1. Home
  2. Error Message
  3. Cpanel
  4. cPanel Installation and Configuration

cPanel Installation and Configuration

Objective

Install cPanel, configure PHP module, and optimize MySQL

Prerequisites

A Linux Server
PuTTY

Steps

Step 1: Install Screen

Access the server via SSH by using PuTTY or similar means.

Then, install screen with the following command.

yum install -y screen

After installing the software, launch it by using the following command.

screen

Note: You can detach the application from Windows using the key Ctrl+A and D. Afterwards, you can re-attach the application using the command screen -r.

Step 2: Install cPanel

Ensure your machine’s hostname is a fully qualified domain name (FQDN).
To change your machine’s hostname, simply enter the following command: –

hostname *your.domain.com*

Run the following command to download the latest version of cPanel.

wget -N http://layer1.cpanel.net/latest

Then, install gcc with the following command.

yum install -y gcc

Afterwards, run the following command.

sh latest

Note: If the error message “NetworkManager is installed and running” pops up, run the following command. Then, rerun the ‘sh latest’ command again.

systemctl stop Networking.service
systemctl disable NetworkManager.service

Step 3: Activate cPanel License

Go to http://verify.cpanel.net/ to check license status.

Then, enter the server’s IP address to check on the license status. Navigate to Billing and click Issue cPanel License

If the license has been activated, SSH to the server.

In the server, run the following command

/usr/local/cpanel/cpkeyclt

Step 4: Configure cPanel

Login to cPanel WHM via https://<ip_address>:2087/

Set the login credentials to the following:
Username: root
Password: (same as CentOS SSH login)

Set the email to [email protected]

In Step 3: set the resolver to:
208.67.222.222, 8.8.8.8

In the Services Selection, fill in the following details:
Nameserver: BIND
Set the NS to ns71.es2u.com and ns72.es2u.com
FTP: Pure-FTPD
Mail: Courier

cPHulk Brute Force Protection
Enabled
Tick Extend lockout time upon additional auth failures
Tick Advanced Settings
IP Based Brute Force Protection Period in Minutes: 1
Brute Force Protection Period in minutes: 5
Maximum Failures By Account: 5
Maximum Failures Per IP: 5
Maximum Failures Per IP before IP is blocked for two week period: 10
Quotas: Use file system quotas

Basic cPanel & WHM Setup
Ensure that the contact email is [email protected]
Re-check on the Server IP
Nameservers: set the NS to ns71.es2u.com & ns72.es2u.com

Statistics Software Configuration
Enable Awstats only but do not tick Active by Default
Process log files every 24 hours
Process bandwidth every 12 hours

Tweak Settings
Set the tweak based on the server’s purpose. Normally, the current cPanel default settings are sufficient. However, we still need to fine tune it to follow our requirements.
Set Prevent “nobody” from sending mail to ON
Set Notify admin or reseller when disk quota reaches “warn” state to ON
Set Send bandwidth limit notification emails to ON
Set Bandwidth usage warning: 98% to ON
Set Critical load threshold to Auto Detect

Update Preferences
Select RELEASE
Manual Updates Only
Select inherit (following all select manually)

Submit Request to Email or URL and set [email protected] as the email.

Apache mod_userdir Tweak: ENABLE protection
Configure Security Policies: Tick Password Strength
Password Strength Configuration: Default required password length: 10
PHP open_basedir Tweak: ENABLE
Shell Fork Bomb Protection: ENABLE
SMTP Restriction: ENABLE

Edit System Mail Preferences and set cPanel and root email to [email protected]

Then, run the following command on the console.

/scripts/easyapache

Go to easyApache 4 under software and click on Customize. Afterwards, install the following Apache modules.

