How to Install CentOS Web panel(CWP) on CentOS 6

There are many open source control panel to run linux web hosting on the internet like ISPConfig, Webmin, Virtualmin and Open Panel. In this post, I want to share how to install CentOS Web panel (CWP) on CentOS 6. CentOS Web panel is a free Web Hosting panel designed for easy management of servers ( VPS & Dedicated ) without the need to use their expertise and knowledge in the linux command line and without SSH access to the server.

From the CWP official website, they do not provide uninstaller and reinstall the server to remove it. CWP should be install on the fresh CentOS operating system without any non-default configuration.

Follow the following step to install CWP on CentOS 6.6.

1. Install Fresh CentOS 6.6 with direct internet connection :
2. Allocate atleast 512MB RAM for 32 bit systems and 1024MB for 64 bit systems. In this example we will allocate 4GB RAM.

3. Configure your server hostname :
a. Modify the hostname and reboot the server to take effect:

# vi /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=centos66.ehowstuff.local
GATEWAY=192.168.0.1

a. Verify hostname :

[root@centos66 ~]# hostname
centos66.ehowstuff.local

4. Update your server before begin. Reboot the server to take effect the changes :

# yum update -y

5. Install CWP:
a. Change directory to /usr/local/src/ directory:

# cd /usr/local/src

b. Download the installer via wget :

# wget http://centos-webpanel.com/cwp-latest

Or try the following URL if above url not working :

# wget http://dl1.centos-webpanel.com/files/cwp-latest

c. Start CWP installer

# sh cwp-latest

6. The installation will take up to 50 minutes, depend on your internet connection speed :

cmp-2

7. Once the installation completed, you will see the the screen below. In this case i leave mySQL root password blank.
cmp-3

Press Enter to reboot the server.

8. Go to your browser and enter CWP ip address with 2030 port number. You will see login page as below. CentOS WebPanel Admin GUI at http://SERVER-IP:2030/

Username: root
Password: your server root password

cmp-4

9. You can start configure your CWP via dasgboard panel below. Get consult from official website, and the CWP forum to proceed the configuration.

cmp-5

10. You can start configure your CWP server and then start hosting your website.

  • Setup nameservers
  • Setup shared ip (must be your public IP address)
  • Setup at least one hosting package (or edit default package)
  • Setup root email
  • & now you are ready to host domains…

11. Install Softaculous Apps Installer via command :

# /usr/local/src/install.sh --quick
-----------------------------------------------
 Welcome to Softaculous Apps Installer
-----------------------------------------------

///////////////////////////////
// INSTALLING SOFTACULOUS :
// 1) CONFIGURING universal.php
// 2) FETCHED A LICENSE
// 3) UPDATING Categories
// 4) UPDATING Scripts List
// 5) UPDATING Installed Scripts List
// 6) SETTING A CRON JOB
// 7) DOWNLOADING SCRIPTS
///////////////////////////////

ln: creating symbolic link `/usr/local/cwpsrv/conf.d/softaculous.conf': File exists
cwpsrvd: Could not reliably determine the server's fully qualified domain name, using centos66.ehowstuff.local for ServerName
=====================================================
Congratulations, Softaculous was installed successfully
Softaculous has been installed at:
Path : /usr/local/softaculous
Scripts Path : /var/softaculous

We request you to please register for updates and notifications at :
http://www.softaculous.com/board/index.php?act=register
It also inspires us when you register. Registration is free and just a one minute job.

If you need any support you can always count on us. Just drop in at our Support Board:
http://www.softaculous.com/board
Alternatively, you can contact us via Email at support@softaculous.com

Thank you for using Softaculous

How to Setup Nginx,PHP5.4, PHP-FPM, MySQL 5.5 On CentOS 6.5 VPS

This post will show you the procedure to setup Nginx, PHP5.4, PHP-FPM and MySQL 5.5 On CentOS 6.5 Virtual private server(VPS). You need to setup the required repo such as EPEL, Remi and also the NGINX repo.

What is NGINX ?

NGINX is an alternate web server for Apache. Nginx is an open source web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols. Many websites and the web developer have moved to NGINX because it’s scalable, low resources, can handle many users concurrency and good website performance. Now it still third most popular web server in the world and it serve just over 14% of all hostnames.

