• Electric Studio Ltd.
  • Innovation Centre
  • 99 Park Drive, Milton Park

  • Oxfordshire, OX14 4RY
01235 436262 hello@electricstudio.co.uk
Loading...

Blog

← Back to Blog

How to install and secure a cPanel server on Linode

by ElectricStudio, August 22nd 2016
Scroll down

This is a very basic guide showing you how to get started with installing cPanel on a VPS, and adding an extra layer of security using the free Config Server Firewall, or CSF.

We use Linode (referral link) for all of our servers as we find them faster, and they at the time of writing, comes with more storage than say Digital Ocean and Rackspace Cloud.

Cpanel recommends a server or VPS with 1GB RAM as a minimum, but unless you are only testing or are on a budget, use a 4GB Linode and add the same amount of SWAP space. For the server software, choose Centos 7.0 (or later) and make sure you have the right hostname, eg a a fully qualified domain like server.example.com. Take note of the password you set and IP given under remote access, then and add the IP to the required DNS A (IPv4) and AAAA (IPv6) records with your DNS provider. We will be using the IP 127.0.0.1 and the hostname server.example.com in this tutorial, your details will be different.

Change root password and ssh port

/etc/ssh/sshd_config

Once the file opens up, near the very top you’ll see a line that reads like this:

#Port 22

First thing we want to do is remove the hash (#) so that it reads this line, and next you can change the 22 to whichever port you want to use for SSH. I’d recommend something completely unassigned and unregistered so that you don’t conflict with anything on your server, or anything that you might put on your server down the road. Something between 49152 and 65535 is a good idea.

Once you’ve edited that line, save the file and restart the ssh service using the following command:

service sshd restart

Set and verify the hostname

hostname

Which should as an example return:

linode1233455

Change the hostname, which is done in /etc/sysconfig/network, or by typing in:

hostname server.example.com

Then confirm:

Hostname
server.example.com

Prepare apache and install cPanel

You might be blocked by IPtables, so disable this for now:

service iptables stop
chkconfig iptables off

In order to install cPanel, you need perl. This might already be installed on later versions of Centos.

yum install perl

Then to install cPanel & WHM, first update the server, then run the installation command:

yum update
cd /home && curl -o latest -L https://securedownloads.cpanel.net/latest && sh latest

Now is a very good time to get a cup of tea as this can take some time… But once done, exit SSH for now and open a browser.

Getting started in WHM

To access the WHM interface, open your favourite browser, and go to server.example.com:2087.

When accessed for the first time, you will be guided through the core options. Set it all up as you require, and then run easyApache to remove, or add, or update any software you want. I’d recommend updating MySQL before this, as that update will require EasyApache to run again.

Securing the server

Install CSF firewall

Installation is quite straightforward:

rm -fv csf.tgz
wget http://www.configserver.com/free/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh

After the setup of CSF, you need to edit the configuration and and activate CSF.

Securing WHM/cPanel

Now that you have CSF installed, run “Check Server Security” and action accordingly.

There we go, that’s all you need to do to get going.

  • This field is for validation purposes and should be left unchanged.