Installing cPGuard on Enhance panel
This article is intended to help you install cPGuard standalone version on a server with Enhance control panel. We have premade custom scripts for enhance which can be used by cPGuard to collect information on domains, its document root etc and update your servers Webserver/ModSecurity configuration to enable our Web application Firewall.
Enhance API Credentials
Information on domains, websites etc are collected via an API call to the Enhance central server. You will need to provide
- Control server URL
example – https://control.yourhosting.com
- Organisation ID
example – d8554b6d-5d0d-6719-009b-fec1189aa8f3
- Authetication Token
example – 8223aad3-171f-k25K-M0Fu-trUxs7L3sd3P_3ee84e3…
You can also provide these infomation later or provide it in an ini file to avoid prompts during installation which will be discussed below
You can create an access token on you enhance control panel from Settings > Access Tokens > Create Token
You can use the use the following command (after replacing the license key) to install cPGuard on a server having enhance
cd /usr/local/src && rm -f cpguard_install.sh && curl -o cpguard_install.sh -L https://downloads.opsshield.com/cpguard/cpguard_install.sh && bash cpguard_install.sh LICENCE-KEY
After installation of the dependency packages, cPGuard backend and agent services, you will be prompted to enter the webserver. We have premade scripts for collecting the website/domain informations from enhance. You can accept to use our script and then continue to provide enhance api access tokens
Following that you will need to enter the name of the web server in which you have ModSecurity installed. We currently have integration with LiteSpeed and OpenLiteSpeed in Enhance.
You will not be prompted for additional information for LiteSpeed and OpenLiteSpeed and use default predefined values making the setup simpler. In further steps, You can accept to use the predefined scripts we have to provide user information and custom script to suspend
Setup will continue to install cPGuard on the server and you can login to our app portal and configure the server
Note : You can choose to skip the prompts by entering blank values multiple times and entering y when asked “Do you want to skip this now ?“. Later you can use our command line tool
cpgcli standalone-conf --wizard or
cpgcli standalone-conf --update to update the config. You can find more information here
(Installation without prompts)
You can install cPGuard without prompts by providing the required values before hand in an ini file and add the path to the end of the installation command as an argument. You can refer this help document for infomation on creating the ini file.
Three additional parameters have to be added the ini file
For installing cPGuard on multiple servers with similar configuration you can first install on a server, copy the ini file created during installtion automatically containing the enhance auth tokens onto the new servers and provide the path as a parameter to the installation script.