What is PHP(PHP-FPM) ?

PHP (recursive acronym for PHP: Hypertext Preprocessor) is a widely-used open source general-purpose scripting language. PHP-FPM (FastCGI Process Manager) is an alternative PHP FastCGI implementation with some additional features useful for sites of any size, especially busier sites.

What is MySQL ?

MySQL Database server is one of the most popular used database in the internet especially for content management and blogging site.

Steps to setup Nginx,PHP5.4, PHP-FPM, MySQL 5.5 On CentOS 6.5 VPS

1. Setup EPEL and Remi repository.
How to prepared EPEL and how to configure Remi repository in to CentOS.

2. Install php 5.4, php-fpm and MySQL 5.5 Server :

[root@vps-08 ~]# yum --enablerepo=remi install php php-mysql php-fpm mysql mysql-server -y

3. Setup repository for nginx :

[root@vps-08 ~]# vi /etc/yum.repos.d/nginx.repo

Add the following and save :

[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=0
enabled=1

4. Install and setup NGINX :
Run the following command to install NGINX.

[root@vps-08 ~]# yum install nginx -y

a. Setup NGINX config file :

[root@vps-08 ~]# vi /etc/nginx/nginx.conf

Add the following and save:

user  nginx;
worker_processes  2;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    gzip  on;
    gzip_types text/css text/x-component application/x-javascript application/javascript text/javascript text/x-js text/richtext image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon;

    include /etc/nginx/sites-available/*.conf;

}

b. Create sites-available directory and create nginx virtual host for example.com domain :

[root@vps-08 ~]# mkdir /etc/nginx/sites-available
[root@vps-08 ~]# vi /etc/nginx/sites-available/example.com.conf

Add the following and save :

server {
listen       80;
    server_name example.com;
    rewrite ^/(.*)$ http://www.example.com/$1 permanent;
}

server {
        server_name www.example.com;
        root /var/www/html/example;
        access_log /var/log/nginx/example.com.access.log;
        error_log /var/log/nginx/example.com.error.log;
        include conf.d/common.conf;
        include conf.d/wordpress.conf;
        include conf.d/w3tc.conf;
}

c. Create these three configuration files. It was optimized for WordPress site.

/etc/nginx/conf.d/common.conf
/etc/nginx/conf.d/wordpress.conf
/etc/nginx/conf.d/w3tc.conf

Create common.conf :

[root@vps-08 ~]# vi /etc/nginx/conf.d/common.conf

Add the following and save.

# Global configuration file.
# ESSENTIAL : Configure Nginx Listening Port
listen 80;
# ESSENTIAL : Default file to serve. If the first file isn't found,
index index.php index.html index.htm;
# ESSENTIAL : no favicon logs
location = /favicon.ico {
    log_not_found off;
    access_log off;
}
# ESSENTIAL : robots.txt
location = /robots.txt {
    allow all;
    log_not_found off;
    access_log off;
}
# ESSENTIAL : Configure 404 Pages
error_page 404 /404.html;
# ESSENTIAL : Configure 50x Pages
error_page 500 502 503 504 /50x.html;
    location = /50x.html {
        root /usr/share/nginx/html;
    }
# SECURITY : Deny all attempts to access hidden files .abcde
location ~ /\. {
    deny all;
}
# PERFORMANCE : Set expires headers for static files and turn off logging.
location ~* ^.+\.(js|css|swf|xml|txt|ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
    access_log off; log_not_found off; expires 30d;
}

Configure wordpress.conf :

[root@vps-08 ~]# vi /etc/nginx/conf.d/wordpress.conf

Add the following and save :

# WORDPRESS : Rewrite rules, sends everything through index.php and keeps the appended query string intact
location / {
    try_files $uri $uri/ /index.php?q=$uri&$args;
}

