How to Install cPanel on CentOS 6 or 7?

How to install cPanel on CentOS 6 or 7.  Please note cPanel does not support any other operating systems like ubuntu or debian.

Note - There must be at least 2GB of memory when you're using CentOS 7.

Install system updates with yum command and then reboot:

$ yum update -y && reboot


Fetch the cPanel install and run it using the following commands:


$ cd /home && curl -o latest -L https://securedownloads.cpanel.net/latest && sh latest

Reboot : reboot

After installation you will be asked to configure WHM control panel with lots of settings. I have explained each and every thing below. 


WHM Configuration

Initial Configuration

Login to WHM at https://<ip>:2087 at complete the initial configuration wizard (skip if already done by customer).

Step 1: Press "I Agree/Go to Step 2".

Step 2:

Set the "Server Contact Email Address" to the customer's email address.
In the resolvers section, if there is a third resolver with an IPv6 address, empty that field.
Press "Save & Go to Step 3"

Step 3: Click "Skip This Step and Use Default Settings"

Step 4:
Unless the customer specifically specifies (if they don't, you don't need to ask them), select "NSD" as the nameserver.
Tick "Add 'A Entries' for all Nameservers"
Tick "Add 'A Entires' for Hostname"
Press "Save & Go to Step 5"

Step 5:
Untick "Enablecpk cPHulk"
Tick "Provide modules to /usr/bin/perl formally provided by checkperlmodules"
Press "Save & Go to Step 6"

Step 6
"Use file system quotas" should already be selected (if not, select it) so press "Finish Setup Wizard".
Feature Showcase
Everything on default settings should be fine. Press "Save Settings".

If you'll receive below error message regarding license - 
To access the interface, you must install the license and ensure that the license is active.

Cannot Read License File
To access the interface, you must install the license and ensure that the license is active.
Then please reissue the cPanel License and fire below command - /usr/local/cpanel/cpkeyclt


Tweak Settings

Go to Server Configuration > Tweak Settings.

Display - Display File Usage information in the cPanel stats bar (inode count) > ON

Domains - 

Allow users to park subdomains of the server’s hostname > ON
Allow cPanel users to create subdomains across accounts > ON
Allow WHM users to create subdomains across accounts > ON
Allow Remote Domains > ON
Allow resellers to create accounts with subdomains of the server’s hostname > ON
Allow unregistered domains > ON

Mail

Max hourly emails per domain - You can ask client for the details.
Initial default/catch-all forwarder destination > Fail
Count mailman deliveries towards a domain’s Max hourly emails > ON
Enable BoxTrapper spam trap > OFF
Enable Apache SpamAssassin™ Spam Box delivery for messages marked as spam (user configurable) > ON

Notifications
Notify admin or reseller when disk quota reaches “warn” state > ON
Enable mailbox usage warnings > ON
Send bandwidth limit notification emails > ON

Bandwidth usage warning - You can ask client for the confirmation.

PHP
cPanel PHP loader > ioncube

Redirection -  You can ask client for the confirmation. 
Always redirect to SSL > ON --------> Only if there is SSL installed on your hostname.

Software
Enable FormMail-clone CGI > ON

Stats and Logs
Show bandwidth usage in megabytes by default in WHM > ON
Save.
========================================================================

EasyApache 4

Go to Software > EasyApache 4.
Click the blue "Customise" button in the "Currently Installed Packages" box.

Enable anything the customer has specifically requested. If they haven't requested anything or haven't specified they need older PHP versions, ea-php55 (PHP 5.5) should be disabled in the "PHP" category, which should leave only ea-php56 and ea-php70.

When you unselect it, be sure to press "Next" to save the changes on that page. Using the menu options in the sidebar won't save the changes.
Go to the "Review" page, it will take a minute or so to review everything and then press "Provision".

