Install Cpanel
cd /home && curl -o latest -L https://securedownloads.cpanel.net/latest && sh latest
Install Basic Software
cd yum install -y git git clone https://github.com/HostOnNet/server-setup.git cd ~/server-setup ./rhel-server.sh
On CloudLinux Server, run
./cloudlinux-cagefs.sh ./cloudlinux-mysql-governor.sh ./cloudlinux-php.sh
Cpanel Configuration
Cpanel Server Update Preferences
Service Manager Configuration
Disable following services
Eximstats Entropy Chat Server cPHulk Daemon Mailman Passive OS Fingerprinting Daemon
FTP Server Config (pureftpd)
Make following changes
FTP Server Configuration > TLS Encryption Support = Disabled FTP Server Configuration > Allow Anonymous Logins = No FTP Server Configuration > Allow Anonymous Uploads = No FTP Server Configuration > Allow Logins with Root Password = No
Security Center Configuration
WHM > Security Center > Apache mod_userdir Tweak = ENABLE WHM > Security Center > Compiler Access = DISABLE WHM > Security Center > PHP open_basedir Tweak = ENABLE WHM > Security Center > Shell Fork Bomb Protection = ENABLE WHM > Security Center > SSH Password Authorization Tweak = DISABLED WHM > Security Center > cPHulk Brute Force Protection = DISABLE (use CSF)
Service Configuration
Configure PHP and suEXEC [Default PHP Version = 5, PHP 5 Handler = suphp, Apache suEXEC = on] cPanel log rotation configuration = All logs need to be rotated. exim configuration manger > Scan outgoing messages for spam and reject based on spamassassin® internal spam_score setting [?] on
Apache Configuration
WHM > Apache Configuration > Global Configuration > TraceEnable > Off WHM > Apache Configuration > Global Configuration > ServerTokens > ProductOnly WHM > Apache Configuration > Global Configuration > FileETag > None
Save AND then Rebuild Configuration and Restart Apache, otherwise the changes will not take effect in httpd.conf
Other Settings
* Backup
* CSF
