Recently have had to set up a few cPanel servers, and here are some things I ran into while doing so. One isn’t necessarily cPanels fault, but it still took me a long time to find a work around for it :/
Key based login for SSH
Common practice for most cloud provides these days is to give you a VM with password based authentication turned off. That’s cool with me as this is one of the first things I do anyway. Setting up cPanel a breeze. Create a new user, no worries. Create SSH keys and import, easy. Attempt to login server: login limit exceeded for account
Odd.. but let’s turn on verbose.
Ah it’s giving other keys before the one it needs. Let’s add IdentitiesOnly yes to config file
Still not working. Let’s try super verbose. Still no luck. 30 odd minutes of faffing about I decide to check the server logs (Note: check these first, not after)
Ah there is the real problem, server is complaining about permission issues being bad on .ssh folder for user
Chmod that up and fixed!
cPanel and aws ec2
Make sure you check NAT settings! Spun up a fresh VM, added an account but it wouldn’t work! Kept redirecting me to that default “no site here” page. Tried this that and the other, but still not working
Turns out cPanel hadn’t detected the NAT settings properly, so didn’t have the right elastic IP (and in fact had the wrong internal IP) in its settings. To fix run /scripts/build_cpnat
Check (settings -> IP) to make sure it’s all better
Getting custom sites into cPanel
Got a site that was developed by someone else, and from the looks of it was just setup on a LAMP server, nothing special, but had real trouble trying to squash this into cPanel. Site was built on the zend framework and use composer as dependency manager. Now this would have been nice to know before I started
Copy site files into public_html. No thanks. Zend uses another folder public where it stores the index.php etc. That’s cool, let’s just change document root in /var/cPanel/userdata/user/site-name have to do this because there are other folders on the same level as this public folder that it uses
Note
There are other ways around this, using symlinks or htaccess. Probably better practice. But php
Composer and cpanel
The next issue I ran into was getting composer running, to build and make sure dependacies are there. Composer in cPanel? Sure why not
cd to your public dir, or whereever your composer.json file is, wget https://getcomposer.org/download/1.1.1/composer.phar (or lookup the composer site to get the latest, and then php composer.phar install
Surprisingly was as simple as this!
All good? Almost. Get slapped with this error:
ZendMailProtocol_Exception' with message '535 Incorrect authentication data ' in /Zend/Mail/Protocol/Abstract.php:378
Sigh
Turns out Zend doesn’t play ball with exim or any other mail agent you have installed, and tried to send email by itself. So you need to enable (or disable) a setting within cpanel to get it working Probably not the most security best practice setting to be playing with, but I needed to get it working
- Login to WHM
- Under Server Configuration, select Tweak Settings
- Click on the Mail tab
- Scroll down to “Restrict outgoing SMTP to root, exim, and mailman (FKA SMTP Tweak)” and make sure it’s set to “OFF”
- Scroll to the bottom of the page and click Save