel/WHM if applicable.
  5. First-time login: update password, enable 2FA, add recovery email/phone, set contact preferences.
3 — Deploy your first site (detailed)

Two common deployment flows: cPanel File Manager and SFTP/FTP.

  1. Via cPanel File Manager
    1. Login to cPanel → File Manager → navigate to public_html (primary domain root).
    2. Use Upload → select file(s) or .zip archive. For many files, upload .zip and use Extract to reduce transfer time.
    3. Set correct file/folder permissions — usually 644 for files and 755 for folders; sensitive files (configuration) may be stricter.
    4. Test the site in the browser and check resources like JS/CSS and images. Use Developer Tools (Console & Network) for missing asset debugging.
  2. Via FTP/SFTP
    1. Create an FTP account in cPanel → FTP Accounts (or use SFTP if supported for secure transfers).
    2. Open FileZilla/WinSCP → Host: yourdomain.com or IP; Protocol: SFTP (recommended) → Port: 22 for SFTP or 21 for FTP → Username/password from cPanel.
    3. Transfer files to public_html. Use binary mode where applicable; compare file sizes and timestamps if mismatches happen.
    4. For large sites consider rsync over SSH (for VPS/dedicated) to efficiently sync large trees and perform incremental transfers.
4 — Multi-site hosting strategies

There are three common ways to host multiple sites:

  • Addon domains (single cPanel account): low overhead, quick to set up; all sites share same account resources.
  • Multiple cPanel accounts via WHM: better isolation, separate quotas — recommended for resellers.
  • WordPress Multisite: shared codebase with networked sites — best when sites share common plugins/theme and you want central management.
5 — Staging & testing workflow
  1. Create a staging subdomain (e.g., staging.yourdomain.com) or use host staging features.
  2. Clone the live site (files + DB) and push to staging. Use plugins (WP Staging) or manual DB + files copy.
  3. Test updates and changes on staging, verify performance and security, then push to production with zero-downtime strategies (sync db diffs and files, then update DNS if needed).
6 — Initial hardening & recommended post-purchase checklist
  • Change default passwords and enable 2FA for hosting account and cPanel.
  • Set up automated backups: daily for dynamic sites, weekly for static sites, with remote replication (S3/backblaze).
  • Install basic monitoring and alerts for disk, CPU, and latency.
  • Harden SSH (if available): use key pairs, disable root login, consider rate limiting.
  • Ensure AutoSSL or a valid TLS certificate is active.
7 — Useful commands & debugging tips (VPS/Dedicated)

(requires shell access)

 # Check disk space df -h # Check memory usage free -m # Tail error log (Apache) tail -f /usr/local/apache/logs/error_log # Restart Apache / Nginx systemctl restart httpd systemctl restart nginx # Sync local to remote via rsync rsync -avz --delete -e "ssh -p 22" /local/path/ user@server:/home/user/public_html
8 — Common hosting issues & fixes
  • 500 Internal Server Error: check PHP error log, inspect .htaccess for bad directives or plugin conflicts.
  • Permissions errors: ensure files 644 and folders 755; set correct owner (www-data/apache/nginx user depending on distro).
  • Slow page loads: enable caching, check DB queries, upgrade resources or use CDN.
1 — Domain basics & naming strategy

A domain is your online identity (example.com). Consider brand fit, ease of spelling, shortness, and suitable TLDs. Important commercial rules:

  • Prefer .com for international presence; use local ccTLDs for geo-targeting (.lt, .uk, .de).
  • Use hyphens only if necessary; avoid long confusing strings.
  • Register similar TLDs to avoid brand abuse (optional but recommended).
2 — Step-by-step Registration with Lyvora
  1. Search domain name using Lyvora domain tool. Consider alternative suggestions if your first choice is taken.
  2. Choose registration length and privacy (WHOIS privacy hides your contact details from public WHOIS).
  3. Complete checkout. The domain will appear in your Lyvora dashboard under Domains.
  4. Set nameservers (use Lyvora nameservers if you want DNS management in cPanel, or set to Cloudflare/other if you want external DNS control).
3 — Transfers: precise process & gotchas
  1. Ensure domain is older than 60 days and not locked due to recent changes.
  2. At current registrar: unlock domain and request EPP/Auth code; disable WHOIS privacy to receive transfer confirmation emails.
  3. Initiate transfer in Lyvora → input EPP → approve transfer emails — finalization takes usually 2–7 days.
  4. Keep a maintenance window and monitor email for any required approvals.
4 — DNS core records explained (with examples)