----------------
:: Apache 2.4 ::
----------------
config
config-runtime
mod_asis
mod_bwlimited
mod_cgi
mod_deflate
mod_env
mod_expires
mod_headers
mod_mime_magic
mod_mpm_prefork
mod_proxy
mod_proxy_fcgi
mod_proxy_http
mod_proxy_wstunnel
mod_remoteip
mod_ruid2
mod_security2
mod_socache_memcache
mod_ssl
mod_unique_id
mod_version
tools
-------------
:: PHP 5.5 ::
-------------
libc-client
pear
php-bcmath
php-calendar
php-cli
php-common
php-curl
php-devel
php-exif
php-fpm
php-ftp
php-gd
php-iconv
php-imap
php-intl
php-ioncube
php-litespeed
php-mbstring
php-mcrypt
php-mysqlnd
php-pdo
php-posix
php-pspell
php-sockets
php-tidy
php-xml
php-xmlrpc
php-zip
runtime
-------------
:: PHP 5.6 ::
-------------
libc-client
pear
php-bcmath
php-calendar
php-cli
php-common
php-curl
php-devel
php-exif
php-fpm
php-ftp
php-gd
php-iconv
php-imap
php-intl
php-ioncube6
php-litespeed
php-mbstring
php-mcrypt
php-mysqlnd
php-pdo
php-posix
php-pspell
php-sockets
php-tidy
php-xml
php-xmlrpc
php-zip
runtime
-------------
:: PHP 7.0 ::
-------------
libc-client
pear
php-bcmath
php-calendar
php-cli
php-common
php-curl
php-devel
php-exif
php-fpm
php-ftp
php-gd
php-iconv
php-imap
php-intl
php-litespeed
php-mbstring
php-mcrypt
php-mysqlnd
php-pdo
php-posix
php-pspell
php-sockets
php-tidy
php-xml
php-xmlrpc
php-zip
runtime
------------
:: Others ::
------------
apr
apr-util
cpanel-tools
documentroot
libcurl
libmcrypt
libnghttp2
libtidy
libxml2
modsec-sdbm-util
nghttp2
openssl
php-cli
php-cli-lsphp
profiles-cpanel

Next, configure the following settings.

cPanel Log Rotation Configuration: Tick all

Exim Configuration Manager
Using the cPanel default settings should be sufficient
Basic Editor
RBL: zen.spamhaus.org and bl.spamcop.net : ON
Advanced Editor
daemon_smtp_ports (add): 27
ignore_bounce_errors_after: 12h
timeout_frozen_after: 24h
Section: ROUTERSTART
#Do not allow no body
fail_nobody:
driver = redirect
senders = [email protected]
domains = ! +local_domains
allow_fail
data = :fail: Nobody mail is restricted to send to own domain email only.

FTP Server Configuration
Allow Anonymous Logins: NO
Allow Anonymous Uploads: NO

PHP Configuration Editor
Basic Mode
memory_limit : 64M
upload_max_filesize : 10M
Advanced Mode
disable_functions :
show_source,system,shell_exec,passthru,exec,popen,proc_open,allow_url_fopen

Service Manager (leave it ticked if one side is already ticked and only tick according to the following list)
Enable tailwatchd
– Antirelayd
– ChkServd
– Eximstats
– cPBandwd
Enabled & Monitor
– clamd
– cpdavd (cPanel DAV Daemon)
– exim
– exim on another port (port 27) (Exim Mail Server (on another port))
– ftpd (FTP Server)
– httpd
– imap
– ipaliases
– mailman
– mysql
– named (Name Service Cache Daemon)
– spamd
– sshd
– syslogd (rsyslog System Logger Domain)

On the Web GUI, navigate to Package > Add a package and enter the following package plan name: Unlimited_Resources

Then, navigate to Plugin and install ClamAV. Afterwards, head to the ClamAV Scanner Configuration, tick all boxes and click Save.

Step 5: Configure MySQL

SSH to the server via PuTTY or other means. Then, create a backup for MySQL configuration using the following command.

mv /etc/my.cnf /etc/my.cnf.bak

Create a new configuration file using the following command.

nano /etc/my.cnf

Then, restart MySQL service using the following command.

systemctl restart mysql

Use the following command to check MySQL as Task Manager

ps -ef | grep mysql

Use the following command to verify whether MySQL is running or not

systemctl status mysqld

Edit the /etc/my.cnf file by using the following command

nano /etc/my.cnf

Then, copy and paste the following configuration to the file.

###----------------------- Custom Configuration ------------------------------------###

 

[mysqld]

innodb_file_per_table

## Go faster and skip some stuff, YMMV

#skip-name-resolve

skip-slave-start

skip-external-locking

 

# PER CLIENT SETTINGS #

# bit high but I got tons of ram here #

sort_buffer_size = 2M

read_buffer_size = 2M

wait_timeout = 200

interactive_timeout = 300

max_allowed_packet = 256M

thread_stack = 128K

# table_cache = 1024 <<

myisam_sort_buffer_size = 1M

tmp_table_size = 12M

max_heap_table_size = 12M

 

# CACHES AND LIMITS #

tmp_table_size = 12M

max_heap_table_size = 12M

query_cache_type = 1

query_cache_limit = 2M

query_cache_size = 32M

max_connections = 500

thread_cache_size = 50

open_files_limit = 65535

 

# MyISAM #

key_buffer_size = 32M

myisam-recover-options = FORCE,BACKUP

 

# SAFETY #

max_allowed_packet = 16M

max_connect_errors = 1000000

 

###----------------------- Custom Configuration ------------------------------------###
Updated on April 12, 2021

Was this article helpful?

Related Articles

Need Help?
Submit a ticket to us and let our professional team assists you

Support Billing Sales
Support
Billing
Sales