How to Install Webuzo on AlmaLinux 9: My Real Experience

So I was setting up a new server at HostGet last month, and I needed something lightweight to manage hosting without all the bloat that comes with cPanel or Plesk. A colleague mentioned Webuzo, and honestly? It just worked. Let me tell you exactly how I did it, because I made mistakes the first time around and learned what actually matters.

What You Actually Need

Alright, so first things first. You need a fresh install of AlmaLinux 9. I’m talking bare minimum installation here – don’t load it with stuff you don’t need yet. You’re gonna need root access. That’s non-negotiable. If your hosting provider won’t give you root, this won’t work.

Grab a server with at least 1 CPU and 2GB of RAM. I know that sounds small, but Webuzo is pretty lean. If you’re putting multiple sites on there, go for 4GB to be safe. You’ll want at least 20 gigs of disk space too.

Make sure your domain is already pointed to your server’s IP address. And here’s the thing – ports 2002 and 2003 need to be open. These are what Webuzo uses to run. I forgot to open these my first time and spent an hour wondering why I couldn’t access anything. Don’t be like me.

Let’s Get Started – Update Everything First

Login to your server and just run this:

sudo dnf -y update && sudo dnf -y upgrade

Yeah it takes a bit, but your system needs to be current. Then grab what you need:

sudo dnf -y install wget curl

After that, reboot:

sudo reboot

I know it seems like a lot of steps for something simple, but this prevents weird conflicts later. Trust me on this one.

Kill Off Apache If It’s Running

Okay so if Apache is already running on your server, it’s gonna fight with Webuzo. So let’s stop it:

sudo systemctl stop httpd

Then remove it:

sudo dnf -y remove httpd*

If you’ve got nginx running or any other web server, get rid of that too. Webuzo handles all the web server stuff itself, so you don’t need anything else competing for those ports.

Now Actually Install Webuzo

This is the part where stuff actually happens. Go to root:

cd /root

Download the installer:

wget -N http://files.webuzo.com/install.sh

Make it runnable:

chmod 0755 install.sh

Run it:

./install.sh

Sit back and wait. This takes like 15-20 minutes depending on how fast your server is. Your terminal’s gonna be flying through all kinds of installation stuff. That’s normal. Webuzo is building itself basically from scratch, which is actually why it works so well.

I usually make some coffee or check my email during this part. Don’t watch it the whole time – you’ll just stress yourself out.

Get Into Your New Control Panel

Once it’s done, open up your web browser and go to:

http://YOUR_SERVER_IP:2002

Put your actual IP where it says YOUR_SERVER_IP. You should see a login page. Login as root with the password you set (or the default if you didn’t change it yet).

If HTTPS works better for you:

https://YOUR_SERVER_IP:2003

That’s it. You’re in.

First Things to Do When You’re Inside

When you first login, there’s a few things I always do right away. Change your admin password to something crazy strong. Like, 16 characters with uppercase, lowercase, numbers, and symbols. This thing is basically the keys to your whole server.

Then set your hostname. Go into Settings and make it match your domain – something like server1.yourdomain.com. This actually matters for email and certificates and all that stuff.

Run an update through the system while you’re in there. Look for Update or Package Update in the Tools section. It’ll pull in any security patches that came out since the base installation.

SSL Certificates – Don’t Skip This

You want HTTPS. Always. Go into Settings and look for SSL or Security. Add your hostname in there and let Webuzo grab a Let’s Encrypt certificate. It’s free and automatic. This takes like two minutes and saves you all kinds of headaches.

Set it to auto-renew so you never have to think about it again. I’ve seen people forget about certificates expiring and it messes up everything.

Open Your Firewall Properly

Run these commands to let traffic through:

sudo firewall-cmd --permanent --add-port=2002/tcp
sudo firewall-cmd --permanent --add-port=2003/tcp
sudo firewall-cmd --reload

If you want regular websites to work:

sudo firewall-cmd --permanent --add-port=80/tcp
sudo firewall-cmd --permanent --add-port=443/tcp
sudo firewall-cmd --reload

The –permanent flag means these stay open even after reboots. Trust me, you want that.

For SELinux, honestly, I usually just disable it in production because it causes more headaches than it’s worth. If you want to keep it running:

sudo dnf -y install policycoreutils-python-utils
sudo semanage port -a -t http_port_t -p tcp 2002
sudo semanage port -a -t http_port_t -p tcp 2003

But if it causes issues, don’t hesitate to turn it off. I won’t tell anyone.

Getting Your DNS Right

Point your domain’s A record to your server IP. That’s the main one. If you want email to work, add an MX record pointing to your mail server. Webuzo will set this up for you once you add domains.

For DKIM, Webuzo actually generates that stuff automatically. Once you add a domain in the mail section, it’ll show you what to put in your DNS.

SPF record should be something like:

yourdomain.com TXT "v=spf1 mx ~all"

Give it some time to spread through the internet before you worry if it’s not working yet. DNS is weird like that – sometimes takes hours, sometimes takes a day.

Stuff I Do Right After Installation

Backups – Set these up immediately. Go to Tools and enable automatic backups. I send mine to cloud storage because that’s saved me multiple times. Daily for databases, weekly for files. Your choice but do it.

Multiple PHP Versions – Go into the Apache settings and enable a few PHP versions. I usually enable 8.1 and 8.2. Most sites need at least one of these.

MySQL Settings – If you’re putting multiple sites on here, increase the MySQL connection limits. It’s under Services. Default is usually too low for anything serious.

Turn On Security Updates – There’s usually a Tools section where you can enable automatic security updates. Turn that on and forget about it.

Best Webuzo Settings That Actually Matter

Okay so once you’ve got the basics running, there’s some tweaks I make to every single installation. These are things that make a real difference in how your server performs and how stable everything stays.

Disable Root Login for Security – Go to Settings > Security. Turn off root login completely. Seriously. Create a regular admin user instead and use that. This one change stops like 90% of automated attacks. I learned this the hard way watching my logs get hammered constantly until I made this change.

Enable ModSecurity – This is like having a bouncer for your server. Go to Tools > Security and turn on ModSecurity if it’s not already on. It blocks malicious requests before they even get to your sites. I’ve seen it stop actual attacks in real time. Well worth enabling.

Set Resource Limits – Under Settings > Resource Limits, I cap how much CPU and RAM individual user accounts can use. I set it to like 80% max so one crazy website doesn’t tank the whole server. Set MySQL max connections to around 150-200 depending on your server size. This prevents runaway processes from killing everything.

Enable Automatic Updates for Core – Go to Settings > Updates and turn on automatic updates for the core Webuzo system. I used to manually update everything until I realized how many times I just forgot and stayed vulnerable for weeks. Auto updates fix this problem.

Configure Cron Job Defaults – In Settings > Cron, set a reasonable timeout. I use 3600 seconds (1 hour) as max. This stops runaway cron jobs from locking up your server if something goes wrong with a backup or script.

Limit FTP Connections – Under Ftp Settings, I cap simultaneous FTP logins to like 3-5 per account. This stops people from maxing out your server with tons of upload threads. Sounds weird but it actually helps on shared hosting.

Enable Two-Factor Authentication – This one’s in Settings > Security. Enable it and use it for your admin account. I use Google Authenticator. Takes an extra 5 seconds to login but it means nobody’s getting into your control panel even if they somehow get your password.

Set Up Log Rotation – Go to Tools > Logs and set up log rotation so old logs don’t eat your entire hard drive. I set it to keep 30 days of logs and rotate daily. This is boring but important.

Increase PHP Memory Limit – Some sites need more memory than the default. Go to Apache > PHP Configuration and bump the memory limit to 256MB or 512MB depending on what you’re running. Modern WordPress installations basically need this.

Enable GZIP Compression – Under Apache > Compression Settings, turn on GZIP. This makes websites load faster for visitors. It’s basically a free performance boost that takes 30 seconds to enable.

Configure CloudFlare Integration – If you use CloudFlare (and you should for DDoS protection), add your API key in Settings > CloudFlare. This lets Webuzo manage some CloudFlare stuff automatically. Not required but super convenient if you’re using them.

Set MySQL Slow Query Log – Go to Services > MySQL and enable the slow query log with a threshold of like 2 seconds. Then check it occasionally to see if any queries are killing your database. I’ve found some crazy inefficient code this way that was tanking performance.

Disable Telnet – Security thing. Go to Services and make sure Telnet is disabled. Use SSH instead, which is what Webuzo uses by default anyway. Telnet sends passwords in plain text which is basically asking to get hacked.

Enable DNS Clustering – If you’re running multiple servers, this is huge. But even on a single server, make sure DNS is set up right. Go to Dns > Settings and verify it’s pointing to your nameservers correctly.

Configure Mail Quota Per User – Under Mail Settings, set reasonable mailbox limits. I usually do 2-5GB per user depending on the plan. This stops one person from filling up your entire drive with emails.

Set Up Firewall Rules – Beyond just opening ports, you can add rules to block specific IPs. If you notice attacks coming from certain countries or IP ranges, you can block them here. It’s in Tools > Firewall.

The thing is, most of these take like 5 minutes each to configure, but they save you hours of headaches down the road. I’ve literally never had a Webuzo server go down due to performance or security issues when these settings are dialed in. Compare that to servers where I got lazy and just left defaults… yeah, totally different experience.

When Stuff Goes Wrong (And It Will)

Installation bombs out halfway – Usually means you’re out of disk space or there’s a web server still running. Check with df -h to see your disk. Kill any Apache or nginx processes.

Can’t access port 2002 or 2003 – Your firewall’s probably not actually open. Run sudo firewall-cmd --list-all and see if those ports show up. If they don’t, the commands didn’t work. Try again.

MySQL won’t start – Restart it:

sudo systemctl restart mysql

If it still won’t go, check what’s wrong:

sudo tail -f /var/log/mysql/error.log

Can’t login to Webuzo – Try root as the username. If you changed the password and forgot it, you can reset from command line but it’s annoying. That’s why I write everything down now.

Is this actually free? Yeah, the installation is free. There’s paid add-ons but you don’t need them. The free version does everything most people want.

Can I move existing sites here? Yeah but you gotta do it manually. Copy files over via FTP, dump and restore databases. Not the worst but definitely takes time.

That’s Really It

Honestly, Webuzo is refreshing compared to the control panels everyone else uses. It’s lightweight, doesn’t slow down your server, and just does what it says it does. The main thing is just follow these steps in order and don’t skip the security stuff. I learned that the hard way when I got lazy early on.

Set up backups, keep your password strong, and you’re basically done. It’ll just sit there and work for you without drama. If you get stuck somewhere, the Webuzo docs are actually readable and their support answers pretty quick. I’ve needed help a couple times and they got back to me same day.

Questions I Get All The Time