You are on page 1of 20

1.

How To Install
1.1. What ZPanel Installs & Versions
ZPanel installs the following packages on your server that are pre-configured to work
exclusively with ZPanel:
NOTE: NONE of these (or similar) services can exist on your server BEFORE installing
ZPanel! ZPanel installs EVERYTHING you need to get up and running!
NOTE2: ZPanel DOES NOT use or work with Nginx! You can try if you want, but we do
not support it!

All OS:

ZPanel - (Current Version)


MySql -5.5.29
Apache - 2.4.3
PHP -5.3.20
Bind - 9.9.2-P1
phpMyAdmin - 3.5.8.1 *
RoundCube - 0.9.2 *

Ubuntu, CentOS:
Dovecot - 2.0.9
Postfix - 2.6.6
proFTPd - 1.3.3g

Windows:
hMail Server (Windows) - 5.3.3-B1879 *
FileZilla Server (Windows) - 0.9.4.1 beta *

1.2. Installing ZPanel


Before installing ZPanel you NEED to ensure the following requirements are all OK:
NOTICE: We only support default installs of ZPanel (the way it is installed by the
official installers). The main reason for this is that when we roll out the next update,
everything will go smoothly. If you customize your install, the chances of your
ZPanel failing are increased because you have changed things.
NOTICE: Currently you can NOT re-install ZPanel over an existing installation to
try and fix errors! You can only update. (Although, we are working on new installers
that will be able to install, update and repair ZPanel.)
NOTICE: ZPanel DOES NOT use or work with Nginx! You can try if you want, but we
do not support it!

Fresh install of the OS with minimal options. (The installers will install everything you
need to run a server!)
The following modules MUST NOT be installed on your server:
MySql
Apache
Bind
Dovecot (Ubuntu, CentOS)
Postfix (Ubuntu, CentOS)
proFTPd (Ubuntu, CentOS)
hMail Server (Windows)
FileZilla Server (Windows)
IIS (Windows)

Officially Supported OSes


Officially supported installers are available for Ubuntu 12.04 LTS, CentOS 6.4 and
Windows in our ZPanelX Guides & How-To forum section.

Other Unsupported OSes


Ubuntu 12.04 LTS based
These OSes are unsupported (which means that they can't be labeled as "official" but still
work with ZPanel)

Lubuntu 12.04 LTS


Xubuntu 12.04 LTS
Mythbuntu 12.04 LTS
Zorin OS Core 6
Anything based on Ubuntu 12.04 LTS

CentOS 6.4 Based


These OSes are unsupported (which means that they can't be labeled as "official" but still
work with ZPanel)
Scientific Linux
Anything that uses the CentOS 6.X repositories.
RedHat 6.X (with a lot of reconfiguration)

Detailed pre-installation check:


Fully read this BEFORE attempting to install Zpanel!
If you don't follow the install instructions and fully follow the pre-install checklist,
then your install is considered 'custom' and your support from our staff will be very
limited until you properly install ZPanel.

ZPanel is designed and developed to be as simple as possible to be installed and set-up


provided you pay attention to the installation details!
We suggest you read everything twice! Both in this brief pre-install guide AND during
the actual installation.
ZPanel installation checklist: (ALL items must be completed in order to even THINK
about trying to installing ZPanel!)
1. You MUST have a CLEAN, FRESH install of Windows (any version XP and
above) or a Linux/FreeBSD (Ubuntu, CentOS, etc) installed on your server computer.
NO OTHER WEB HOSTING RELATED SERVICES CAN BE INSTALLED ON
THE SERVER AT ALL! (Examples: IIS, Nginx, MySQL, Apache, PHP, FTP
Server, Mail Server, etc.) They MUST BE REMOVED or use the 'minimal install'
before installing ZPanel!
2. You MUST have a domain name registered and pointing to your server
computer IP. (Just using an IP will not work properly and you will have to start from
scratch!) (You can get a free domain or purchase a domain from sites like
GoDaddy.com). A reduced functions set can be tested without domainname, see How
to check server without DNS
3. ZPanel should be installed and setup on a SUB-DOMAIN of your main domain:
During installation you will be asked to enter an FQDN. This is the sub-domain
zpanel is to be installed on. Examples: zpanel.domain.com, cp.domain.com,
panel.domain.com, etc.
4. You MUST have opened and forwared the requireds ports in your modem or
router, and on the server firewall. See the list of required ports here.
Once the above are ALL completed, you may begin to install ZPanel on your server.
NOTE: There are IMPORTANT questions during the install process! Please read them
carefully as they are crucial to the proper installation and operation of ZPanel One of
them being the setup of the ZPanel sub domain! See also About Installer questions for
axplanations about them
If you don't follow the install instructions and fully follow the pre-install checklist, then
your install is considered 'custom' and your support from our staff will be very limited
until you properly install ZPanel.
If you do not understand any of the terms or steps mentioned above, we suggest you do
some reading and studying of web servers and web hosting BEFORE attempting to
install ZPanel.

