Setup web server

Web Server Setup Series – Fix CWP Errors & Warnings To Improve Server Security

Web Server Setup Series – Fix CWP Errors Warnings To Improve Server Security
​Welcome to the second part of the web server setup series. In this part, I’ll show you how to fix CWP (CentOS web panel) errors and warnings, create new user accounts, create hosting packages, and create FTP account. So let’s start.

​In the last part, I installed CentOS web panel on my virtual private server. If you’ve not installed it, read the first part to install CWP on your server.

​Fix errors and warnings on the control panel

Set root email

​When you login to the CWP control panel, you’ll see several errors popping up in the header. It’s important to fix these errors before moving forward.
​The panel requires a root email account for further notifications from the control panel. To fix it, click the button ‘Set root email’ and type your email address.
You can also forward all system emails to the root email. Hit save to save the changes.

After setting up root email, log out of the panel and log back in.

Change default SSH port

The SSH protocol is a method to securely connect to remote server. The default port for SSH communication is 22. It is suggested to change the default SSH port 22 to something else to improve the security of our server.

Change default SSH port by either clicking the link on the error /etc/ssh/sshd_config or from the sidebar options.
​Now to set the ssh port manually, uncomment the line “Port 22” and replace 22 with your desired port. To uncomment, remove the hash ‘#’.
Now save settings. We also need to update port number in the firewall settings so that we can connect through the new port.

From the sidebar go to Security > Firewall Manager.
​Click Configuration > Main Configuration and it will open up the settings. Now search the following TCP incoming and outgoing ports and add your ssh port in here.
​Now save changes and restart SSH server and firewall.
​Enable Firewall. If you had already enabled it before adding port, then restart it.
And that’s it. You have changed the default SSH port, allowing the connection through that port in the firewall. Now re-login to the panel and the message to update the port should go away. If you still see the message, make sure to save the changes after changing the port.

And that’s all. We have fixed all the warnings. If you still see some of the initial warnings, please check you saved the settings after making changes. Also, remember that from now on we’ll have to provide the SSH port while connecting to the server otherwise you’ll get error “Connection refused“.
ssh username@server-ip -p port-number

Create hosting packages

In future, you’ll have multiple users or clients hosting their own websites on your server. You can charge your clients based on the resources you provide to them. For example, you can create a package for new developers allowing them 1GB storage, 1GB bandwidth, 2 email accounts, 2 FTP accounts etc. You can do that by creating a new package.

Packages allow the admin to easily control the resources on the server. To create a new package, from sidebar click the Package > Add a package. It’ll show you the following screen.
It’s very simple to add a package. Fill in all the fields and hit the create button. You can leave a field empty and cwp will assign a default value to that field.

You can create multiple packages and when creating an account, you’ll be given an option to assign that user a package. We’ll see that in the next step.
​You can see all the packages by going to Packages > List packages.

Create a new User account

​After creating multiple packages, it’s time to create a user. Creating a new user is also very easy. Go to User accounts > New account.
In the first field enter the domain name that the user wants to point to the server. Enter a username, password, email account, Server IP, and packages. You can see all the packages that you have created plus a default one. Select a package for this account.
​In the screenshot the Inode option is hidden. Inode means the number of files that the user can host on the server storage. All other options are pretty clear. Just fill them, hit Create button and the user has been created.

Now it’ll print all the new user details such as username, password, email address and the login panel for the user. Save this somewhere in a document. Now notice that the login panel for this new user is not the same for admin. For admin, we have server-ip:2030 but for users the panel allows dashboard access at server-ip:2082.

Now visit server-ip:2082 which is user login page.
Enter the username and password.
The user dashboard has fewer options than the root dashboard. Server stats and processes should not be visible to all users so they’re not appearing on the user dashboard. Right sidebar shows all the resources available to the user such as databases, emails, domains, and FTP accounts. Some quick actions such as antivirus scan and file system lock are also in the right sidebar.

All other management options are under sidebar navigation menu and dashboard. I’ll suggest you take a look at these options one by one so that you can get the idea what cwp can do.

 Hide all processes if not owned by the user is NOT activated on your server

​After creating a new user, you will see another warning on the root user dashboard. On the panel, you can monitor all the processes running the server. By default, all users’ processes are visible. The panel recommends hiding the processes if not owned by current user. Click the link in the error and it’ll take you to the settings page.
​Click “Enable protection” and that’s it.

Create FTP account

If admin has allowed FTP account to the user, then FTP accounts can be created right from the dashboard option. Click FTP accounts.
Click FTP accounts and click create FTP account. You’ll have the following dialogue. Simply fill in the information and that’s it. Now you can use FTP clients such as Filezilla to connect to the server.

Conclusion

​So this was the second part of web server setup series. We have fixed all the warnings, improving the security of our server. In this part, I also wanted to point a domain to our server but due to the length of this article, I’m going to do that in the next article. If you have any suggestion or doubt then do tell me in the comment section below.

Our sponsor - Deploy your server within 3 minutes


Related articles

2 comments

Hotmail customer support June 4, 2020 at 4:50 pm

I have a digital ocean droplet in that I have installed Centos 7.5, and on that, I have installed CWP, with that there is some problem. the problem is that I have created the emails in that CWP when I try to login the Roundcube using that email then it redirects me to the blank page. and when I debug the round cube then I got one error in the network that when I enter the email id and password and click on the login then I saw the 500 internal server error in the post request of Roundcube.
I have also tried by deleting the emails from CWP and also checked by creating new emails but the errors remain, and also I have deleted the droplet and created the new droplet and tried doing so but the error still exists.
I have installed CWP el7-latest

Reply
Mohd Sohail June 4, 2020 at 4:54 pm

I am about to publish an entire article on setting up email server. So wait for it. It’ll answer all your questions.
Thank you for reading! Keep visiting.

Reply

Leave a Comment

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More