# SECURITY : Deny all attempts to access PHP Files in the uploads directory
location ~* /(?:uploads|files)/.*\.php$ {
    deny all;
}
# REQUIREMENTS : Enable PHP Support
location ~ \.php$ {
    # SECURITY : Zero day Exploit Protection
    try_files $uri =404;
    # ENABLE : Enable PHP, listen fpm sock
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_pass unix:/var/run/php-fpm.sock;
    fastcgi_index index.php;
    include fastcgi_params;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
# PLUGINS : Enable Rewrite Rules for SiteMap
rewrite ^/sitemap(-+([a-zA-Z0-9_-]+))?\.xml$ "/index.php?xml_sitemap=params=$2" last;
rewrite ^/sitemap(-+([a-zA-Z0-9_-]+))?\.xml\.gz$ "/index.php?xml_sitemap=params=$2;zip=true" last;
rewrite ^/sitemap(-+([a-zA-Z0-9_-]+))?\.html$ "/index.php?xml_sitemap=params=$2;html=true" last;
rewrite ^/sitemap(-+([a-zA-Z0-9_-]+))?\.html.gz$ "/index.php?xml_sitemap=params=$2;html=true;zip=true" last;

Create w3tc.conf file :

[root@vps ~]# vi /etc/nginx/conf.d/w3tc.conf

Add the following and save :

# BEGIN W3TC Page Cache core
set $w3tc_rewrite 1;
if ($request_method = POST) {
    set $w3tc_rewrite 0;
}
if ($query_string != "") {
    set $w3tc_rewrite 0;
}
if ($http_cookie ~* "(comment_author|wp\-postpass|w3tc_logged_out|wordpress_logged_in|wptouch_switch_toggle)") {
    set $w3tc_rewrite 0;
}
if ($http_cookie ~* "(w3tc_preview)") {
    set $w3tc_rewrite _preview;
}
set $w3tc_enc "";
if ($http_accept_encoding ~ gzip) {
    set $w3tc_enc _gzip;
}
set $w3tc_ext "";
if (-f "$document_root/wp-content/cache/page_enhanced/$http_host/$request_uri/_index$w3tc_rewrite.html$w3tc_enc") {
    set $w3tc_ext .html;
}
if (-f "$document_root/wp-content/cache/page_enhanced/$http_host/$request_uri/_index$w3tc_rewrite.xml$w3tc_enc") {
    set $w3tc_ext .xml;
}
if ($w3tc_ext = "") {
  set $w3tc_rewrite 0;
}
if ($w3tc_rewrite = 1) {
    rewrite .* "/wp-content/cache/page_enhanced/$http_host/$request_uri/_index$w3tc_rewrite$w3tc_ext$w3tc_enc" last;
}
# END W3TC Page Cache core

d. Modify default.conf file :

[root@vps-08 ~]# vi /etc/nginx/conf.d/default.conf
server {
    listen       80;
    server_name  localhost;

    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
    }

# redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }
}

5. Secure Mysql :

[root@vps-08 ~]# /usr/bin/mysql_secure_installation

Sample :

[root@vps-08 ~]# /usr/bin/mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!


In order to log into MySQL to secure it, we'll need the current
password for the root user.  If you've just installed MySQL, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.

Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] y
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] n
 ... skipping.

By default, MySQL comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] y
 ... Success!

Cleaning up...



All done!  If you've completed all of the above steps, your MySQL
installation should now be secure.

Thanks for using MySQL!


6. Configure php-fpm :

[root@vps-08 ~]# vi /etc/php-fpm.d/www.conf

Update and uncomment the following :

listen = /var/run/php-fpm.sock
..
listen.mode = 0666
..
user = nginx
group = nginx
..
pm = dynamic
..
pm.max_children = 50
pm.start_servers = 10
pm.min_spare_servers = 10
pm.max_spare_servers = 10
pm.max_requests = 200
..
slowlog = /var/log/php-fpm/www-slow.log
..
php_admin_value[error_log] = /var/log/php-fpm/www-error.log
php_admin_flag[log_errors] = on
..
php_value[session.save_handler] = files
php_value[session.save_path] = /var/lib/php/session

7. Restart the NGINX and php-fpm :
Restart the NGINX and php-fpm service to apply the changes on the configuration files.

