Technical Policies for Reseller Accounts

WHM / cPanel Servers

This document establishes the technical and operational guidelines for clients with Reseller access (WHM).

The objective is to maintain server stability, security, and optimal performance.

The Reseller is directly responsible for the accounts they create and manage.

1. Reseller Responsibility

The Reseller client is responsible for:

• Accounts created under their WHM access
• Content hosted by their clients
• Resource consumption generated by their accounts
• Basic security of CMS installations
• Compliance with email best practices

Any incident generated by a sub-account will directly impact the Reseller.

2. Account Creation and Management (WHM)

The Reseller must:

• Create accounts only for legitimate purposes
• Assign hosting packages according to contracted resources
• Avoid irresponsible overselling that overloads the server
• Maintain proper organization of domains, subdomains, and DNS
• Suspend problematic accounts under their management when necessary

The following is strictly prohibited:

• Attempting to modify global server configurations
• Altering services such as Exim, Apache, global PHP settings, or firewall configurations
• Attempting to access accounts belonging to other Resellers

3. Resource Management

Each Reseller must monitor:

• CPU usage
• Memory consumption
• Number of processes
• Inode usage
• Monthly bandwidth

Accounts generating:

• Excessive CPU consumption
• Persistent processes
• Disk saturation
• Brute-force attacks
• Mass email sending

May be limited or suspended to protect overall server performance.

4. Email Policies (Exim)

The Reseller is responsible for proper email usage across their accounts.

Not permitted:

• SPAM
• Purchased mailing lists
• Uncontrolled bulk email scripts
• Abusive external SMTP usage
• Open relay configurations
• Sending email without authentication

Recommended best practices:

• Configure SPF, DKIM, and DMARC for each domain
• Establish reasonable sending limits
• Monitor mail queues when necessary
• Educate clients on email best practices

If an account causes blacklisting, the Reseller must actively collaborate in remediation and cleanup.

5. CMS Security (WordPress, Joomla, etc.)

The Reseller must promote and supervise that their clients:

• Keep CMS platforms updated
• Avoid nulled or pirated plugins/themes
• Remove obsolete installations
• Secure administrator access
• Implement basic security measures

Infected accounts may be temporarily isolated to prevent propagation.

6. SSL and HTTPS

All domains must operate under HTTPS.

The Reseller must:

• Verify AutoSSL activation
• Renew commercial SSL certificates when applicable
• Avoid misconfigurations that generate security errors

7. Technical Best Practices

Resellers are encouraged to:

• Disable outdated PHP versions on sub-accounts
• Use stable, supported PHP versions
• Implement independent backup systems
• Maintain organized application version management
• Avoid accumulation of abandoned installations

8. Backups

Although the server may include backups, the Reseller must:

• Maintain independent external backups
• Provide clear backup policies to their clients
• Avoid relying exclusively on server-level backups

9. Security Incidents

In cases of:

• Active malware
• Outbound attacks
• Confirmed SPAM
• Phishing
• Resource saturation

The following measures may be applied:

• Temporary limitations
• Partial suspension
• Account isolation
• SMTP sending restrictions

The Reseller will be notified to take corrective action.

10. Purpose of These Policies

These policies are intended to:

• Maintain server stability
• Protect IP reputation
• Prevent blacklisting
• Reduce hacking risks
• Ensure a professional hosting environment for all clients

A responsible Reseller strengthens the entire infrastructure.