Key DNS records you will use often:

  • A — map hostname to IPv4 (e.g., example.com A 198.51.100.23).
  • AAAA — map to IPv6 (e.g., example.com AAAA 2001:db8::1).
  • CNAME — alias to another hostname (e.g., www CNAME example.com), not allowed on zone root.
  • MX — mail servers with priority (e.g., 10 mx1.mailprovider.com).
  • TXT — arbitrary strings used for SPF, DKIM, verification (e.g., Google site verification).
  • SRV — service records for SIP/XMPP (specify priority, weight, port and target).
  • NS — authoritative nameservers for the domain. Changing NS delegates control of zone.
5 — SPF / DKIM / DMARC — setup & examples

These three together vastly improve email trust and deliverability.

  1. SPF: Add a TXT record, e.g.: 
    v=spf1 a mx include:_spf.google.com ~all
    – use include for third-party senders and keep string length reasonable.
  2. DKIM: Generate a DKIM key (cPanel or mail provider). Publish public key as TXT: 
    default._domainkey.example.com v=DKIM1; k=rsa; p=PUBLICKEY
    Enable signing on your mail server.
  3. DMARC: Start with monitoring: 
    _dmarc.example.com TXT "v=DMARC1; p=none; rua=mailto:dmarc@example.com"
    Move to quarantine and then reject as confidence increases.
6 — TTL & propagation best practices

TTL controls caching duration at resolvers. For migrations: lower TTL to 300 (5 min) a day before changes; after stable, increase to 3600–86400.

7 — Reverse DNS (PTR)

PTR maps IP → hostname and is used by many receiving MTAs to validate email source. PTR must be configured by the IP owner (your hosting provider or cloud provider). Ensure PTR matches the HELO/EHLO of your mail server for best deliverability.

8 — DNS troubleshooting checklist
  1. Confirm authoritative nameservers with whois or online tools.
  2. Query authoritative server with dig @ns1.provider example.com A.
  3. Check for conflicting records (no CNAME at root, no duplicate NS records).
  4. Validate SPF/DKIM results with tools like MXToolbox and DMARC analyzers.
  5. For propagation issues use DNS Checker to view global resolution.
1 — Certificate types & selection guide
  • Let’s Encrypt / AutoSSL (DV) — free, automatic, great for most websites; renews every 90 days automatically when enabled.
  • Paid DV/OV/EV — extra validation and warranty; OV/EV often used for corporate or e-commerce sites requiring higher trust.
  • Wildcard — single certificate for all subdomains (*.example.com).
  • SAN / Multi-domain — secure multiple different domains on one certificate; useful for consolidated setups.
2 — AutoSSL (cPanel) step-by-step
  1. Login to cPanel → SSL/TLS Status → Click “Run AutoSSL”. AutoSSL will request and install certificates for eligible domains/subdomains automatically.
  2. If AutoSSL fails for a subdomain, inspect the domain’s DNS and ensure HTTP verification works (port 80 should be reachable by Let’s Encrypt validation server).
  3. After issuance, test HTTPS in browser and check cert path; use SSL Labs test for deep diagnostics.
3 — Manual install for paid certificates
  1. Generate CSR in cPanel → SSL/TLS → Certificate Signing Requests (fill accurate org information).
  2. Submit CSR to Certificate Authority, complete validation (email/file/DNS).
  3. Install certificate and CA bundle via cPanel → SSL/TLS → Manage SSL Sites.
  4. Force HTTPS via .htaccess or server-level redirect and check for mixed-content (use browser console to find non-HTTPS assets).
4 — HTTPS hardening checklist
  • Disable TLS 1.0/1.1, prefer TLS 1.2+ and TLS 1.3 where supported.
  • Configure strong ciphers; prefer ECDHE suites and avoid RC4, DES.
  • Enable HSTS carefully (test with max-age=3600 before long durations); includeSubDomains only when certain.
  • Enable OCSP stapling to serve certificate status quickly.
  • Use secure cookie flags (Secure, HttpOnly, SameSite).
5 — Web Application Firewall (WAF) & DDoS mitigation

WAFs (ModSecurity, Cloudflare, Sucuri) protect against common web threats (SQLi, XSS, etc.). Use managed WAF or a CDN with WAF rules for best defense. For DDoS, employ CDN/edge scrubbing services with anycast and rate limiting.

