Installation of Cpanel and setting up FTP

[Rajkumar Popat]

Dear all,

we wanted to install magento on google cloud compute engine.. currently we have link http://130.211.246.187/magentocheck.php where it says magento can be successfully installed. Please let me know procedure for installation of cpanel and FTP..

Please provide steps as I am new to google compute engine.. Really thanks for support.

[Daniel Oliveira da Paixão]

I'm also trying to install CPANEL. As I understand it, only works if you create a vm with CentOS.

After that, you have to join the site and www.cpanel.net purchase a license either, so do a test for 15 days. But for this, you have to provide the ip of your vm.

Done this, you use the command wget -N http://httpupdate.cpanel.net/latest

To open and run the installation files, run the command Following:

sh latest

You may need to use the sudo command and also go to the folder you created

[Jason McDonald]

I'm not a "server pro" by any means, however I was able to get WHM/CPANEL setup on Compute Engine and wanted to document the steps so I could do it again if necessary, and I'm sharing them to save anyone else the hassle. I would read the whole set of instructions and my opinions of using Compute Engine and CPANEL at the bottom before you jump in. Here's how to do it:

1) If you've already created an instance, skip to step 2. If you haven't, follow these steps to create a Compute Instance - I used CENTOS 6.6, not sure if others will work. Be sure to enable HTTP and HTTPS traffic by clicking those checkboxes. Also, you will need to use a static IP address.

a. go to https://console.developers.google.com/project

b. click on your project (or create a new one)

c. under Compute on the left, click on Compute Engine, then click on VM instances

d. click "New Instance"

e. Enter the name for your instance (whatever), skip the METADATA section, Click to ALLOW HTTP TRAFFIC, and ALLOW HTTPS TRAFFIC, choose your Zone, choose your machine type, Boot Source should be "new disk from image", Image should be Centos-6 (that's what I used, and I know it supports CPANEL), Boot Disk Type should be Standard, Delete Boot disk should be checked, and External IP should say New Static IP address (it will then ask you to create one). After you're done, hit "CREATE", it will take a minute to finish creating.

f. After it's done being created, click on the instance name.

2) OPEN SSH TO YOUR INSTANCE -- 

a. Skip to step 3 if you know how to do this.

b. If you just created an instance, you can open an SSH by click the "SSH" button at the top and then skip to Step 3. 

c. If you didn't just create an instance, you can open an SSH to your instance (either by using the GCLOUD interface on your local computer, or going to Projects->Click your project-> Compute -> Compute Engine -> VM Instances -> Click your instance -> Hit the "SSH" button at the top).

3) The next several steps will take about an hour or so. I would make sure to do it all at one time. Anytime it asks you a question, you can type Y and press enter. Enter the following commands one after the other (pressing Enter after each one) to use as root user, update, install APACHE, PHP, MYSQL, and auto-start apache and mysql on reboot:

sudo -s

yum check-update

yum -y install httpd mysql-server php php-mysql

service httpd start

chkconfig httpd on

service mysqld start

chkconfig mysqld on

4) You should then secure mysql. I haven't tried it when setting up WHM/CPANEL so there is an off chance it will mess things up, I doubt it though. Enter the following command to secure MYSQL and then follow the prompts:

mysql_secure_installation

4) Enter the following Command to Create Sample Web Page and test that PHP is working:

sh -c 'echo "<?php phpinfo();?>" > /var/www/html/test-page.php'

5) You can go to http://<your-ip-address>/test-page.php to make sure it's working.

6) Enter the following command to Change hostname to FQDM:

hostname server.your-domain.com

7) Enter the following command to make sure that your hostname was changed:

hostname

8) Enter the following commands to go to home directory, download CPANEL, then install

cd ..

wget -N http://httpupdate.cpanel.net/latest

sh latest

9) After CPANEL is finished installing (an hour or so later), Enter the following command: 

/scripts/configure_firewall_for_cpanel

FYI: wwwroot is now:  /usr/local/apache/

10) Enter the following command to connect local to public IP:

/scripts/build_cpnat

11) Someone else may have a better solution for this, however when you sign up for Compute Engine it doesn't allow you to specify the root password. When you try to login to WHM for the first time, it asks for the root password. So I entered the following commands to change the root password:

passwd root

12) Then change the password to what you want.

