Steps for installing the free control panel kloxo on centos

In the past two days, I have done another thing: I have formatted all the servers that have hosted around GB of data in the shujia Baobao road data center in Shanghai for two years, then it is replaced with centos. It is depressing that the technology on the other side says there is no centos latest version. I installed a 5.2 version for me, which eventually caused me to make several mistakes and reinstalled the system twice.

In consideration of the many linux releases, centos is an excellent one because it is based on the original Redhat Linux and is a free version of RHEL (Red Hat Enterprise Linux, now charged, excellent performance, rich documentation and other resources. In terms of resource occupation and ease of use among many panels, kloxo (formerly lxadmin) is undoubtedly the most suitable for beginners of vps, and its basic functions are free of charge, compared with the expensive cpanel panel, it is quite good. The only commercial limitation is that we cannot bind more than 40 domain names. In fact, this is enough for general users. Therefore, the centos + kloxo platform is a good choice for us who do not understand linux systems to build web Services.

The following steps describe how to initialize the settings after obtaining the newly installed server/vps. The following methods are mainly collected from the Internet.

----------- Step 1 -----------

Because the server we get is generally installed with the full version of centos with apache and other components, we need to uninstall the built-in apache and mysql before using the server components that comes with kloxo.

Uninstall Mysql
# Rpm-qa | grep mysql
Mysql-3.23.58-9
Php-mysql-4.3.4-11
Mod_auth_mysql-20030510-4.1
Mysql-server-3.23.58-9
Note: The rpm-qa | grep mysql command is used to list all mysql-related packages and unmount them from the bottom package until the first package is detached.
For example, in this example, we should first uninstall the mysql-server-3.23.58-9 as follows:
Rpm-e mysql-server
(Rpm-e is the command to uninstall the rpm package, followed by the package name, the last version number is not to be played, for example, we next to uninstall the mod_auth_mysql-20030510-4.1 package, the method is as follows:
Rpm-e mod_auth_mysql

Uninstall Apache
# Rpm-qa | grep httpd

Uninstall PHP
# Rpm-qa | grep php

Note: If the package dependency cannot be detached, the system will usually prompt the package dependency, and list the dependent package names. Uninstall the dependent package first. If there is really a package that can not be uninstalled, you can add-nodeps this parameter to uninstall, for example, we unload the php-4.3.4-11, it can not be removed. Use:
Rpm-e php-4.3.4-11-nodeps
The command is tough.

----------- Step 2 -----------

Centos System Security Settings

1. Change the SSH port to over 10000, and the chances of scanning the port may also decrease.
Vi/etc/ssh/ssh_config
Vi/etc/ssh/sshd_config
Then, change the port to the required port number.
Service sshd restart as root

2. delete unused accounts with a bloated system:
Userdel adm
Userdel lp
Userdel sync
Userdel shutdown
Userdel halt
Userdel news
Userdel uuucp
Userdel operator
Userdel games
Userdel gopher
Userdel ftp if you do not allow anonymous FTP, delete this User Account
Groupdel adm
Groupdel lp
Groupdel news
Groupdel uuucp
Groupdel games
Groupdel dip
Groupdel pppusers

3. Add a Common Account and disable remote root logon:
Useradd newuser // Add a new user
Passwd newuser // change the password
Usermod-G10 newuser
Or usermod-G wheel newuser // Add the user to the wheel group and allow the su-command to be elevation to root.
Vi/etc/ssh/sshd_config
Add a row:
PermitRootLogin no // Disable remote root login
Vi/etc/pam. d/su
# Auth required/lib/security/$ ISA/pam_wheel.so use_uid locate this line and remove "#"
Echo "SU_WHEEL_ONLY yes">/etc/login. defs // The preceding command prohibits users not in the wheel group from using the su-command.
Restart sshd service
# Service sshd restart

4. Change the following file permissions so that no one has the permission to change the account:
Chattr + I/etc/passwd
Chattr + I/etc/shadow
Chattr + I/etc/group
Chattr + I/etc/gshadow

5. Edit the "host. conf" file (vi/etc/host. conf) and add the following lines:
Order bind, hosts
Multi on
Nospoof on
Chmod 600/etc/xinetd. conf
Vi/etc/xinetd. conf disables all unnecessary services, such as ftp, telnet, shell, login, exec, talk, ntalk, imap, pop-2, pop-3, finger, and auth, you can also use the setup command to set the service items.
After changing the "inetd. conf" file, do not forget to send a SIGHUP signal to the inetd process:
Killall-HUP xinetd
Chattr + I/etc/xinetd. conf // set inetd. conf to unchangeable. To change the xinetd. conf file, you must first clear the flag that cannot be changed:
Chattr-I/etc/inetd. conf

For server security, you can configure anti-ping:

First use/sbin/ifconfig to view the NIC information and find the NIC name, for example, venet0.
Run
/Sbin/iptables-a output-o venet0-p icmp-j ACCEPT
/Sbin/iptables-a input-I venet0-p icmp-type echo-reply-j ACCEPT
/Sbin/iptables-a input-I venet0-p icmp-type echo-request-j DROP
/Sbin/service iptables save
Click OK and restart.

You can also use MySQLTuner to analyze and optimize MySQL. MySQLTuner is a Perl script used to analyze your MySQL performance and provide optimization suggestions.

Download and execute:
# Wget http://mysqltuner.com/mysqltuner.pl
# Chmod + x mysqltuner. pl
#./Mysqltuner. pl

----------- Step 3 -----------

Install kloxo
Wget http://download.lxlabs.com/download/kloxo/production/kloxo-install-master.sh
Sh./kloxo-install-master.sh

Yum install php-bcmath/* high-precision mathematical operation component, which is not installed by default and used in MD5 operations */
Yum check-update/* check all updates */
Yum update/* update all updates */
Yum clean all/* clear all cached installation files to save space */

After kloxo is installed, you can log on to the web console.
Address: https: // yourdomain: 7777 // * secure connection */
Http: // yourdomain: 7778 // * Common link, commonly used */
Generally, for security reasons, you need to modify the default ports 7777 and 7778 in the panel, and then run the command in ssh:
/Script/restart
Restart the kloxo service to make it take effect.

You can add a website according to the instructions in the panel.