The safety of DCP panels is controversial in the industry, but if we can deploy security after the installation panel and do regular maintenance, the problem should not be very large. In this article, Chiang shares the security settings for installing the WDCP panel and the WDCP panel in the Aliyun server.
First, Aliyun Server installation WDCP panel
A-source code compilation installation (slow)
wget http://dl.wdlinux.cn:5180/lanmp_laster.tar.gz
Tar zxvf lanmp_laster.tar.gz
SH install.sh
If the use of source code installation, we can choose the corresponding needs of the environment, such installation will take up more time, according to our VPS host performance of different lengths, it may take about 20 minutes.
B-Fast RPM package installation
wget http://down.wdlinux.cn/in/lanmp_wdcp_ins.sh
SH lanmp_wdcp_ins.sh
If the RPM is installed faster, it will take only a few minutes to complete. RPM Package Installation support CentOS 5.x/wdlinux_base 5.x/wdos 1.0,centos 6.X, 32-bit, 64-bit support.
WDCP Panel login Address and account
http://ip:8080
User name: admin default password: wdlinux.cn
MySQL default Admin user name: root default password: wdlinux.cn
The default background login is 8080 ports, we can modify the port according to their own needs, after login we want to modify the default password and database password, to ensure the security of the account, while the proposed changes to the default home file.
After logging into the WDCP panel, we can clearly see the very familiar host management, similar to the other virtual host panels we use. We open the site in the background, the database, for a single site set up FTP accounts and so on.
WDCP panel Uninstall and common directory files
SH install.sh Uninstall #源码安装卸载命令
SH lanmp_wdcp_ins.sh Uninstall #RPM卸载命名
/www/wdlinux #所有软件安装目录
/www/wdlinux/nginx/conf/vhost #站点配置文件
/www/wdlinux/apache/conf/vhost #站点配置文件
/WWW/WDLINUX/ETC/MY.CNF #数据库配置文件
/www/wdlinux/mysql/var #数据库数据文件目录
At this point, we are in our own Linux VPS host can be very easy to install the panel, and start to build the site.
From the current version of WDCP began to launch a number of commonly used tool operations, the following sorting down, you need to use the collection do not find again.
#强制设置新的MYSQL密码
sh/www/wdlinux/tools/mysql_root_chg.sh
#检查FTP账户
sh/www/wdlinux/tools/pureftp_conf_check.sh
#权限检查, some of the work may not be useful
sh/www/wdlinux/tools/wdcp_perm_check.sh
#解决 "Unable to connect to MySQL, please check if MySQL is started and the user password is set correctly" issue
sh/www/wdlinux/tools/mysql_wdcp_chg.sh
#重置wdcp后台登录密码
sh/www/wdlinux/tools/wdcp_login_chp.sh
#wdcp后台限制登录IP设置错误重置
sh/www/wdlinux/tools/wdcp_login_cbip.sh
#wdcp后台限制登录错误次数的修复
sh/www/wdlinux/tools/wdcp_cdip.sh
#修改时间和同步时间
sh/www/wdlinux/tools/wdcp_ntp.sh
We need to do a good job of data backup to avoid mistakes.
Need to ensure that our Aliyun server system is CentOS 5.x/wdlinux_base 5.x/wdos 1.0,centos 6.X, 32-bit, 64-bit. After installation we can see the successful interface, and the default landing panel path and username password.
second, the security settings of the WDCP panel
The default WDCP panel is vulnerable and we need to solve the following problems to ensure a certain amount of security.
A-Upgrade Patches
First step, check the WDCP panel version
We login to the WDCP panel background, and then see the Panel front page is not the latest version, and then need to upgrade wdcp_v2.5.11 (20140926).
We can see here that the current WDCP is not the latest version and needs to be upgraded. Originally saw the official said backstage also can upgrade, but the old Chiang really did not find, so with ssh command the latest package to solve.
Step two, upgrade package installation
wget http://down.wdlinux.cn/down/wdcp_v2.5.tar.gz
Tar zxvf wdcp_v2.5.tar.gz-c/
Overwrite the original installation package, but it is best to back up the site data first. If there are WDCP recommendations to upgrade as soon as possible, it is said that users have been damaged.
B-Modify the 8080 default port
First, modify the httpd.conf configuration file
Vi/www/wdlinux/wdapache/conf/httpd.conf
Modify the httpd.conf file, and then find the 8080 port by finding command.
Listen 8080
<virtualhost *:8080>
Change these two 8080 to the port you want, such as 80890, and then save the exit.
Second, start the new set of ports
Iptables-i input-p TCP--dport 80890-j ACCEPT
Start the new set of Port 80890.
Third, save Iptables
Service Iptables Save
Four, restart
Service Wdapache Restart
If still not, then reboot reboot VPS, is generally feasible.
Modify the default 8080 port to another port so that the default login interface is not found when the software scans the WDCP panel.
C-Modify the password and delete the default home page
The default installation WDCP panel password is simple, we need to set up a complex MySQL password and WDCP panel password, preferably a character + number + letter case more than 12 combinations, and preferably a period of time to replace. The default home page needs to be deleted directly with the custom default home page or jump, so that other illegal users do not know the use of a certain panel.
Finally, for VPS security, we need to modify the port and complex root password or with a certificate key login, to some extent, the user of the WDCP panel is still relatively safe.
To summarize, it is easy to Aliyun server to install WDCP panel and set WDCP security configuration. Once we choose to use the Panel management VPs, in ensuring the VPS security premise, panel security is also we need to pay attention to.
Aliyun ECS Upgrade PHP script based on WDCP panel one-click
Although the WDCP panel in the domestic time is also relatively long, but currently for the version and the environment officially is not maintained (in addition to the patch), Our default installation of the Panel environment PHP version is only 5.2, but many of our programs, as well as the previous exposure to the problem of PHP vulnerabilities, we need to upgrade the PHP version, and the official has to provide a certain upgrade methods.
However, if we have a Aliyun ECS server, we will find that unlike other common VPS hosts, including the direct official source installation WDCP panel or the online upgrade of PHP, because the official source of the sources in other overseas servers, Connectivity Aliyun ECS can be problematic (also invalid for DNS modification), resulting in a lot of time being unable to install. Here, the old left in their own this Aliyun ECS, while the PHP upgrade script data source version of the migration to my local, at least I can guarantee that the following my test time, on my machine can complete the upgrade.
First, Aliyun ECS upgrade PHP5.3.17
wget http://soft.laozuo.org/wdcp/php_up53.sh
SH php_up53.sh
Second, Aliyun ECS upgrade PHP5.5.9
wget http://soft.laozuo.org/wdcp/php_up55.sh
SH php_up55.sh
Third, Aliyun ECS upgrade PHP5.6.12
wget http://soft.laozuo.org/wdcp/php_up569.sh
SH php_up569.sh
We can choose the corresponding PHP version of the installation according to the needs of our own projects. If there are no special restrictions, we can upgrade to the current more common stable version of the PHP5.6.12 (previously used 5.6.9), the entire upgrade of the PHP process is a long time to compile, we can wait.
PS: Resolve 512MB Memory "MAKE: * * * * * * ext/fileinfo/libmagic/apprentice.lo" error 1 "wrong problem, here old left has been added to the above package"--disable-fileinfo " Compile the script, so there is no problem with 512MB memory.