Secure your CyberPanel Server – CyberPanel Security Add-on
CyberPanel is a well-known Linux server control panel that makes it easy to spin up web hosting servers powered by LiteSpeed and Openlitespeed Web Server. It is a multi-user control panel where you can easily create new websites with individual user access with an email feature. It has both free and pro versions available and the project is open-source.
How to secure CyberPanel server using cPGuard
As a web security suite, cPGuard can protect your CyberPanel server using its modules that operate in various layers. The installation and configuration are simple and driven through cPGuard Standalone configuration options.
To install cPGuard on your CyberPanel server, use the following command
cd /usr/local/src && rm -f cpguard_install.sh && curl -o cpguard_install.sh -L https://downloads.opsshield.com/cpguard/cpguard_install.sh && bash cpguard_install.sh LICENCE-KEY
- LICENCE-KEY – This is the license key that you have purchased and wish to apply to your server. This is mandatory to complete installation and bind your server to the App Portal
After running the above command, the installer script will run and install dependency packages for your Operating System. Once the dependency packages are installed successfully, you can see the installation success message with a direct link to your server in the App Portal.
After that, you may need to install and configure ModSecurity on your server. Please the instructions here for CyberPanel to install and configure ModSecurity.
Whitelist App Portal IPs in CyberPanel Firewall
After successful installation, you need to allow cPGuard App Portal IPs to connect to the cPGuard agent service, which is listening on TCP port 9098. To do this, you need to go to CyberPanel >> Server >> Security >> Firewall and whitelist the following IP addresses for TCP port 9098 access. Example is given in the below image
184.108.40.206 220.127.116.11 18.104.22.168
Once the firewall whitelisting is completed, you can go to the App Portal and manage your server.