[root@vps-08 ~]# service nginx restart; service php-fpm restart
Stopping nginx:                                            [  OK  ]
Starting nginx:                                            [  OK  ]
Stopping php-fpm:                                          [  OK  ]
Starting php-fpm:                                          [  OK  ]

Check the service listened on your VPS :

[root@vps-08 ~]# netstat -plunt | grep LISTEN
tcp        0      0 0.0.0.0:111                 0.0.0.0:*                   LISTEN      1097/rpcbind
tcp        0      0 0.0.0.0:80                  0.0.0.0:*                   LISTEN      18070/nginx
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      1130/sshd
tcp        0      0 0.0.0.0:3306                0.0.0.0:*                   LISTEN      18358/mysqld
tcp        0      0 :::111                      :::*                        LISTEN      1097/rpcbind
tcp        0      0 :::22                       :::*                        LISTEN      1130/sshd

Now you can start to setup WordPress blog into your VPS server.

setup nginx

Linode VPS – Lish SSH Gateway

We’re rolling out a new Lish SSH gateway that simplifies Lish by introducing a single place to access Lish for all of your Linodes, regardless of their host or datacenter. It eliminates the need for per-Linode Lish passwords and SSH keys. Instead, the Lish gateway uses your existing Linode Manager credentials for authentication. You will also notice a new “Lish SSH Keys” field in the My Profile section of the Linode Manager, where you can submit SSH public keys to authenticate yourself to these new Lish gateway boxes.

To provide a little background, Lish is the Linode Shell. It provides you with the ability to issue reboot and shutdown jobs, check the status of your Linode, and most importantly, access and interact with the console of your running Linode. Lish is an out-of-band console, which means you can access it even when your Linode’s networking is disabled.

Previously, each Linode required its own Lish SSH username, password, and SSH keys. Access to Lish was via a direct SSH connection to your Linode’s host machine. In the coming weeks, we will be completely removing host access from the public Internet, and as such the old Lish access methods will no longer function.

Lish-via-SSH into hosts will cease to function on Friday, May 10, 2013 1:00PM EDT.  As such, please adjust any scripts or aliases to utilize the new Lish gateway.

When you log in to the new Lish gateway, you’ll see a list of your Linodes and their locations, as shown below:

$ ssh caker@lish-newark.linode.com 
Linodes located in this data center:
linode2345           Newark, NJ
linode3456           Newark, NJ
linode4567           Newark, NJ

Linodes located in other data centers:
sandbox              Dallas, TX
linode5678           Dallas, TX
[caker@lish-newark.linode.com]#

Then, at the command prompt, you can enter the name of the Linode to which you want to make your Lish connection. In the example shown above, you could enter “linode2345? to access the Lish console for linode2345. Once you’re on a specific Linode, Lish will work like it always has. When you exit linode2345?s Lish, you’ll be taken back to the gateway menu.

You can also do tricks like this to bypass the menu all together:

$ ssh -t caker@lish-newark.linode.com linode2345

And like this to send commands directly to a Linode’s Lish:

$ ssh -t caker@lish-newark.linode.com linode2345 logview

We’ve set up Lish gateways in all six data centers. You can use any gateway to get to any Linode, but we recommend using the one geographically closest to you or your Linodes. Here are the Lish gateway boxes:

  • lish-tokyo.linode.com
  • lish-fremont.linode.com
  • lish-dallas.linode.com
  • lish-atlanta.linode.com
  • lish-newark.linode.com
  • lish-london.linode.com

The Lish gateway boxes are accessible via both IPv4 and IPv6. The Ajax method of connecting to your Linode’s Lish is unaffected by these changes.

Enjoy!
-Chris

Click here for full Story

Securing and Hardening Linux Dedicated Server

securing linuxWhen we hosted the linux dedicated server or virtual private server(VPS) in a data center, security of the system is very important in order to ensure the data and the information are safe from the hackers. Securing and hardening linux dedicated server is mandatory when nearly every computing resources and the application systems is online and susceptible to attack. This post share basic security and hardening tips for the linux dedicated server. If you are plan to host your own linux dedicated server, then this post should able to provide you a good baseline and ideas. The following are the best practices to securing and hardening linux dedicated server :

1. Patching Linux Systems
2. Keep Linux Kernel and Software such as WordPress/Joomla Up to Date
3. Secure SSH
4. Enforcing Stronger Passwords and Password Aging
5. Disable Unnecessary Processes, Services and Daemons
6. Install a host based firewall to protect your dedicated server from unauthorized access
7. Implement Linux Kernel /etc/sysctl.conf hardening
8. Configure Logging and Auditing
9. Install And Use Intrusion Detection System

