AWS Monster | Your Technical Partner

Accurate time keeping is important for a number of reasons in IT. This setup is the best practice that helps with problem diagnosis and informal server monitoring. I am living in Asia that's why i'm using this pool. Install Chrony and Configure The NTP server . # yum -y install chrony # vi /etc/chrony.conf #server 0.centos.pool.ntp.org iburst #server 1.centos.pool.ntp.org iburst #server 2.centos.pool.ntp.org iburst #server 3.centos.pool.ntp.org iburst server 0.asia.pool.ntp.org iburst server 1.asia.pool.ntp.org iburst server 2.asia.pool.ntp.org iburst server 3.asia.pool.ntp.org iburst add the network range you allow to receive requests allow 127.0.0.1 :x (save & quit) Reminder: We have disabled firewalld, So we will add the port 123/udp after the VestaCP installation using Iptables. Start the services and enable it  # systemctl start chronyd # systemctl enable chronyd # chronyc sources # timedatectl set-ntp yes # systemctl enable systemd-timedated.service

This Tutorial describes how to disable the Network Manager service. The Network Manager service automates the network's settings and disrupts connections to the IP addresses that reside in the ipaliases module. We recommend that you disable the Network Manager service and enable the network.service service before you install VestaCP hosting Control Panel. # systemctl stop NetworkManager # systemctl disable NetworkManager # nmcli device status # systemctl list-unit-files | grep NetworkManager # systemctl enable network.service # systemctl restart network.service Reboot The Machine # reboot I have two NIC in my VPS, So Add the below parameter in /etc/sysconfig/network-scripts/ifcfg-eXXX of interfaces that are managed by NetworkManager to make it unmanaged. NM_CONTROLLED="no“ # vi /etc/sysconfig/network-scripts/ifcfg-ens33 BOOTPROTO=static NM_CONTROLLED=no ONBOOT=yes #DOMAIN=datahead.biz HOSTNAME=host.datahead.biz :x (save & quit) # vi /etc/sysconfig/network-scri

The hostname is used by many of the networking programs (such as sendmail, Apache servers) to identify the machine. By default, your server is started with the server’s given name as the hostname. Some software, such as cPanel, CWP , VestaCP requires a valid Fully Qualified Domain Name (FQDN) for the hostname. Types of hostnames (The hostname can be configured as follows): Static host name assigned by sysadmin. For example, “server1”, “wwwBot2”, or “host.datahead.biz”. Transient/dynamic host name assigned by DHCP or mDNS server at run time. Pretty host name assigned by sysadmin/end-users and it is a free-form UTF8 host name for presentation to the user. For example, “Rubel’s netbook”. On a CentOS Linux 7 server you can use any one of the following tool to manage hostnames: hostnamectl command : Control the system hostname. This is a recommended method. nmtui command : Control the system hostname using text user interface (TUI). nmcli command : Control the system hos

CentOS 7 comes with firewalld by default. So disable firewalld because VestaCP uses IPtables & with Fail2ban. Here Firewall - Iptables Intrusion Detection  - Fail2ban # systemctl stop firewalld.service # systemctl disable firewalld.service Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service. Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. # systemctl mask firewalld.service Created symlink from /etc/systemd/system/firewalld.service to /dev/null. Reboot your server so that all updates can take affect and then check your Firewalld Status. # reboot # systemctl status firewalld

To run VestaCP on your server, SELinux must remain disabled. SELinux in enforcing mode does not allow VestsCP to function properly. For more information about SELinux modes, read the SELinux Mode documentation. While VestaCP can function with SELinux in permissive mode, we recommend that you do not use it. Permissive mode generates a large number of log entries.To check the status of SELinux on your server, run the sestatus command. Environment Details: CPU Model: Intel(R) Xeon(R) CPU X3440 @ 2.53GHz CPU Details: 2 Core (2527 MHz) Distro Name: CentOS Linux release 7.6.1810 (Core) Kernel Version: 3.10.0-957.1.3.el7.x86_64 RAM: 8 GB Type: VPS (VmWare) At first we will disable the selinux then reboot the machine . # sestatus # vi /etc/selinux/config OR # vi /etc/sysconfig/selinux # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux print