Upgrading cPanel from CentOS 7 to AlmaLinux 8 with Pyxsoft WAF
Upgrading your server from CentOS 7 to AlmaLinux 8 with cPanel and installing Pyxsoft Antimalware & WAF (Web Application Firewall) is crucial for maintaining server security, performance, and compatibility with modern software.
This blog will guide you through the entire process, including the necessary requirements, a step-by-step upgrade procedure, and the installation of Pyxsoft Antimalware & WAF. We will also explore the reasons why these steps are vital for your server's security and efficiency.
Why Upgrade from CentOS 7 to AlmaLinux 8?
CentOS 7 is reaching its end of life in June 2024, which means it will no longer receive security updates or bug fixes. This makes upgrading to a newer and supported operating system imperative to keep your server secure. AlmaLinux 8 is a stable, community-driven fork of Red Hat Enterprise Linux (RHEL), providing a seamless migration path for CentOS users.
Key benefits of upgrading to AlmaLinux 8:
- Continued Security Updates: Stay protected with regular security patches.
- Improved Performance: Newer kernel, better performance, and support for the latest hardware.
- Compatibility: Supports newer versions of software, such as PHP, Python, and MySQL.
Why Install Pyxsoft Antimalware & WAF?
Pyxsoft Antimalware & WAF is a powerful security solution that offers real-time protection against malware, viruses, and web-based attacks. Here’s why it is critical:
- Real-time Malware Protection: Detects and removes malware from your server files in real time.
- Web Application Firewall (WAF): Protects your web applications from SQL injection, cross-site scripting, and other web-based attacks.
- Comprehensive Security Reports: Provides detailed reports about detected threats and vulnerabilities.
- Easy Integration with cPanel: Simple installation and configuration process via cPanel.
Requirements for the Upgrade and Installation
Before proceeding, ensure you have the following:
Access Requirements:
- Root access to your server via SSH.
- A valid cPanel/WHM license.
System Requirements:
- At least 4 GB of RAM and 40 GB of available disk space.
- A backup of all data and configurations.
Software Requirements:
- cPanel/WHM
- A fully updated CentOS 7 environment.
This guide was prepared based on the official documentation from cPanel, the installation guidelines from Pyxsoft, and additional insights and steps to ensure a smooth and secure upgrade process.
We have included extra information and best practices to help you navigate the transition from CentOS 7 to AlmaLinux 8 effectively, and to set up Pyxsoft for enhanced security on your cPanel server.
Step 1: Prepare for the Upgrade
1. Access the server's command line as the 'root' user via SSH or "Terminal" in WHM.
2. Backup your accounts.
for acct in $(awk -F':' '{print $1}' /etc/userplans | sort | uniq); do /scripts/pkgacct --compress "$acct" /backup; done
This command iterates over each unique sorted account and runs /scripts/pkgacct --compress
for each, storing backups in /backup folder.
You can omit --compress
to perform the backups more quickly, but more disk space will be required.
3. Run yum to update out-of-date packages.
yum update
4. Run upcp to update cPanel.
/scripts/upcp
5. Reboot the server.
shutdown -r now
Step 2: Upgrade from CentOS 7 to AlmaLinux 8
1. Access the server's command line as the 'root' user via SSH or "Terminal" in WHM.
2. Stop and uninstall Pyxsoft
Skip this step if you don't have Pyxsoft Software installed
systemctl stop pxshield
yum remove pxscan pxscand pxshield pyxsoftui pyxsoft-cpanel
yum -y clean all
rm -f /etc/yum.repos.d/pyxsoft*
The Web Application Firewall will be disabled after this step, leaving the sites vulnerable until you reinstall the Pyxsoft WAF in last step.
3. Download the cPanel Elevate script.
wget https://raw.githubusercontent.com/cpanel/elevate/release/elevate-cpanel -O /scripts/elevate-cpanel; chmod 700 /scripts/elevate-cpanel;
4. Run the following command to check for upgrade blockers:
/scripts/elevate-cpanel --check
5. Resolve each listed issue.
6. Check for upgrade blockers again
/scripts/elevate-cpanel --check
If there are no more blockers, you should see the following messages at the end of the output:
There is no known blockers to start the elevation process.
You can consider running:
/scripts/elevate-cpanel --start
6.Run the following command to begin the upgrade process:
/scripts/elevate-cpanel --start
The elevation process can potentially take 90 minutes to complete and requires multiple reboots.
Some reboots can be longer than usual. Do not interrupt the upgrade process.
Please note that you can check the current status of the update by running the following command.
/scripts/elevate-cpanel --status
Step 3: Install Pyxsoft Antimalware & WAF
Installing Pyxsoft Antimalware & WAF is crucial because it provides real-time malware detection and protection against web attacks, such as SQL injection and XSS.
This step restores essential security features, minimizing the period during which your sites are vulnerable, and ensures compliance with security standards, protecting both your server and its data.
curl -s https://www.pyxsoft.com/install-cpanel | bash