Thank you qtwrk, I was able to successfully install Cyberpanel on a fresh VPS instance at Vultr after manually installing OpenLightSpeed. Although it finished installing I did still get this last error:
Job for lshttpd.service failed because a timeout was exceeded.
See “systemctl status lshttpd.service” and “journalctl -xe” for details.
I don’t know if this is related, but I am not able to create a website from the Cyberpanel dashboard. The process doesn’t even start and I just get a completely blank error message. These are the settings I used:
Select Package - Default
Select Owner - admin
Domain Name - mysite.com
Email - [email protected]
Select PHP - 7.3
Additional Features - I tried both with and without SSL selected
Another possible culprit may be related to this message that I got upon the successful installation of Cyberpanel:
If your provider has a network-level firewall
Please make sure you have opened following port for both in/out:
TCP: 8090 for CyberPanel
TCP: 80, TCP: 443 and UDP: 443 for webserver
TCP: 21 and TCP: 40110-40210 for FTP
TCP: 25, TCP: 587, TCP: 465, TCP: 110, TCP: 143 and TCP: 993 for mail service
TCP: 53 and UDP: 53 for DNS service
Since it’s a fresh Ubuntu 18.04 install, I haven’t changed anything on the server, but I know IPV6 is set to “yes” by default in /etc/default/ufw. Is it advisable to enable UFW and manually enable these ports for incoming and outgoing? (Again, I don’t know what, if any, default firewall settings are in Ubuntu 18.04 or if this is the cause of not being able to create a new website.
Lastly, I’m just learning Ubuntu (and switching from nginx to lightspeed right after taking an nginx class) so I would really appreciate it if you could tell me if it is still okay to follow best practices that I’ve learned when first installing Ubuntu 18.04:
- change root password
- add new user with root privileges
- prevent logins of root user
- generate a public/private key authentication for the new user
- then prevent direct login of that user using the password (create a config file to set an ssh alias)
- enable Uncomplicated firewall (UFW), disable IPV6, open all outgoing ports, only allow incoming ports 22, 80, and 443 (plus the above that Cyberpanel installation recommends).
- Install and enable Fail2Ban to prevent brute force attacks, add the user to adm group for /var/logs/ to view the logs, make a copy of jail file as jail.local but leave the default jail configuration as-is.
I’m asking this because I don’t want to break either OpenLightSpeed or Cyberpanel now that it is installed but it still does not work correctly and I’m very determined to get it to work. I’ve created snapshots of the server for each advancement that I’m making. If you can, please advise whether or not you would recommend these settings, and in the case that you would not, if there are more appropriate alternatives or if nothing is actually required, as well as if there are other, separate, recommendations that you would suggest in addition to these.
Thank You!
Brandon