This is a very basic guide showing you how to get started with installing cPanel on a VPS, and adding an extra layer of security using the free Config Server Firewall, or CSF.
Cpanel recommends a server or VPS with 1GB RAM as a minimum, but unless you are only testing or are on a budget, use a 4GB Linode and add the same amount of SWAP space. For the server software, choose Centos 7.0 (or later) and make sure you have the right hostname, eg a a fully qualified domain like server.example.com. Take note of the password you set and IP given under remote access, then and add the IP to the required DNS A (IPv4) and AAAA (IPv6) records with your DNS provider. We will be using the IP 127.0.0.1 and the hostname server.example.com in this tutorial, your details will be different.
Change root password and ssh port
Once the file opens up, near the very top you’ll see a line that reads like this:
First thing we want to do is remove the hash (#) so that it reads this line, and next you can change the 22 to whichever port you want to use for SSH. I’d recommend something completely unassigned and unregistered so that you don’t conflict with anything on your server, or anything that you might put on your server down the road. Something between 49152 and 65535 is a good idea.
Once you’ve edited that line, save the file and restart the ssh service using the following command:
service sshd restart
Set and verify the hostname
Which should as an example return:
Change the hostname, which is done in /etc/sysconfig/network, or by typing in:
Prepare apache and install cPanel
You might be blocked by IPtables, so disable this for now:
service iptables stop
chkconfig iptables off
In order to install cPanel, you need perl. This might already be installed on later versions of Centos.
yum install perl
Then to install cPanel & WHM, first update the server, then run the installation command:
cd /home && curl -o latest -L https://securedownloads.cpanel.net/latest && sh latest
Now is a very good time to get a cup of tea as this can take some time… But once done, exit SSH for now and open a browser.
Getting started in WHM
To access the WHM interface, open your favourite browser, and go to server.example.com:2087.
When accessed for the first time, you will be guided through the core options. Set it all up as you require, and then run easyApache to remove, or add, or update any software you want. I’d recommend updating MySQL before this, as that update will require EasyApache to run again.
Securing the server
Install CSF firewall
Installation is quite straightforward:
rm -fv csf.tgz
tar -xzf csf.tgz
After the setup of CSF, you need to edit the configuration and and activate CSF.
Now that you have CSF installed, run “Check Server Security” and action accordingly.
There we go, that’s all you need to do to get going.