1.3. Third party modules


Out of the box, ZPanel comes with more than 20 core modules which provide the most
common functionality that can be found is various web hosting control panels.
However sometimes you may wish to extend your web hosting control panel to provide
additional functionality of which we either have not yet implemented as part of the core
or feel is beyond the scope of the project.

These modules have been created by some Members of the ZPanel community and was
pushed in the forum to share.
They are not supported by ZPanel team and you may use them at your own risk.
Always read carefully their documentation (from the post linked to in the forum)
before installing. These modules may have multiple steps to install and may interact
each others.
Thank you to all module developers and maintainers.
How to install a module
List of all modules
See also http://modules.zpanelcp.com. It is the public module repository that would take
precedence over the list above as soon as all author would have registered their modules
in it..

2. Configuration & How-tos


2.1. Setting up your firewall
ZPanel does not setup any firewall to leave you the choice to select which you want and
because it is far different under Linux and Windows.
You have to open these ports to enable the default configuration of ZPanel to work:

20 & 21 : FTP
25 (TCP) : SMTP
53 (TCP & UDP) : DNS
80 (TCP & UDP) : HTTP
110 : POP3
143 : IMAP

Optional:
If you have already setup (or will setup soon) SSL, you have to open also:
443 : HTTPS

2.2. Setting up DNS


You need first to understand basis about how works DNS and name server. Else go
directly to Choosing between...
Brief introduction to DNS
How works DNS and which are the relations between subdomains, DNS and virtual hosts
?

All clients applications (browser, ftp, game, mail, etc.) that want to query a server works
the same way:
1) How the client find you server IP from its name (IP from name) -> handled by DNS
server.
Requests can be sent only to an IP. When a client knows only the domain name of the
server, it have to find the IP corresponding.
It sends the target domain (or sub domain) name to a DNS server --> DNS server
responds the IP --> Client receive the IP.
For this step, nothing about target port or service is mentionned ; the DNS server does
not know anything about them.
2) How a server know for which service is a request -> handled by port affectation
The client send a request to the IP + Port --> inside the server at IP, the service that listen
the Port tries to handle the request from what it is supposed to contain.
For this step, only the IP is used, the target domain name is not involved. The request
may contain a domain name, like with HTTP, but it is INSIDE the request and has
nothing to do about how the request is transported. It is not the same OSI layer.
Some ports have standardized number : 80 for website, 21 for ftp, 25565 for minecraft
server, etc., but you can define another port number, until the client knows it.
The most often, both client and server application enable to change used port through a
config file. Changing port number from "standard" is also an easy protection against
hacks when you are sharing a service only with people whom you can tell the port
number to use.
3) How a service knows for which virtual host the request is -> handled by the
protocol.
This apply only if the service handles multiple "virtual hosts". It may also use a domain
name (usually the same than point 1) but here it have absolutely not any relation with
DNS. Some examples:
for websites (http, https), the request header sent by the browser contains the

domain name to serve. It is stripped by the web server (ie apache) to select the
"virtual host"
for ftp, ssh, the user name is used to select the user directory ("virtual directory")
for minecraft, a server handle only one world, there are not any "virtual host"
(virtual worlds).
Some servers (like Apache) can listen multiple ports to handle multiple vitual hosts
selected from port rather than from domain name, but it is not often used (example : used
on Synology NAS, each virtual host is acceeded by NasIP:Port).
When a service does not handle multiple virtual hosts, it would be possible to launch
many instances of the same service on single server, each working with a separate setup

and listening a separate port. It would work, but would also multiply the load of the
server and the amount of RAM used.
=> DNS server have ONLY to respond to requests "What is IP for a domain name"
and it is responding only an IP. (For the scope of this tuto. A DNS server have also to
synchronize to redondant servers, to maintain name caching and many other functions to
work properly, but it is another story)
=> Domain name is used for both IP query and Virtual Host selection but these are
two independant processes.
It is MANDATORY to setup BOTH DNS nameserver AND web service for each new
domain or sub-domain handled by the server.
- DNS nameserver is setup by registrar panel or ZPanel DNS Manager module,
depending of configuration choosen (see Choosing between... ),
- Web service is setup by ZPanel Domains or Sub-Domains module.
Note about TTL (Time To Live):
TTL is the period in seconds during which each DNS server around the world will
maintain its own copies of your records in its cache. After a first DNS request, all node of
the internet will not read again your domain nameserver until its cache expired.
Set it shorter (ie 1 hour) if you plan to change some DNS settings, set it longer (usualy a 4
to 48 hours) to lighten the load of all nemeserver and proxies around the world, and to
speedup your domain access time.
After a changing some settup of a domain, you can follow the propagation in the world
DNS servers on that page http://www.whatsmydns.net
WARNING :
each change done to a nameserver needs time to be propagated to all nameservers

around the world.


NEVER apply changes about which you are not sure they are correct. Check

them 2 times, and then 1 time again !

2.2.1. Must I use my registrar nameserver or must I host myself my own


nameserver ?
If you are beginner in DNS management, and until you really require to host your own
name server (in example to enable clients to manage their domain from your server),
while your registrar provide you a nameserver prefer to use it. It will save you many
time and possible problems.

Using your registrar nameserver advantages:


Your registrar have many redundant nameservers with differents IP (at least 2

are mandatory)
Your registrar may implement protections against config errors, provide multiple

zonefiles, pending configs, check before applying etc...


Your registrar nameservers have setup securities against DNS attacks
You can stop dns service from your server, freeing memory and resources
You already payed your registrar for this service (!)
Maintening your own nameservers advantage:
You can manage all the domains hosted on your server from a single common

interface (ZPanel DNS management)


=> If you are hosting only 1 domain on your server, use your registrar or hosting name
server. You will have only one user interface to learn, those of your registrar.
=> If you are hosting many domains on your server, registered from many different
registrar, hosting your nameserver will enable you to manage all domains in the same
user interface (zpanel), but it suppose you have knowledge enough to handle perfectly
all DNS requirements (2 servers, etc...) and settings. On another hand, continuing to use
registrars name servers may not be very boring and is a security.
=> If you are renting some host space on your server (resellers, clients) you will have to
manage your own nameserverS, and your are responsible in regard of yourself and in
regard of all the clients that you host : nameservers working and configuration,
conformity (at last 2 servers with differents IP), protection against DNS attacks (DNS
spoofing, etc. ), mirroring and redondancy....
Even if a single nameserver without redondancy (and not conform to IANA requirements)
may work, ZPanel do not advice or approve building such uncompliant nameserver.

2.2.2. Setting up your domain DNS with your registrar nameserver


To use your registrar (or hosting provider) nameservers, DO NOT change the
nameservers in your registrar DNS management tool. They MUST remain with ns1.yourregistrar.domain, ns2.your-registrar.domain, etc... Change only the "Zonefile" records
content.
While you are using your registrar nameservers, you can stop the dns service (bind9) and
close port 53. You can also disable the DNS config plugin from Admin / Module Admin.
You will still need to create the domains under Domain Management / Domains in order
for Apache to be configured correctly with the virtualhost settings and to be able to create
new mailboxes for that domain. However, you do not need to create a DNS records (A,
CNAME, MX etc.) under the DNS Manager in ZPanel.

2.2.2.1. Domain bought from registrar


When you bought your domain from a registrar, it will more often give you a nameserver
configured by default to resolve your main domain to some parking servers or to its own
default servers for email, blog, etc. You will have to setup both your main domain and
your ZPanel subdomain (and any subdomain you want to use). You have to login on its
nameserver management and then setup IP of your server
1) Setup the main domain A or AAAA master record (use A record if your server have an
IPv4, else use AAAA record for IpV6). Ensure that there is only ONE master record, the
most often named "@" that point to your server IP.
2) Setup the ZPanel subdomain you given while installing ZPanel at FQDN question.
Usually, this subdomain is setup as an alias with a CNAME record that redirect to @
record or to you master domainname record. But you can also create a A or AAAA record
for it.
3) Check that all other subdomains already present (always : www, the most often : ftp,
mail, smtp, webmail, blog, etc. )
-> If you will host the same service, check that the subdomains points to your server
(with CNAME @, CNAME masterdomain or A/AAAA IP).
-> if you want to use your registrar service (some provide blog, etc tools) leave it pointing
to your registrar servers,
-> else if you do not want the subdomain to be reachable delete the record. (By default, a
subdomain present on your name server but not created on your server will display the
ZPanel login page)
WARNING : avoid using the wildcard subdomain " * " unless you really know what you
are doing. This is out of the matter of this little tuto.
After changing some DNS, let enough time for DNS propagation or use popagation test
tool. More Info here.

2.2.2.2. Domain bought from server hosting


If you bough your domain name from your server hosting provider, it generally have
already configured the DNS server that resolve your domain with the right IP and default
subdomain (step A -1 above).
You will have only to create the subdomain corresponding to your ZPanel access (step A2 above), and check that other subdomains are ok (Step A-3 above)

2.2.3. Setting up your own nameserver, hosted on your server


To use your own nameservers you have to:
define it in ZPanel
change your registrar's information for the domain(s)
setup the glue records (always in your registrar's tools)

Warning :
To be compliant with IANA name server requirements, you MUST have at least 2
redondant name-servers with two differents IPs. (see below for more info)
If you own only one server, you cannot build a compliant name server and you will do it
at your own risk.
ZPanel does not advise or approve building uncompliant nameservers.

2.2.3.1. Setting up your nameserver(s) :


Once you are logged in to the ZPanel interface for your server:
o

go to Domain>Domains and ensure your root domain (yourdomain.tld) is added. If


not, add it.

go to Domain>DNS Manager and select your root domain from the drop down box,
then click on "Select". If there is "No records were found ..." create the default
records with the button "Create Records". The default records are now created for
that domain.
tab "NS": 2 nameserver records @ pointing at ns1.yourdomain.tld and

ns2.yourdomain.tld
tab "A": 4 records, all pointing at your hosts IP for @, mail, ns1 and ns2
tab "CNAME": 2 records ftp and www, all pointing to your hosts IP using @
tab "MX: 1 record (priorty 10) pointing at mail.yourdomain.tld

If your server uses IPv6 instead of IPv4, you have to replace the IPv4 records in tab "A"
by using the same records (except IPv6 value) in tab "AAAA" and to remove "A"
records.
(NOTE: you are strongly advised to create an spf record manually, see also Online tools
to check anything, "To setup and test SPF record").
The mandatory records to act as nameservers are the two ns1 and ns2 "A" (or "AAAA")
records, plus both "NS" records.
Ensure that port 53 is open on your server, else Bind will never receive any request!
You can check it with Port forwarding tester

2.2.3.2. Setting up your registrar's name server pointers.


Login to your registrar domain handling tool pages.
1) Find the page which shows the "nameservers" list for your domain, something like:
DNS1: a.dns.gandi.net
DNS2: b.dns.gandi.net

DNS3: c.dns.gandi.net

(this list was gathered from gandi.net registrar manager. ZPanel has no special
agreement with Gandi).
Enter the page or form that enable you to change this list content and replace the server
list by your nameservers URLs :
ns1.yourdomain.tld
ns2.yourdomain.tld (at last two different are mandatory)
[ns3.yourdomain.tld] (... if you have more redundant servers)

2) Enter the page that enables you to chage the "Glue records". For each nameserver
(ns1, ns2) enter its name and IP as required on the form.
Glue record entries are MANDATORY when the subdomain used for a nameserver is
inside the same domain that the nemaserver resolves itself.
Example :
o

You want to use the subdomain ns1.yourdomain.tld for the main name server that
resolves your domain yourdomain.tld.

