Secure websites on Control Web Panel / CWP Server
What is Control web Panel [ CWP ]
Control Web Panel (CWP), formerly known as CentOS Web Panel, is a web hosting control panel software for RHE distros. It is loaded with lots of features required to provide complete web hosting packages and comes with free and pro versions. The project is community-driven, has a modern UI, and is flexible to choose your own hosting stack.
How to secure your CWP server using cPGuard
As a web security suite, cPGuard can protect your CWP server using its modules that operate in various layers. The installation and configuration are simple and driven through cPGuard Standalone configuration options.
To install cPGuard on your CWP server, use the following command
cd /usr/local/src && rm -f cpguard_install.sh && curl -o cpguard_install.sh -L https://downloads.opsshield.com/cpguard/cpguard_install.sh && bash cpguard_install.sh LICENCE-KEY- LICENCE-KEY – This is the license key that you have purchased and wish to apply to your server. This is mandatory to complete installation and bind your server to the App Portal
After running the above command, the installer script will run and install dependency packages for your Operating System. Once the dependency packages are installed successfully, you need to proceed with the Standalone configuration for CWP.
The Standalone configuration has 2 main sections..the Web Server Configuration and WAF Configuration. You need to configure this based on the web server/ WAF server you have on your server.
You can refer to the following images if you have Nginx Only or Nginx & Varnish
1. Web Server Configuration with Nginx
2. WAF Configuration
The cPGuard WAF is built on top of the ModSecurity module. By default, CWP does not compile Libmodsecurity with Nginx. So you need to follow the instructions to enable ModSecurity with Nginx first before configuring WAF. Once ModSecurity is installed properly as per the documentation, you can configure cPGuard WAF settings like the following.
You can refer to the following images if you have Apache Only or LiteSpeed Enterprise or Nginx & Apache or Nginx & Varnish & Apache
1. Web Server Configuration with Apache
You may also give “/usr/local/apache/conf.d/vhosts/*.conf” in place of web_server_conf if it does not come up with any recommendation
2. WAF Configuration
Before proceeding with WAF configuration, please refer WAF requirements and make sure that ModSecurity is properly configured on your CWP server. Once it is done, you can refer to the following image, configure WAF settings, and then enable WAF from Settings.
User list and Suspend Script
You can choose the default recommendation for user_list and suspend_hook, which are the premade scripts for CWP control panel.
Once the configuration is complete, wat for cPGuard to finish the installation. After successful installation, you can access and manage the server from App Portal
Installation assistance/support
We provide free installation assistance ( except ModSec installation for Nginx ) if you want our team to manage the installation and configuration on your servers. Please feel free to reach our support team for installation assistance.