13) You will then need to allow the firewall connections that are required by WHM and CPANEL. I got this working via command line, however it was much more fool-proof using the Google Cloud website.

a. go to https://console.developers.google.com/project

b. click on your project

c. under Compute on the left, click on Compute Engine, then click on Networks.

d. Click "default" at the top

e. Click "NEW FIREWALL RULE" (Each time you create a rule, it won't bring you back to the previous screen, it just sits there. I had to hit the back arrow, and then hit New Firewall rule again. The previous rule I just made was still in the input text fields, I just changed it to the next rule I wanted to add, hit the back button, and kept doing this until I was done.) I would keep in mind for the future that you will have to do this for any port that you wish to because almost all are closed by default (i.e. using port 3306 for Remote MYSQL

Do the following, replacing <PORT#> with each of the following ports. You have to do each port separately, you can't list all the ports at the same time. Do this for ports 2082,2083,2086,2087,2089,2095,2096. (For reference, all ports used by CPANEL are herehttp://cpanel.net/getting_the_most_out_of_your_systems_firewall/)

* Hit New Firewall Rule.

* Name: allow-<PORT#>

* Description: (I left blank)

* Source Filter: IP Ranges

* Source IP Ranges: 0.0.0.0/0

* Allowed Protocols OR PORTS: <PORT#>

* Target TAGS: (I left blank)

* Hit the "CREATE" button

* Hit the Back arrow to go back to the list.

* Hit New Firewall Rule.

* If the old text is still there, you can change only the Name and the Allowed Ports box to the port number you want to add. Hit the "CREATE" button again, hit the back button, and repeat.

14) After this you should be able to go to https://<YOUR-IP-ADDRESS>:2087 and login to WHM.

FINAL NOTES: All from my experience, could be wrong about these. Google Compute Engine doesn't let you use the instance itself to create Nameservers. You can either host the nameservers yourself elsewhere, or you would need to go to Projects-> Your Project-> On the left Navigation bar, under Networking click Cloud DNS - > Create Zone -> Type whatever you want for the name and then type your domain name -> Hit the create button. You can then use the nameservers listed when it asks you to setup nameservers in WHM, and you will also need to change the namservers for your domain name wherever to the ones here wherever you registered the domain. You can then hit add record to create A records for your hostname (the same one you made on step 6: server.your-domain.com) and for the domain name itself.

My issues with using WHM/CPANEL and Compute Engine so far: Google Compute doesn't allow you to send email through their instances, you have to sign up with another service like SendGrid ( https://cloud.google.com/compute/docs/tutorials/sending-mail#postfixcentos ) and here's how to set it up with CPANEL (scroll down to the CPANEL section of this page: https://sendgrid.com/docs/Integrate/Mail_Servers/exim.html ). For FTP accounts: after I make a CPANEL account, if I use CPANEL to make different FTP accounts, the only way I can access it is by using a program like Filezilla, and setting Protocol: FTP, Encryption: Only use plain FTP (insecure), and under Transfer Settings the Transfer Mode has to be set to "Active". If it's not set to insecure (and is instead set to ssl/tls), i haven't been able to get it to work. You also have to make sure that you open port 21 on the firewall for google cloud using the instructions in this post on step 13. 

