cPanel OVZ Server Setup & Migration

Migration or New server setup Procedure: cPanel OVZ servers

For CentOS cPanel migrations and new server setups on OVZ servers, the OS on WHMCS would be:

CentOS-7-cPanel UNL Domains

Before accepting the order, you need to see for which DC customer needs the order. You should ask those who know that (, probably Mike) if in doubt. Most certainly, the order will be in ESR1, i.e., OVZ4. If so, before accepting the order, go to SolusVM > Nodes > List Nodes. Now, may sure that OVZ4 is not locked (No under Locked column), and the rest are locked (Yes). Now, accept the order.

The template corresponding to OS CentOS-7-cPanel UNL Domains is CentOS 7 with cPanel . This is having Apache 2.4 with EasyApache 4 unlike the old template. You can use that one if you need to reinstall. The plan will be automatically selected depending on the order, but make sure that everything is intact, like the number of IPs, RAM, etc. There would be some other services as well, like Spamexperts which should be configured post installation. More on it later. Once the server is created, do a yum update on the server first. Now, login to WHM and do the basic configuration. There are some other configurations to be done. Some of them would be:

• Change the nameservers to custom if need be. Remember to register those nameservers according to the need of the hour.
• Delete the zone server.shane.com (I will create a template with all the custom changes when time permits)
• Go to Basic WebHost Manager® Setup and change The IPv4 address (only one address) to use to set up shared IPv4 virtual hosts to server’s main IP.
• The email address for notifications should not be customer’s. It should belogs@4goodhosting.com for normal customers, andsysadmin@4goodhosting.com and/orsupport@4goodhosting.com for L3 customers.
• Now, go to Service Manager and specify port 27 in the Exim Mail Server (on another port) field.
• If it is an L3 order, install Professional Spam Filter plugin, and
• Login to our SpamExperts panel.
• Under Manage Admins, create a new admin by referring the panel.
• The domain limit should be one. We are configuring this for L3 clients since one domain is covered under Managed Support.
• Click on Professional Spam Filter plugin in WHM and configure it.
• AntiSpam API URL: http:se1v.stopspam.ca
• API hostname: se1v.stopspam.ca
• API username: <The_one_you_configured_under_Manage_Admins>
• API password: <The_one_you_configured_under_Manage_Admins>
• Primary MX: mx10.stopspam.ca
• Secondary MX: mx20.stopspam.ca (Reverse if Toronto server)
• Remember that we are using SpamExperts only for incoming spam.
• For L3 orders and other orders with Enterprise Spam Per Domain Unlimited Emails, enter limits based on that.
• For others, there is no need to install the plugin.
• rDNS should be setup. Please refer wiki page for details.
• Enable CSF after making sure that port 27 and custom SSH port, if any, is added to the port list.
• Set LFD email alerts off in CSF
• Configure maldet and clamav
• Purchase cPanel license from http:manage2.cpanel.net and activate it by running /usr/local/cpanel/cpkeyclt
• If the customer has opted for Outbound Spam Filter, follow the steps to enable MailChannels by referring to MailChannels documentation and any of our shared server setup.
• Make sure that Require clients to connect with SSL or issue the STARTTLS command before they are allowed to authenticate with the server is disabled on Exim Configuration Manager.
• Make sure that Require SSL for cPanel Services is turned off.
• Choose the closest matched domain for which that the system has a valid certificate when redirecting from non-SSL to SSL URLs. Formerly known as "Always redirect to SSL/TLS" should be turned off.
• Require SSL for cPanel Services should be turned off and cPanel PHP loader should be set to ioncube or the one on source server if it is a migration.
• If it is a migration, check if Options for OpenSSL and SSL/TLS Cipher Suite List from Exim Configuration Manager is same as that of the source server.
• Require remote (domain) HELO in Exim Configuration Manager should be switched on.
• For migration, if the source and destination has the same server name, make sure that you copy server's service SSL certificate to the desitnation server, even if it is a cPanel provided one. This will make sure that the migration goes smooth without any downtime caused by polling for certificates.
• If you see the warning that the roundcube database on source server is MySQL one, use the script /usr/local/cpanel/scripts/convert_roundcube_mysql2sqlite on the source server to convert it to SQLITE one prior to migration.
• If SpamExperts plugin is enabled and configured, make sure that the routes are correct in SpamExperts panel, as well, make sure that you can receive mails if DNS propagation issue is out of the way.
• If MailChannels is enabled, make sure that you can send mails.
• Some orders require Patchman to be configured. Mike will specifically say if that is the case.
• Disable Apache Spamassassin