How to Install Control Web Panel

Install CWP Web Panel - Linux Server Administration Tool

Control Web Panel (CWP) is a free server administration tool for Enterprise Linux-based distributions. A mature cPanel replacement, formerly known as CentOS Web Panel, CWP has the ability to manage everything you’d need within a cloud server:

  • DNS
  • PHP
  • Email
  • Domains
  • SQL databases
  • Raw system files
  • Web server configuration

There’s also CWPpro, a premium version with additional features. However, all of those features can easily be replicated with native or third party software.

Install Control Web Panel (CWP)

CWP is available for CentOS, Rocky, Oracle, and AlmaLinux distributions. Log into SSH as root.

  1. Install EPEL:
    yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
  2. Update YUM:
    yum -y update
    This may take a few minutes.
  3. Restart your server to apply updates:
    reboot
  4. Login again and navigate to your “/local” directory instead of using your user directory to download CWP:
    cd /usr/local/src
  5. Download the latest CWP package:
    wget http://centos-webpanel.com/cwp-el8-latest
  6. Install CWP:
    sh cwp-el8-latest
    This will take a few minutes as it compiles Apache and PHP from source code. Once the installation completes you’ll see your login credentials and URLs: http://YourServerIP:2030 (no valid SSL certificate) or https://199.223.115.22:2031 (with SSL). The MailServer info will state the self-signed SSL cert file location. You’ll need to save the root MySQL password in a password manager.
  7. Restart the system:
    reboot

Log into Control Web Panel

Log into Control Web Panel (CWP): https://YourServerIP:2031 or https://YourHostname.com:2031. Login as the root user. If the root user doesn’t have a password already, create one with the “passwd” command.

CWP admin login prompt

At the top you’ll see recommendations to set up email notifications and change your SSH port number

Control Web Panel (CWP) dashboard

Getting Started with Control Web Panel

On the bottom right you may see security tips to set up ModSecurity and ConfigServer Security & Firewall (CSF) + Login Failure Daemon (LFD). Below we’ll cover how to configure them.

ModSecurity Web Application Firewall (WAF)

Select the “here” link in the ModSecurity pop-up to protect your data from application layer cyber attacks including code injection.

On the next page select “Install Mod Security Now.” Close the installation log after the process is complete.

ModSecurity settings

You’ll now have options for processing ModSecurity rules and logs. The default settings are sufficient (process rules and log noteworthy events). Select “Save configurations” at the top after any changes. On the right, select “Test ModSec” to attempt accessing the database with PHP. The new page should display a “Forbidden” error. Remove “https://” and try again if you don’t have a valid SSL installed at this point. If you prefer to test your server from the terminal you can use “curl.” It should still return a 403 error.

curl http://199.223.115.22/index.php?SELECT * FROM mysql.users

ConfigServer Security & Firewall (CSF)

Select the “here” link under “Firewall – SECURITY ISSUE” to install host-based CSF and close unused ports.

ConfigServer Security & Firewall disabled

At the top you’ll see a notification reading “Firewall is Disabled.” Underneath it, select “Enable Firewall.” CSF will automatically open the most commonly used ports. You may need to refresh the page after a minute to see the completion message: “csf and lfd are not disabled!”

CWP CSF Enabled

Select “Back” at the top of the page to modify the firewall:

  • Temporarily allow and deny IP addresses
  • Whitelist and blacklist IPs
  • Open TCP / UDP ports (right side of the page)

Before you change your SSH port from 22, ensure you open the new TCP port in CSF.

CSF ports allowed

When you configure ports, you’ll be editing the raw “/etc/csf/csf.conf” file. Edit port numbers in the following sections:

# Allow incoming TCP ports
# Allow outgoing TCP ports
# Allow incoming UDP ports

Use Ctrl + F to find each section faster.

After saving your changes at the bottom, select “CSF Firewall” in the sidebar to access the settings again.

You can quickly access the Firewall manager from the dashboard.

CWP CSF settings

If you don’t need cPanel, don't pay for it. Only pay for what you need with our Cloud VPS solutions.

check markCentOS, Debian, or Ubuntu check markNo bloatware check markSSH Key management made easy

J
Jacqueem Content Writer I

Technical writer focused on cybersecurity and musicianship.

More Articles by Jacqueem

Comments

It looks like this article doesn't have any comments yet - you can be the first. If you have any comments or questions, start the conversation!

Was this article helpful? Let us know!