Linode Network Upgrades and 8 Cores Xen Instances

Linode Network Upgrade

Early of March 2013, Linode has performed network upgrade that improves throughput, decrease latency and
add redundancy at their host layer. They are upgrading overall network in all six datacenters in the US, Europe, and Asia-Pacific. With zero downtime, Linode customer will get outbound network cap increased 5 times and amount of outbound transfer increased 10 times as below :

Linode 512 upgraded from 200GB to 2000GB (2TB)
Linode 1G upgraded from 400GB to 4000GB (4TB)
Linode 2G upgraded from 800GB to 8000GB (8TB)
Linode 4G upgraded from 1600GB to 16000GB (16TB)
Linode 8G upgraded from 2000GB to 20000GB (20TB)

8 Cores Xen instances

8coreIn 18th March 2013, Linode has upgrading new “NextGen’ host hardware specification, CPUs and a fleet refresh. Linode has upgrades all Linodes to 8 cores Xen instances. Customer will require to schedule a downtime for reboot and then get doubling in computing power. Customer will get faster websites, services, and processing at the same price points. Another things that Linode need to improve is the drive speed. Will they go for SSDs in the future ?

Best Web Hosting 2012 – Best Linux & Windows Web Hosting Providers

PR Web

San Francisco, CA (PRWEB) November 01, 2012

BestHostingSearch.com, a leading web hosting review site since 2006, named BlueHost as the best web hosting on Linux platform and WinHost as the best web hosting on Windows platform for personal and small businesses based on their web hosting technology, features, reliability, performance, technical support, and affordability.

Best Web Hosting 2012 > PHP, ROR, Python, Perl

BlueHost is awarded as the best web hosting provider in 2012 based on Linux platform for hosting sites developed on PHP, Zend Framework, Ruby on Rails, Python and Perl. BlueHost offers a single all-in-one unlimited web hosting plan named “BlueHost Professional” which is the most rich-featured Linux-based hosting plan. Besides supporting almost all the modern programming languages, it includes one free domain & $100-value Google AdWords credits, allows one to host unlimited sites on one account by paying once, and provides Shell Access (SSH), email, MySQL, PostgreSQL, FTP, SSL, etc. It starts at $6.95/mo regularly, but now BlueHost is offering a 44% discount for $3.95/mo for all visitors who go through this BlueHost promotional link.

BlueHost was founded in 1996 and designed to offer the affordable hosting solution to personal and small businesses. Unlike many other web hosts, BlueHost has 3 world-class dedicated data centers in Provo Utah, which had been invested with 20+ millions of USD since 2010. All the data centers are Eco-friendly, with the Internet bandwidth exceeding 150,000 Mbits totally. So far, BlueHost is serving for 2.5 million customers worldwide and it’s fast growing with approximately 20,000 new customers added for each month.

To read the in-depth BlueHost review, visit http://besthostingsearch.com/bluehost-review

Best Web Hosting 2012 > ASP.NET, ASP.NET MVC, Silverlight

WinHost is awarded as the best web hosting provider in 2012 based on Windows platform for hosting sites developed on ASP.NET, ASP.NET MVC and Silverlight technology. WinHost is the most developer and technology friendly web hosting company of all which BestHostingSearch.com had reviewed so far. WinHost supports almost all the latest cutting-edge Microsoft technology. It’s one of the first ASP.NET hosting providers that declaim to support Windows Server 2012, ASP.NET 4.5 and MSSQL 2012. Now, the WinHost ASP.NET hosting plan supports Windows Server 2008R2 & Windows Server 2012, MSSQL 2008R2 & MSSQL 2012, ASP.NET 2/3.5SP1/4/4.5, ASP.NET 2/3/4, Silverlight 4/5, and provides Full Trust configuration, remote IIS management capability, and remote MSSQL management capability.

WinHost ASP.NET hosting starts at $4.95/mo regularly, but now it’s offering a special discount for 2 months free for annual billing at $4.12/mo effectively for all visitors who go through this WinHost promotional link.

To learn more about the award of best web hosting providers in 2012, visit http://besthostingsearch.com/web-hosting-guide/best-web-hosting-2012 >>

About BestHostingSearch.com
BestHostingSearch.com is a leading web hosting review site since 2006. It ranks web hosting providers based on their real hosting experience and the reviews collected from real customers, designed to help people find the best web hosting deal, saving time and money from a bad choice.

Click here for full Story