Skip to content

Deployment Overview of WHMCS on Server

Prerequisites and Basic Requirements

The following system requirements must be met before deploying the application:

  • Operating System: Linux distribution compatible with systemd, nginx, and mysql services.

  • Privileges: Root access or sudo privileges are required for installation and configuration.

  • Domain: A valid domain name configured to point to the server's IP address.

  • Ports: The following TCP ports must be open on the firewall:

  • 22 for SSH access.

  • 80 for HTTP traffic and SSL certificate validation.

  • 443 for HTTPS traffic.

  • Software Versions:

  • PHP Version: 8.3

  • WHMCS Version: 8.13.1

FQDN of the Final Panel

The application is accessible via the following Fully Qualified Domain Name (FQDN) format: whmcs<Server ID>.hostkey.in

Replace <Server ID> with the specific identifier assigned to the server instance. The service operates over HTTPS on port 443.

File and Directory Structure

The application files and data are organized across the following directories:

Directory Path Description
/var/www/html/whmcs Main web root containing the WHMCS application files.
/var/opt/whmcs Base directory for isolated data storage.
/var/opt/whmcs/whmcs/storage Protected storage directory for application data (symlinked from web root).
/var/opt/whmcs/whmcs/downloads Protected directory for downloadable files (symlinked from web root).
/var/opt/whmcs/php/session Directory for PHP session files.
/etc/nginx/sites-available/whmcs<Server ID>.hostkey.in Nginx configuration file for the application.
/etc/letsencrypt/live/whmcs<Server ID>.hostkey.in/ Location of SSL certificates and keys.
/var/www/certbot Directory used by Certbot for ACME challenge validation.

Application Installation Process

The application is deployed using the following steps:

  1. The WHMCS archive (whmcs_v8131_full.zip) is extracted to a temporary directory.

  2. Contents are moved to the final installation path: /var/www/html/whmcs.

  3. The sample configuration file configuration.sample.php is renamed to configuration.php.

  4. Custom modules and hooks from the HostkeyResellerMod repository are installed into the includes/hooks, modules/servers, modules/addons, and modules/gateways/callback directories.

  5. The controlpanel.html file is downloaded to /opt/panel/controlpanel.html.

Access Rights and Security

Security is enforced through the following mechanisms:

  • Firewall: The ufw firewall is enabled and configured to allow traffic only on ports 22, 80, and 443.

  • Nginx Security Rules: Direct access to sensitive directories and files is blocked via Nginx configuration:

  • Directories: crons, resources, vendor, includes, storage.

  • Files: .env, .ht*, .tpl, phpunit.phar.

  • User Accounts:

  • A dedicated system user whmcs is created with a home directory at /var/opt/whmcs.

  • The web server user www-data owns the web root and data directories to ensure proper execution permissions.

Databases

The application utilizes a MySQL database with the following configuration:

  • Database Name: whmcs_db

  • Database User: whmcs_user

  • Connection Method: Localhost connection via Unix socket.

  • Privileges: The whmcs_user account has ALL privileges on the whmcs_db database.

  • Security: Anonymous users and the default test database are removed during setup.

Proxy Servers

Nginx acts as the reverse proxy and web server for the application. It handles SSL termination and routes specific requests to external services:

  • SSL Termination: Nginx manages SSL certificates obtained via Certbot for the domain whmcs<Server ID>.hostkey.in.

  • External Proxies: Specific paths are proxied to panel.hostkey.ru and invapi.hostkey.ru:

  • /controlpanel.html

  • /controlpanel/

  • /static/

  • /favicon.ico

  • /auth.php

  • /eq.php

  • /net.php

  • /eq_callback.php

  • /invapi/

  • PHP Processing: PHP scripts are processed via php8.3-fpm using the Unix socket at /var/run/php/php8.3-fpm.sock.

Permission Settings

File and directory permissions are set as follows:

  • Web Root (/var/www/html/whmcs):

  • Owner: www-data:www-data

  • Directory Mode: 0755

  • File Mode: 0644

  • Configuration File (configuration.php):

  • Owner: www-data:www-data

  • Mode: 0644

  • Template Cache (templates_c):

  • Owner: www-data:www-data

  • Mode: 0775 (Write access required for the web server).

  • Protected Data Directories (/var/opt/whmcs/whmcs/storage and downloads):

  • Owner: www-data:www-data

  • Mode: 0777

  • Symbolic Links: The symlinks for storage and downloads in the web root are owned by www-data:www-data.

Location of Configuration Files and Data

Key configuration and data files are located at:

  • Main Configuration: /var/www/html/whmcs/configuration.php

  • Nginx Site Config: /etc/nginx/sites-available/whmcs<Server ID>.hostkey.in

  • SSL Certificates: /etc/letsencrypt/live/whmcs<Server ID>.hostkey.in/

  • Application Data: /var/opt/whmcs/whmcs/storage

  • Downloads: /var/opt/whmcs/whmcs/downloads

  • PHP Sessions: /var/opt/whmcs/php/session

Available Ports for Connection

The following ports are open and configured for the application:

  • 22: SSH (Secure Shell)

  • 80: HTTP (Redirects to HTTPS)

  • 443: HTTPS (Secure Web Traffic)

Starting, Stopping, and Updating

The application relies on system services managed by systemd. Use the following commands to manage the services:

  • Manage Nginx:

  • Start: systemctl start nginx

  • Stop: systemctl stop nginx

  • Restart: systemctl restart nginx

  • Reload Configuration: systemctl reload nginx

  • Check Status: systemctl status nginx

  • Manage MySQL:

  • Start: systemctl start mysql

  • Stop: systemctl stop mysql

  • Restart: systemctl restart mysql

  • Check Status: systemctl status mysql

  • Manage PHP-FPM:

  • Start: systemctl start php8.3-fpm

  • Stop: systemctl stop php8.3-fpm

  • Restart: systemctl restart php8.3-fpm

  • Check Status: systemctl status php8.3-fpm

question_mark
Is there anything I can help you with?
question_mark
AI Assistant ×