linux, apache2 ssl whm cpanel
ssh
https://www.cyberciti.biz/faq/ubuntu-linux-install-openssh-server/
sudo apt-get install openssh-server
sudo systemctl enable ssh
sudo systemctl start ssh
sudo ufw allow ssh
sudo ufw enable
sudo ufw status
apache2 SSL
https://www.digitalocean.com/community/tutorials/how-to-install-the-apache-web-server-on-ubuntu-20-04-id
sudo apt-get update
sudo apt-get install apache2
sudo systemctl enable apache2
sudo systemctl apache ssh
sudo ufw allow apache
sudo ufw enable
sudo ufw statussudo ufw app list
sudo ufw allow ‘Apache’
sudo ufw status
sudo systemctl status apache2
hostname -I
done
sudo mkdir /etc/certificate
cd /etc/certificate
https://www.arubacloud.com/tutorial/how-to-create-a-self-signed-ssl-certificate-on-ubuntu-18-04.aspx
sudo openssl genrsa -aes128 -out private.key 2048
sudo openssl req -new -days 365 -key private.key -out request.csr
sudo openssl x509 -in request.csr -out certificate.crt -req -signkey private.key -days 365
done
cd /etc/apache2/conf-available/
sudo nano ssl-params.conf
// create file BEGIN ——————————————————————–
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLHonorCipherOrder On
Header always set X-Frame-Options DENY
Header always set X-Content-Type-Options nosniff
# Requires Apache >= 2.4
SSLCompression off
SSLUseStapling on
SSLStaplingCache "shmcb:logs/stapling-cache(150000)"
# Requires Apache >= 2.4.11
SSLSessionTickets Off
// create file END ——————————————————————–
sudo nano /etc/apache2/sites-available/default-ssl.conf
// ubah isi file BEGIN —————————————————————
<VirtualHost _default_:443>
ServerAdmin john@mydomain.com
ServerName mydomain.com
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/certificate/certificate.crt
SSLCertificateKeyFile /etc/certificate/private.key
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
</VirtualHost>
</IfModule>
// ubah isi file END —————————————————————
sudo ufw app list
sudo ufw app info “Apache Full”
sudo ufw allow in “Apache Full”
~pi jump here~
sudo a2enmod ssl
sudo a2enmod headers
sudo a2enconf ssl-params
sudo a2ensite default-ssl
sudo apache2ctl configtest
sudo systemctl restart apache2
done
https://www.how2shout.com/linux/how-to-install-whm-cpanel-on-ubuntu-20-04-lts-linux/
sudo nano /etc/hostname
sudo nano /etc/hosts
sudo -i
iptables-save > ~/firewall.rules
systemctl stop firewalld.service
systemctl disable firewalld.service
nano /etc/hostname
nano /etc/hosts
reboot
sudo curl -o latest -L https://securedownloads.cpanel.net/latest && sh latest
IP_address_VPS/whm
cPanel – 2082
cPanel – SSL 2083
WHM – 2086
WHM – SSL 2087
Hence to access WHM in your browser type- your-server-IP-address:2086 in the same way server-IP-address:2082 for CPanel.
apache2 SSL let’s encrypt
sudo apt-get install certbot python3-certbot-apache
sudo nano /etc/apache2/sites-available/default-ssl.conf
// ubah isi file BEGIN —————————————————————
<VirtualHost _default_:443>
ServerAdmin john@mydomain.com
ServerName mydomain.com
ServerAlias www.mydomain.com
// ubah isi file END —————————————————————
sudo apache2ctl configtest
sudo systemctl restart apache2
sudo certbot –apache
sudo systemctl status certbot.timer
next time update certificate:
sudo certbot renew –dry-run
rianto isaac's Weblog 