HostOnNet Blog

Cpanel Server Setup

Looking for Linux Server Admin or WordPress Expert? We can help.

Install Cpanel

1
cd /home && curl -o latest -L https://securedownloads.cpanel.net/latest && sh latest

Install Basic Software

1
2
3
4
5
cd
yum install -y git
git clone https://github.com/HostOnNet/server-setup.git
cd ~/server-setup
./rhel-server.sh

On CloudLinux Server, run

1
2
3
./cloudlinux-cagefs.sh
./cloudlinux-mysql-governor.sh
./cloudlinux-php.sh

Cpanel Configuration

Set Server Time to UTC

Cpanel Server Update Preferences

Service Manager Configuration

Disable following services

1
2
3
4
5
Eximstats
Entropy Chat Server
cPHulk Daemon
Mailman
Passive OS Fingerprinting Daemon

FTP Server Config (pureftpd)

Make following changes

1
2
3
4
FTP Server Configuration > TLS Encryption Support = Disabled
FTP Server Configuration > Allow Anonymous Logins = No
FTP Server Configuration > Allow Anonymous Uploads = No
FTP Server Configuration > Allow Logins with Root Password = No

Security Center Configuration

1
2
3
4
5
6
WHM > Security Center > Apache mod_userdir Tweak = ENABLE
WHM > Security Center > Compiler Access = DISABLE
WHM > Security Center > PHP open_basedir Tweak = ENABLE
WHM > Security Center > Shell Fork Bomb Protection = ENABLE
WHM > Security Center > SSH Password Authorization Tweak = DISABLED
WHM > Security Center > cPHulk Brute Force Protection = DISABLE (use CSF)

Service Configuration

1
2
3
Configure PHP and suEXEC [Default PHP Version = 5, PHP 5 Handler = suphp, Apache suEXEC = on]
cPanel log rotation configuration = All logs need to be rotated.
exim configuration manger > Scan outgoing messages for spam and reject based on spamassassin® internal spam_score setting [?] on

Apache Configuration

1
2
3
WHM > Apache Configuration > Global Configuration > TraceEnable > Off
WHM > Apache Configuration > Global Configuration > ServerTokens > ProductOnly
WHM > Apache Configuration > Global Configuration > FileETag > None

Save AND then Rebuild Configuration and Restart Apache, otherwise the changes will not take effect in httpd.conf

Other Settings

* Backup

* CSF

Posted in Cpanel Server

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.