It is convenient for the WEB application and management of Linux VPS and servers. Most of our users will rely on WEB panels. There are still many panels to choose from at home and abroad. However, due to the profit problem or the developer's personal consideration, some free panels have stopped updating, and some have switched to the charging mode. Although many one click script installation packages or compilation environments are not particularly complex, the panel is much more convenient for ordinary users who are transitioning from virtual hosts or initially contacting VPS.
Although the pagoda panel is a short time, there should be a dedicated development team, so we can see that the pace of progress in this year is really fast. From the discussion on its forum and the problems of its surrounding netizens, we can see that its user volume is quite large. Whether we use the panel or the one click package or the compilation environment, security really needs attention. Besides, the XSHELL software that was exposed a few days ago has security problems.
Yesterday, Lao Zuo asked to install the pagoda panel in the environment of a customer website of the company. After installation, he simply saw that the functions were much richer than those seen last year, basically meeting the needs of most users' projects, and it was constantly updated every week. I hope that the complexity of the work does not lead to the occupation of resources and other problems. In terms of security, after installing the panel, we simply need several settings.
First, normal password security
In view of the XSHELL security problem that everyone should have seen a few days ago( Here )For one thing, we need to set complex ROOT passwords, disable ROOT for an independent administrative user, or log in to VPS in key mode.
1、 Xshell Set Key Login to Ensure More Security of Linux VPS and Server
2、 Set Putty SSH to log in to the Linux VPS host using the key
Second, modify the pagoda panel port

The default port is 8888 after installation. We need to modify a port, which can be any value between 8888-65535.
Third, change the administrator's user name and password

After the default panel is installed successfully, the administrator user name is admin. We need to log in to the background to modify other user names and complex panel panels. I have solved problems for several netizens before. I see that when they use WDCP or the pagoda panel, they even use simple passwords like 123456. Even their ROOT server passwords are so simple.
Fourth, force binding domain name and fixed IP login

We can also use a domain name to resolve and bind to the panel. In this way, the panel can only be opened using the domain name we know. The IP address cannot be opened. If our local IP address is fixed, we can also authorize the unique local IP login panel. If our IP address changes, do not set it, because after setting the authorized IP address, the only IP login panel cannot be opened.
Finally, after the basic security settings are completed, the pagoda will be updated after the official upgrade. Secondly, we also need to regularly back up the website data. The pagoda panel has its own Qiniu, AliCloud OSS, and remote FTP backup kit. The settings are relatively simple for automatic backup. We can also backup manually.