Imagine the dialog between an application that want to access to yourdomain.tld and
the nameservers:
What is the IP address for yourdomain.tld ? -> I do not know, ask to the name

server that handles yourdomain.tld


What is the name server for yourdomain.tld? -> It is ns1.yourdomain.tld
What is the IP address of ns1.yourdomain.tld? -> I don't know, ask to its parent

name server (which resolves subdomains of yourdomain.tld)


What is the name server for yourdomain.tld?
o

=> Glue record is mandatory to break the self resolving loop:


What is the IP address of ns1.yourdomain.tld? -> I have glue record, it is [IP

address]

3) Wait for propagation to complete. (Can take up to 48 hours.)


See also Setting up DNS and Online tools to check anything

NOTICE - why redundant nameservers are important:


A normal query to resolve a domain (request for IP from domain name) is normally
handled in a few milliseconds.

When a name server is down, it requires all servers along the chain in the internet to wait
until a final time-out occurs (usualy between 2 000 to 15 000 milliseconds), which locks
ram and processes during this time. And this state is propagated all around the world.
Using the same computer to host both primary and secondary nameservers (per example
with a virtual server hosted on the same computer in order to have another IP) does not
offer any redundancy: if the the computer is halted, both nameservers will be down at the
same time and all requests to resolve all the domains that they host will fail in timeout.
So, setting your system up this way is only cheating. And worse, on the computer side,
an extra VPS adds a significant load for a task that is completely useless.
Currently, the IANA only requires that a nameserver have redundancy, but does not
penalizes nameservers that are not redundant (yet).
Due to the number of newbie servers and nameservers exploding across the web. It is
possible that the IANA may choose one day to ban nameservers that are the source of too
many problems (Down time, connection loss, etc.).
So, each nameserver owner must be 100% RESPONSIBLE for their servers and
nameservers... and do the best they can to ensure that the resolution of a domain is always
a success (and is correct), because it impacts not only his website and domains, but also
the whole World Wide Web.
Cheating cannot be a solution. Hosting a world wide public server, selling hosting space,
and more, nameservers, is NOT a game!

2.3. How to check your server without DNS


You may want to test a domain or website that you have setup in ZPanel without having
any nameserver pointing on it.
Solution : setup the hosts file of the computer used to browse the domain as following:

2.3.1. With windows (32 or 64):


Your hosts file is C:\Windows\System32\drivers\etc\hosts
Open it with a text editor (ie Notepad) and add at its bottom a new line with the IP of your
server and the domain name hosted on it separated by some spaces or tab. In example :

200.201.202.203 my.sub.domain.com

As soon as you have saved the file, you can open (or close and re-open) your browser and
use it to browse for that domain with its url like http://my.sub.domain.com with the
example above. It does even not need to restart windows.

2.3.2. With Ubuntu or CentOs:


Your hosts file is /etc/hosts
Use the same explanations as above for windows.

2.3.3. Note for local server:


If your server is installed on the same local network that the computer used to browse it
(ie : another computer at home), you have to use its local IP in the hosts file (often like
192.168.xx.xx).
If the server is on the same computer which is used to browse, use IP 127.0.0.1 (local
loop)
Remember that a computer can NEVER reach a server which is on the same side of a
router with its external IP. It induces you cannot use a public nameserver to reach such
server because the nameserver will always return the external IP.
In such case, the only solution to test a public DNS is to use a public proxy that will relay
all requests, from outside.
Warnings:
Do not forget to remove the line from hosts file when you are terminated ! Else you
browser would never use the DNS that would remain bypassed !

2.4. Setting subdomain without domain


2.4.1. subdomain only:
If you have to host only 1 subdomain for a domain not present on your server, you can
setup directly the whole domain path as "main domain".
Example:
- You want to host wiki.adomain.com but you does not handle adomain.com owned by a
friend (who setup its DNS to point your server for the subdomain "wiki")
==> create wiki.adomain.com as domain in zPanel, not as subdomain.

2.4.2. subdomains and more:


If you have to host more than 1 subdomain for a domain not present on your server, you
have to add the root domain in the "shared domain" list (zPanel -> Admin -> Module
Admin -> Apache Config -> "Shared Domains" input box). But note that all zpanel
accounts will be able to create subdomains of "shared domains".

