How to Configure CloudLinux for Shared Hosting Environments

CloudLinux is a popular operating system designed specifically for shared hosting environments. It improves server stability, enhances security, and ensures that no single user can monopolize server resources. With features like LVE (Lightweight Virtual Environment), CageFS, and integration with popular control panels, CloudLinux provides hosting providers and administrators with the tools needed to deliver a more reliable hosting experience.

This guide walks you through the key steps to set up and configure CloudLinux, from installation to fine-tuning resource limits and enabling key security features.

1. Prerequisites for CloudLinux Configuration

Before configuring CloudLinux, ensure you have the following:

1.1. A CloudLinux License

• Make sure you have a valid CloudLinux license.
• If you don’t have one, you can purchase it directly from CloudLinux or from an authorized reseller.

1.2. Supported Operating System

• CloudLinux is built on CentOS and is compatible with popular hosting control panels like cPanel, Plesk, and DirectAdmin.
• If you’re migrating from CentOS, you’ll need to convert your existing system to CloudLinux.

1.3. Administrative Access

• Root Access: You must have root (superuser) privileges on the server.
• SSH Access: Ensure you can connect to the server via SSH for command-line configurations.

2. Installing CloudLinux

If you haven’t already installed CloudLinux, you can convert an existing CentOS server to CloudLinux using the following steps:

2.1. Log in as Root

• Use SSH to access your server as the root user:

  ssh root@your_server_ip

2.2. Install the CloudLinux Conversion Script

• Download the script from CloudLinux’s official site:

  wget https://repo.cloudlinux.com/cloudlinux/sources/cln/cldeploy

• Make the script executable:

  chmod +x cldeploy

2.3. Run the Conversion Script

• Execute the conversion script and provide your CloudLinux license key:

  ./cldeploy -k YOUR_LICENSE_KEY

• Follow the on-screen prompts to complete the conversion. Once done, the server will need to be rebooted.

2.4. Verify the Installation

• After rebooting, check that CloudLinux is installed:

  cat /etc/redhat-release

• It should display something like CloudLinux release .

3. Configuring Lightweight Virtual Environments (LVEs)

LVEs are at the core of CloudLinux, allowing you to isolate resource usage per account. This prevents one user from negatively impacting the performance of others.

3.1. Access LVE Manager

• If you’re using cPanel, you can find the LVE Manager in WHM under Plugins > LVE Manager.
• For Plesk or DirectAdmin, refer to their respective documentation for accessing LVE Manager.

3.2. Set Resource Limits

• CPU: Define how much CPU time each user can consume.
• Memory: Set memory limits to prevent any account from using excessive RAM.
• IO Limits: Restrict disk I/O usage to ensure fair resource distribution.
• Entry Processes: Limit the number of concurrent processes per user to prevent server overload.

3.3. Default vs. Custom Settings

• Default Limits: Apply a baseline set of resource limits for all users.
• Custom Limits: Adjust individual accounts as needed, allowing more resources for premium accounts and tighter restrictions for lower-tier plans.

4. Enhancing Security with CageFS

CageFS creates a virtualized file system for each user, ensuring that users cannot see or access files outside their own environment. This significantly improves security on shared servers.

4.1. Enabling CageFS

1. Install CageFS:

   • Run the following command to install:

     yum install cagefs

2. Enable CageFS:

   • Once installed, enable it for all users:

     cagefsctl --enable-all

3. Verify CageFS Status:

   • Check the status of CageFS:

     cagefsctl --status

4.2. Configuring CageFS

• Use the CageFS control panel (available in WHM or via CLI) to customize what users can and cannot access.
• Add or remove files and directories from the CageFS template as needed.
• Restrict access to sensitive system files, executables, and configuration files.

5. Integrating PHP Selector

PHP Selector allows users to choose their PHP version and customize PHP extensions within the limits you set.

5.1. Installing and Enabling PHP Selector

1. Install the Required Packages:

   yum groupinstall alt-php

2. Enable PHP Selector:

   • Enable it through the LVE Manager or by running:

     cagefsctl --enable-php-selector

3. Customize Available PHP Versions:
   • You can limit which PHP versions and modules are available to users.
   • Users can then select their preferred version from their control panel’s interface (e.g., cPanel’s MultiPHP Manager or DirectAdmin’s Selector).

6. Monitoring and Maintenance

6.1. Resource Usage Reports

• Use the LVE Manager to view per-account resource usage.
• Identify accounts that frequently hit resource limits and consider adjusting their settings or suggesting upgrades.

6.2. Regular Updates

• Keep CloudLinux packages up to date:

  yum update -y

• Apply security patches and new features as they become available.

6.3. Backup Configurations

• Regularly back up your CloudLinux configuration files and templates.
• Test your backups periodically to ensure they can be restored quickly in case of issues.

Final Thoughts

Configuring CloudLinux involves setting up resource limits, enabling security features like CageFS, and integrating tools like PHP Selector. By following the steps outlined in this guide, you’ll create a stable, secure, and efficient shared hosting environment that ensures fair resource distribution and protects against potential threats. Regular monitoring and maintenance will help you maintain optimal performance and reliability over the long term.