✅ The Easiest Way to Install cPanel (AlmaLinux 8/9 & CloudLinux 8/9)

By /

A complete 2025 guide tailored for AlmaLinux 8/9 and CloudLinux 8/9, including post-install hardening tips after cPanel installation.

⚙️ System Requirements (Pre-check)

Make sure:

  • You’re running AlmaLinux 8/9 or CloudLinux 8/9
  • Minimum: 2 GB RAM (4 GB+ recommended)
  • Hostname is FQDN (e.g., server1.yourdomain.com)

🔧 Step 1: Prepare the System

Disable NetworkManager (required for cPanel)

systemctl stop NetworkManager.service
systemctl disable NetworkManager.service
yum remove -y NetworkManager

Remove cloud-init (if installed)

yum remove -y cloud-init

📥 Step 2: Install cPanel

Run the following:

cd /home && curl -o latest -L https://securedownloads.cpanel.net/latest && sh latest

This installs the latest version of cPanel/WHM.

🔄 Step 3: Refresh cPanel License (if needed)

/usr/local/cpanel/cpkeyclt

🌐 Step 4: Fix Incorrect Main IP (optional)

If the server’s main IP is incorrect (e.g., after IP change):

nano /var/cpanel/mainip

Replace it with the correct main IP and save.

🔐 Step 5: Post-Install Hardening & Optimization

🧱 1. Enable and Configure CSF Firewall

Install ConfigServer Security & Firewall:

cd /usr/src
wget https://download.configserver.com/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh

Enable testing off:

nano /etc/csf/csf.conf
# Set TESTING = 0

Restart CSF:

csf -r

🔍 2. Install Malware & Rootkit Scanners

Linux Malware Detect (LMD):

cd /usr/local/src
wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
tar -zxvf maldetect-current.tar.gz
cd maldetect-*
./install.sh

Rootkit Hunter (rkhunter):

yum install rkhunter -y
rkhunter --update
rkhunter -c

Chkrootkit:

yum install chkrootkit -y
chkrootkit

🛡️ 3. Enable cPanel Security Features

Login to WHM and go to:

WHM > Tweak Settings

  • Require SSL = On
  • Hide login password from CGI scripts = On
  • Track email origin via X-Source headers = On
  • Prevent “nobody” from sending mail = On
  • Initial default/catch-all forwarder destination = Fail
  • Enable SPF and DKIM for new accounts = On

To retroactively apply SPF/DKIM:

for user in `ls -A /var/cpanel/users` ; do
/usr/local/cpanel/bin/dkim_keys_install $user &&
/usr/local/cpanel/bin/spf_installer $user ; done

🧠 4. Enable cPanel Auto-Updates

WHM > Update Preferences

Enable automatic nightly updates for:

  • OS Packages
  • cPanel
  • Apache/PHP via EasyApache 4

🔒 5. Harden PHP

Disable dangerous PHP functions:

WHM > MultiPHP INI Editor > Editor Mode

disable_functions = system, exec, shell_exec, passthru, proc_open, popen

🛠️ 6. Install Imunify360 (Recommended for CloudLinux)

wget https://repo.imunify360.cloudlinux.com/defence360/i360deploy.sh
bash i360deploy.sh

Once installed, open WHM > Imunify360 and enable:

  • Malware scanning
  • Proactive Defense
  • Enhanced DOS Protection:
imunify360-agent config update '{"ENHANCED_DOS":{"enabled":true}}'

🧼 7. Clean Up Installation Files

rm -f /home/latest

✅ Final Notes

After installation, access WHM at:

https://your-server-ip:2087

Log in using root and your root password.

Scroll to Top