Disk layout
We recommend to using logical volumes (LVM)
swap - twice the server's RAM
/ - 40G (not that large if you want to use separate /var and /home)
/boot - 200M
/tmp - 2G
somewhat more for /var/lib/mysql to store more databases
/home - grow to fill the disk
Network
Set IP address: edit /etc/sysconfig/network-scripts/ifcfg-eth?. cPanel installation guide forbids to use NAT.
Set fully qualified domain name (FQDN): edit /etc/sysconfig/network. cPanel allows to use only 3rd level domain names (cp.example.com).
Base system installation
Install minimal CentOS.
Check for package groups installed (yum grouplist). Remove (yum groupremove) all of:
FTP Server
GNOME Desktop Environment
KDE (K Desktop Environment)
Mail Server or E-mail Server
Mono
Web Server
X Window System
for minimal installation only "E-mail server" was installed by default.
Install perl (yum install perl), wget (yum install wget)
Disable SELinux: edit /etc/selinux/config, set "SELINUX=disabled"
Disable iptables: chkconfig iptables off, chkconfig ip6tables off
cPanel installation
cd /home
wget -N http://httpupdate.cpanel.net/latest
sh latest
Post-installation configuration
You can enable firewall now: the best choice is to install CSF, so you could manage firewall rules under WHM menus:
wget http://www.configserver.com/free/csf.tgz && tar -xzf csf.tgz && cd csf && sh install.sh
edit /etc/csf/csf.conf, set TESTING="0" and restart csf (csf -r)
or you can enable iptables (chkconfig iptables on, chkconfig ip6tables on) and open custom ports:
20 — FTP TCP inbound/outbound
21 — FTP TCP, UDP inbound/outbound
22 — SSH TCP inbound
25 — SMTP TCP inbound/outbound
26 — SMTP TCP inbound/outbound
37 — rdate TCP outbound
43 — whois TCP outbound
53 — DNS TCP/UDP inbound/outbound (inbound is only needed if you run your own public DNS server)
80 — HTTP TCP inbound/outbound
110 — POP3 TCP inbound
113 — ident TCP outbound
143 — IMAP4 TCP inbound
443 — HTTPS TCP inbound
465 — SMTP TLS/SSL TCP/UDP inbound/outbound
783 — SpamAssassin TCP/UDP inbound
873 — rsync TCP/UDP outbound
993 — IMAP4 SSL TCP inbound
995 — POP3 SSL TCP inbound
2077 — WebDAV TCP/UDP inbound/outbound
2078 — WebDAV SSL TCP/UDP inbound/outbound
2082 — cPanel TCP inbound
2083 — cPanel SSL TCP inbound
2086 — WHM TCP inbound
2087 — WHM SSL TCP inbound
2089 — cPanel license TCP outbound
2095 — Webmail TCP inbound
2096 — Webmail SSL TCP inbound
3306 — MySQL TCP (only if you need to connect remotely)
6666 — Chat TCP inbound
Configure WHM (https://<ip addr>:2087) and cPanel (https://<ip addr>:2083) accordingly to your needs.