6 — Access control & multi-factor
  • Enable 2FA for cPanel, WHM, and any admin panels.
  • Use SSH public-key auth on servers; disable password auth if possible.
  • Implement role-based accounts in team environments and rotate credentials regularly.
7 — Emergency playbook (quick containment)
  1. Take compromised VM/site offline or put behind maintenance/deny rules.
  2. Collect logs and forensic snapshots (disk image, DB exports) before making changes.
  3. Identify entry vector, remove malicious files/backdoors, change all admin passwords and rotate keys.
  4. Restore from known-good backups and patch the vulnerability; inform stakeholders per legal/regulatory obligations.
1 — One-click install (Softaculous)
  1. cPanel → Softaculous Apps Installer → WordPress → Install.
  2. Choose installation domain and directory, admin username (avoid ‘admin’), and a strong password; fill site name and description.
  3. Finish installation and login at /wp-admin. Immediately install security plugin and backup solution.
2 — Manual install / advanced options
  1. Download WordPress from wordpress.org and upload to server.
  2. Create MySQL DB and user via cPanel and grant privileges.
  3. Set up wp-config.php with DB credentials and unique salts (use WordPress secret-key generator).
  4. Complete web-based setup and configure permalinks and basic settings.
3 — Migration best practices (plugin & manual)

Choose plugin-based for simplicity; manual approach for max control.

  1. Plugin path: All-in-One WP Migration / Duplicator → export full package → import on new host → update permalinks and reissue SSL.
  2. Manual path: Export DB via phpMyAdmin, copy wp-content, upload to new host, import DB, update wp-config and run search-replace for old->new domain (use WP-CLI or interconnect/it tool).
  3. Test media, links, and scheduled tasks (cron); if using scheduled tasks, configure alternative cron execution (WP-Cron via real cron) for reliability.
4 — WooCommerce — full store setup checklist
  1. Install WooCommerce plugin and run the setup wizard (store address, currency, product types).
  2. Configure tax rules and shipping classes (use zones for per-country rules).
  3. Setup payment gateway(s): Stripe, PayPal — ensure webhooks configured and tested in sandbox first.
  4. Configure product data: SKUs, stock management, variations, downloadable product settings, and image sizes.
  5. Protect checkout with HTTPS, implement cart/checkout caching exemptions where necessary, and minimize cart fragments that can cause extra queries.
5 — Security & hardening for WP/WooCommerce
  • Restrict wp-admin by IP or add 2FA for admin accounts.
  • Keep core/plugins/themes updated; use staging to test updates.
  • Limit plugin count; remove unused plugins/themes.
  • Schedule daily backups for stores and keep backups offsite).
6 — Performance tuning for WordPress stores
  • Use server-level caching and an optimized cache plugin; test cache behavior carefully for dynamic checkout pages.
  • Enable object cache (Redis) to reduce DB load for high-traffic stores.
  • Offload media to CDN or object storage; serve images as WebP and use lazy loading.
  • Monitor slow query logs and add indexes where necessary to heavy WC tables (wc_order_items etc.).
7 — Scaling architecture notes

Large stores often separate web & DB tiers (managed DB like RDS or MySQL cluster), use read-replicas, and offload sessions/carts to Redis. Employ horizontal scaling with a load balancer and sticky sessions or shared session store.

1 — Create & manage mailboxes (cPanel)
  1. cPanel → Email Accounts → Create: enter local part (e.g., info) and choose domain, set a strong password and quota.
  2. Use forwarders for role addresses (sales@ → owner@) and set autoresponders where appropriate.
  3. Delete or archive unused accounts to reduce attack surface and licensing costs.
2 — IMAP vs POP3 vs Exchange

IMAP is recommended for multi-device sync. POP3 is legacy and downloads mail. Exchange or hosted Microsoft 365 provides calendaring and contact sync—useful for organizations requiring shared calendars.

3 — Client configurations (detailed)
Outlook (Windows / Mac)
  1. File → Add Account → Manual Setup → POP/IMAP.
  2. Incoming (IMAP): mail.yourdomain.com Port 993 (SSL/TLS). Username = full email address.
  3. Outgoing (SMTP): mail.yourdomain.com Port 587 (STARTTLS) or 465 (SSL). Enable SMTP auth.
  4. For Exchange/Hosted, use Exchange connector and auto-discovery if available.
Gmail web (send-as) & import
  1. Gmail Settings → Accounts & Import → Add a mail account → follow steps for POP3 import or SMTP send-as configuration.
  2. Configure SMTP with mail.yourdomain.com and proper port/credentials so Gmail can send as your domain.
iOS Mail / Android Gmail app
  1. Add account → Other → Add Mail Account (iOS) or Other (Android) → enter full email and password.
  2. Set IMAP (recommended) with incoming server mail.yourdomain.com, port 993 SSL; SMTP port 587 STARTTLS.
4 — SPF / DKIM / DMARC (actionable setup)
  1. SPF: Publish a TXT record like: 
    v=spf1 a mx include:_spf.yourprovider.com ~all
    Use ~all for soft fail during setup; move to -all when confident.
  2. DKIM: Generate key on mail server or via provider; publish public key under default._domainkey. Enable signing on mail server.
  3. DMARC: Start with monitor mode: 
    _dmarc.example.com TXT "v=DMARC1; p=none; rua=mailto:dmarc@example.com; ruf=mailto:forensic@example.com; pct=100"
    Transition to quarantine then reject based on reports.
5 — Deliverability troubleshooting
  • Check logs for bounce codes: 5xx = permanent, 4xx = temporary. 550 often indicates blocked or IP blacklisted.
  • Use tools: MXToolbox, Mail-Tester.com, and Google Postmaster Tools to assess reputation and authentication.
  • Warm-up new IPs: start with small volumes and gradually increase to build reputation.
  • Avoid content triggers: too many images, spam phrases, and poor HTML structure can trigger filters.
6 — Bulk mail recommendations
  1. Prefer transactional/Bulk ESPs (SendGrid, Mailgun, Amazon SES) for high volume instead of host SMTP.
  2. Segment your audience, implement suppression lists and unsubscribes, and monitor complaint/bounce rates.
  3. Authenticate and set reverse DNS for sending IPs used by ESPs or your own server.
1 — Backup strategy fundamentals
  • Define RPO and RTO for each application (how much loss acceptable and how quickly recovery must occur).
  • 3-2-1 rule: 3 copies, 2 different media, 1 offsite.
  • Consider encryption for backups at rest and in transit.
2 — Manual full account backup (cPanel)
  1. cPanel → Backups → Download a Full Account Backup. Choose destination: home directory or remote FTP.
  2. When complete, download to local storage or push to cloud (S3/B2) for long-term retention.
  3. Verify archive integrity by extracting in a test environment.
3 — Database-only backup options
  1. phpMyAdmin: Export → Quick/Custom → SQL. For large DBs use compression and chunking.
  2. SSH: 
    mysqldump -u dbuser -p dbname | gzip > dbname.sql.gz
  3. For extremely large DBs use Percona Xtrabackup or managed DB snapshots for zero lock backups.
4 — Automated backups & retention

Use host-managed daily snapshots where available; otherwise schedule scripts that create dumps and push to remote (s3cmd/rclone). Retention strategy example: daily x7, weekly x4, monthly x6.

5 — Restore scenarios & steps
  1. File restore: upload and extract archive to appropriate path; set ownership/permissions.
  2. DB restore: create DB & user → import SQL via phpMyAdmin or CLI: mysql -u user -p dbname < backup.sql.
  3. Full account restore: contact Lyvora support or use WHM (root) restore from backup if you have root access.
6 — Migration with minimal downtime (recommended approach)
  1. Pre-migration: provision target hosting, set PHP/DB versions to match source, enable staging SSL, create DBs and users.
  2. Initial copy: transfer full files + DB to target and configure app (wp-config.php, env variables).
  3. Testing: adjust hosts file locally to test the new host before DNS change. Check email, cron jobs, and background workers.
  4. Sync: when ready, perform incremental sync (rsync for files, mysqldump for DB deltas) to minimize divergence.
  5. Cutover: reduce DNS TTL in advance; at cutover update A record to new IP. Monitor logs and verify services (emails, SSL).
  6. Rollback plan: keep old host for a short window and have DNS TTL rollback plan if critical issues appear.
7 — Migration pitfalls to avoid
  • Mismatch in PHP extensions or versions — verify phpinfo().
  • Hardcoded URLs in DB or config — run search-replace carefully, especially serialized data (use WP-CLI for WordPress).
  • Missed cron jobs or scheduled tasks — re-create them on the target host.

Scroll to Top