Example:
- You want to host wiki.adomain.com AND docu.adomain.com but you does not handle
adomain.com ... (etc)
==> add "adomain" (without ".com") in the "shared domains" list and then create both
wiki.adomain.com and docu.adomain.com as domain (not subdomain).

2.5. Customizing default DNS


WARNING : NOT FOR BEGINNERS
Since version 10.1.1 ZPanel include a first step to enable to customize default DNS that
are created when you run ZPanel DNS Manager for the first time on a new
domain.Obviously, it works ONLY when you are hosting your nameservers within
ZPanel.
a. Run phpMyAdmin, login as root, open the database zpanel_core.
b. If you want to change default dns records only for a specific user, open the table
x_accounts, search this user and note his UserID from column ac_id_pk.
c. Go to table x_dns_create. It contains all "templates" for default DNS records to be
created, one row per record. Add the new records that you want.
Short rules:
If a user have one or more rows dedicated to him (with dc_acc_fk =UserID),
only these rows are used to create his news DNS records,
else all "default" rows with dc_acc_fk = 0 are used.
(This enable to replace default records by some new others for any user, as to add
new records),
in the colum corresponding to "target" field (dc_target_vc), the token :IP: will
be replaced by server IP and the token :DOMAIN: will be replaced by the
domain name which is to be created.
-> If you want to add new default record for all users that do not have personal
template record, insert new rows with dc_acc_fk = 0.
Fill all required columns depending of the record you want to setup. Look for columns
required in ZPanel DNS_Manager, or look in already defined rows.
-> if you want to change default records only for a specific user:
- DUPLICATE all default rows you want to maintain, while changing dc_acc_fk from 0
to UserID, per example by running this SQL query in the phpmyadmin sql box:
INSERT x_dns_create (dc_acc_fk, dc_type_vc, dc_host_vc, dc_ttl_in,
dc_target_vc, dc_priority_in, dc_weight_in, dc_port_in) SELECT UserID,
dc_type_vc, dc_host_vc, dc_ttl_in, dc_target_vc, dc_priority_in,
dc_weight_in, dc_port_in FROM x_dns_create WHERE dc_acc_fk=0;

(Do not forget to replace UserID by its value!)


- Add new rows with dc_acc_fk = UserID

2.6. Change ZPanel sub-domain


You may want to change ZPanel sub-domain if you installed ZPanel without subdomain
(usual error) or if, for any reason, you want to change the subdomain name.
This is an easy way from SSH console or local console.

2.6.1. Login to your console


2.6.2. Change zpanel subdomain
setso --set zpanel_domain new_zpanel_fulldomain

Notes:
replace new_zpanel_fulldomain by the FQDN that you want to use to access zpanel

(only), something like mypanel.example.com


It MUST NOT be your base "public" domain (example.com in the example above).
The subdomain you will use (mypanel in the example above) MUST also be setup in

your DNS name-server !


See also Setting up DNS ...

2.6.3. Tells ZPanel daemon that the vhost file must be rewriten
setso --set apache_changed true

2.6.4. Wait until ZPanel daemon run (each 5 min)


It is NOT ADVIDSED, but if you are really too much impatient (and if you understand
what it implies) you can run the daemon manually with:
Linux php /etc/zpanel/panel/bin/daemon.php
Windows: php c:\zpanel\panel\bin\daemon.php

2.7. How to install SSL for your OS distribution


Installing SSL is quite different depending on OS target and targeted domains.
All OS distributions need to have OpenSSL installed and mod_ssl enabled in Apache.
Please carefully read through all the documentation for your OS distribution BEFORE
attempting to enable SSL on your server.

2.7.1. To create a self-signed SSL certificate in Ubuntu 12.04 LTS


Login to a terminal as the root user
sudo -i

Install OpenSSL
apt-get install openssl

Create a directory for your certificates


mkdir /etc/apache2/ssl/

Create the certificates


openssl req -x509 -nodes -days 365 -newkey rsa:2048 -out
/etc/apache2/ssl/zpanel.crt -keyout /etc/apache2/ssl/zpanel.key

Fill in all the information that is needed when prompted.