It will only take a few seconds to complete and then you can press "Done".
========================================================================


Install CSF Firewall

cd /usr/src
rm -fv csf.tgz
wget https://download.configserver.com/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh

Edit /etc/csf/csf.conf and make the following changes (both settings are near the top of the file):

TESTING = "0"
RESTRICT_SYSLOG = "2"
Save

Now go to WHM > Security Center > SMTP Restrictions > Disable and then run: csf -r
========================================================================


PHP.INI Configuration

Go to WHM > Software > MultiPHP INI Editor

Basic Mode

Do this for both ea-php56 and ea-php70:

max_excecution_time: 
max_input_time: 
memory_limit: 
upload_max_filesize: 
Save

You can ask client for the values.


Editor Mode

Do this for both ea-php56 and ea-php70:

Search (ctrl+f) for "timezone" and change the value of "date.timezone" as per client's need.

Search (ctrl+f) for "disable_functions" and change the value to: "show_source, system, shell_exec, passthru, exec, popen, proc_open, allow_url_fopen"
>> Save

========================================================================

Security Settings

WHM > Security Center:

Compiler Access
Disable Compilers
Configure Security Policies
Tick "Password Strength"
Save

========================================================================

ModSecurity Vendors

Install OWASP ModSecurity Core Rule Set (the default one available on that page)

Once installed, press edit on it.
Turn off:
rules/REQUEST-12-DOS-PROTECTION.conf
rules/REQUEST-13-SCANNER-DETECTION.conf 
rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf
rules/REQUEST-30-APPLICATION-ATTACK-LFI.conf
rules/REQUEST-42-APPLICATION-ATTACK-SQLI.conf
rules/REQUEST-43-APPLICATION-ATTACK-SESSION-FIXATION.conf

========================================================================

Password Strength Configuration
Set Default to 70
Save

========================================================================

PHP open_basedir Protection
Enable
Save
========================================================================

Shell Fork Bomb Protection
Enable Protection

========================================================================

Service Configuration

WHM > Service Configuration:
cPanel Log Rotation Configuration
Tick anything not ticked
Save
========================================================================

Exim Configuration Manager

Reject remote mail sent to the server's hostname > ON
Require remote (domain) HELO > ON
Enable Sender Rewriting Scheme (SRS) Support > ON
RBL: bl.spamcop.net > ON
RBL: zen.spamhaus.org > ON
Save

========================================================================

FTP Server Configuration

Allow Logins with Root Password > NO
Save

========================================================================

Mailserver Configuration

Time to Cache Successful Logins > 0
Time to Cache Failed Logins > 0
Include Trash in Quota > YES
Auto Expunge Trash > YES
Disk Quota Delivery Failure Response > Defer delivery temporarily
Save
========================================================================

WHM > Packages > Feature Manager:

"default" feature list > Edit
Tick "Advanced DNS Zone Editor"
Save

WHM > System Health > Background Process Killer:
Tick everything
Save

WHM > Server Configuration > Basic cPanel & WHM Setup:
Press "Assign IP Address" next to each nameserver down the bottom.
If it wasn't done during the initial configuration, also click "Add an A entry for this nameserver" next to each nameserver.

========================================================================

Clear SSH history and reboot : 

$ history -c && reboot
========================================================================

All set! Smile

If you are unable to do this, Please let us know we will be happy to assist you Smile

  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

How to prevent xmlrpc attack on the WordPress?

To prevent xmlrpc attack in WordPress website just add below code to the .htaccess file of the...

Database connection error (2): Could not connect to MySQL- Joomla Issue

While accessing the Joomla site I was getting the error as "Database connection error (2): Could...

How to check the PHP version and configuration for your website?

'phpinfo.php' is the file which is used for checking the PHP version and configuration on cPanel...

Account Creation Status: failed Each username’s first 8 characters must be unique.

While creating the cPanel account on WHM, below error was generated - Account Creation Status:...

A fatal error has occurred Cannot write to cache directory /tmp

While accessing WebMail client I was getting an error as below - A fatal error has occurred...

Powered by WHMCompleteSolution