If I want to make a secure ftp account (SFTP), I have found this can only be done with the primary ftp account for each cpanel login. To do this, you can login to cpanel, click on "SSH Shell Access", Manage SSH Keys, Generate a new key, Create a password then hit "generate key", after it's done hit "go back" button below, under publick keys click "manage authorization",  click Authorize, then click the "go back" button below. Now your key has been created and authorized. The user will need to use the Private key that was created (not the public). So click "View or download" next to the private key and download the file. In Filezilla (for example), you can go to Edit, Settings, SFTP, "add key file", choose the file you just downloaded. It will ask you for the password you made when creating the key, after you enter it, it will ask you to convert it to a version of the key without a password, and then will ask you where you want to save it. It has then been added, I would make sure you hit OKAY and not CANCEL or you it won't save. Then when you go to FTP in with the main user of a domain, choose Protocol: SFTP, type in the user name, and you can leave the password empty. That will allow secure ftp access for only the primary user of each domain. FYI in WHM under FTP configuration somewhere you can set encryption for FTP accounts to DISABLED, OPTIONAL, or REQUIRED. In case you want to do that.

Hope that helps. Have a good one.

[Jon Bunch]

Hi Jason,

I am doing some testing with Google Cloud and WHM/cPanel/Cloudlinux.  

Great write up, thanks for the time and effort.  A few things you might want to add to make this post more complete.

Here is an extensive port list of all services you need to create a firewall rule for. (I/O meaning Incoming/Outbound)  I skipped all the mail ports (since they are blocked) and other random outbounds that don't need a rule.

20	TCP-UDP	I/O-I/O	FTP	File transfers (data port)
21	TCP-UDP	I/O-I/O	FTP	File transfers (control port)
22	TCP	I/O	SSH	ssh, scp copy, sftp
25	TCP	I/O	SMTP	Outgoing email
53	TCP-UDP	I/O-I/O	DNS	Inbound is only needed if you run public DNS server
80	TCP	I/O	HTTP	Web server
110	TCP	I/O	POP3	Incoming email
113	TCP-UDP	O-O	Ident	Client identification
143	TCP	I	IMAP4	Incoming email
443	TCP	I/O	HTTPS	Web server SSL
465	TCP	I	SMTP 	Outgoing email SSL/TLS
587	TCP	I/O	SMTP	Outgoing email
993	TCP	I	IMAP4 	Incoming email SSL
995	TCP	I	POP3	Incoming email SSL
2077	TCP	I	WebDAV	Distributed authoring
2078	TCP	I	WebDAV	Distributed authoring SSL

Also, if you are using this to Trial the 300.00 or 60 days, please be aware that when you use the Console to setup your first VM instance.  The root persistent disk will be only 10GB.  So be sure you create a new disk (to the size you want) and then follow the directions below to resize it properly (if you are usuing CENTOS v6) :  I just made a new disk, then I added the centos v6 image by creating a new VM instance.  Then I cranked it up and installed cPanel/WHM.

https://cloud.google.com/compute/docs/disks/persistent-disks#determine_the_size_of_your_persistent_disk

Use this link for the doco, but scroll down to the part that reads    "Repartitioning a root persistent disk" and take note to the Notes: since they are specific to CentOS 6
I found it much quicker to skip steps 1 and 2 and use the console under Compute>Disks>New Disk to create a standard root perisitent disk at the correct size I needed (150GB) so I could then resize it.

Otherwise, not much to add to your work.  Enjoy.

[Peter Moriarty]

Nice rundown. 

I was able to get cloudlinux working with Cpanel DNSOnly

itGenius Australia | P: 1300 880 025 | www.itGenius.com.au | help@itGenius.com.au

[Thermilate Technologies]

This was really helpful, especially to someone like me. And while certain settings have changed, the overall process is the same.

I just have one question, which I faill to find a proper answer to. During "hostname server.your-domain.com" what do I actually put instead of "server.your-domain.com", or it doesnet matter and I can put whatever. Because I can't connect to anything.

Any help would be appreciated if possible.

[Carlos (Cloud Platform Support)]

According to CPANEL documentation there are some requirements on the hostname.

[Marcus Arseneault]

If your starting from a fresh install you dont need to do install and update httpd or PHP. its now packaged within and will you can dtart with step 7.