Then follow the installation instructions.
(do not forget to come back to user level with exit)

2.7.2. To create a self-signed SSL certificate in CentOS 6.X


login to a terminal as the root user
Install OpenSSL
yum install mod_ssl openssl

Create the certificates


openssl req -x509 -nodes -days 365 -newkey rsa:2048 -out
/etc/pki/tls/certs/zpanel.crt -keyout /etc/pki/tls/certs/zpanel.key

Fill in all the information that is needed when prompted.


Then follow the installation instructions.

2.7.3. To create a self-signed SSL certificate in Windows


Download & Install OpenSSL
wget http://slproweb.com/download/Win32OpenSSL_Light-1_0_1e.exe -P
C:\zpanel
C:\zpanel\Win32OpenSSL_Light-1_0_1e.exe /DIR="C:\zpanel\bin\openssl"
/VERYSILENT
del C:\zpanel\Win32OpenSSL_Light-1_0_1e.exe

Create a directory for your certificates

mkdir C:\zpanel\bin\apache\conf\ssl\

Create the certificates


set OPENSSL_CONF=C:\zpanel\bin\openssl\bin\openssl.cfg
cd C:\zpanel\bin\openssl\bin
openssl.exe req -x509 -nodes -days 365 -newkey rsa:2048 -out
C:\zpanel\bin\apache\conf\ssl\zpanel.crt -keyout
C:\zpanel\bin\apache\conf\ssl\zpanel.key

Fill in all the information that is needed when prompted.


Then follow the installation instructions.
Prepare a purchased SSL certificate for server installation.
Download your files from your place of purchase to your computer.
You should receive 3 files ..........
AddTrustExternalCARoot.crt
PositiveSSLCA2.crt

&
domain_com.crt

Open a text editor of your choice and copy the code from AddTrustExternalCARoot.crt
followed by the code from PositiveSSLCA2.crt in that order.
Save the file and name it domain_com.ca-bundle.crt
You will also need to download the domain_com.csr file from your place of purchase.
Then follow the installation instructions.

2.7.4. To purchase granted SSL Certificates


GoDaddy
Go Get SSL
StartCom
Or try Google.

2.7.5. To obtain a free certificate


Start SSL

2.8. Importing mail from another server


- For Ubuntu and CentOs 1) Ensure that the new mailbox is provisioned with enough space to hold all of the old
email. By default emails in ZPanel are only allotted 200MB. To allow more space for all
email account navigate through menu as such Admin -> Module Admin -> Mail Config
and change the "Max Mailbox Size" to your liking.
2) Install imapsync :
Centos: yum install -y imapsync
Ubuntu: apt-get install -y imapsync

3) use this command


imapsync --host1 mail.domain1.tld --user1 john@domain.tld --password1
thepassword --host2 mail.domain2.tld --user2 john@domain.tld --password2
thepassword

where :
--host1 argument specifies the old mail server FQDN
--user1 argument specifies the old email found on the old email server
--password1 argument specifies the password for the old email account
--host2 argument specifies the new mail server FQDN
--user2 argument specifies the new email found on the new email server
--password2 argument specifies the password for the new email account

2.9. Changing SSH port


2.9.1. Changing SSH Port is often recommended, in order to hide it from
simple scan
Prerequisite : choose a new port number that is currenlty not used on your server. Prefers
an unusual port number rarely used, or used for another function that you do not use and
do not plan to use. Wikipedia give a list of TCP/UDP ports.
Check that it is free on your server with any port checker from the internet, like
http://www.yougetsignal.com/tools/open-ports/
I will name it xxx below.

2.9.2. For Ubuntu 12.04


1) Open the port you will use in the server firewall
sudo ufw allow xxx

2) Edit /etc/ssh/sshd_config, search for the line "Port 22" and change it to Port xxx. Save
and quit.

Alternate method: copy and paste this command-line


find '/etc/ssh' -name 'sshd_config' | xargs -d "\n" perl -pi -e 's|
#Port 22|Port xxx|g'

3) Restart sshd service :


sudo service ssh restart

4) Open a new connection using the new ssh port to ensure it works : the current port in
use will become blocked after 5)
5) Close the port 22 that is no longer in use
sudo ufw deny 22

You might also like