Install Cpanel
1 | cd /home && curl -o latest -L https://securedownloads.cpanel.net/latest && sh latest |
Install Basic Software
1 2 3 4 5 | cdyum install -y gitgit clone https://github.com/HostOnNet/server-setup.gitcd ~/server-setup./rhel-server.sh |
On CloudLinux Server, run
1 2 3 | ./cloudlinux-cagefs.sh./cloudlinux-mysql-governor.sh./cloudlinux-php.sh |
Cpanel Configuration
Cpanel Server Update Preferences
Service Manager Configuration
Disable following services
1 2 3 4 5 | EximstatsEntropy Chat ServercPHulk DaemonMailmanPassive OS Fingerprinting Daemon |
FTP Server Config (pureftpd)
Make following changes
1 2 3 4 | FTP Server Configuration > TLS Encryption Support = DisabledFTP Server Configuration > Allow Anonymous Logins = NoFTP Server Configuration > Allow Anonymous Uploads = NoFTP Server Configuration > Allow Logins with Root Password = No |
Security Center Configuration
1 2 3 4 5 6 | WHM > Security Center > Apache mod_userdir Tweak = ENABLEWHM > Security Center > Compiler Access = DISABLEWHM > Security Center > PHP open_basedir Tweak = ENABLEWHM > Security Center > Shell Fork Bomb Protection = ENABLEWHM > Security Center > SSH Password Authorization Tweak = DISABLEDWHM > Security Center > cPHulk Brute Force Protection = DISABLE (use CSF) |
Service Configuration
1 2 3 | Configure PHP and suEXEC [Default PHP Version = 5, PHP 5 Handler = suphp, Apache suEXEC = on]cPanel log rotation configuration = All logs need to be rotated.exim configuration manger > Scan outgoing messages for spam and reject based on spamassassin® internal spam_score setting [?] on |
Apache Configuration
1 2 3 | WHM > Apache Configuration > Global Configuration > TraceEnable > OffWHM > Apache Configuration > Global Configuration > ServerTokens > ProductOnlyWHM > Apache Configuration > Global Configuration > FileETag > None |
Save AND then Rebuild Configuration and Restart Apache, otherwise the changes will not take effect in httpd.conf
Other Settings
* Backup
* CSF
