🎓 Complete cPanel to VPS Migration

From Shared Hosting to Self-Hosted Infrastructure Mastery

Topic: Server Administration & Migration

Level: Intermediate to Advanced

Duration: 6-8 Hours Practical

Prerequisites: Basic Linux Command Line

📚 Introduction

Learning Objective: Understand the complete process of migrating from managed cPanel hosting to self-managed VPS infrastructure, gaining full control over web services.

This educational document covers the real-world migration of jazila-traders.com from cPanel to a self-managed Ubuntu 22.04 VPS. Every command, configuration, and troubleshooting step is documented from actual implementation.

Real-World Context: This guide is based on actual production server migration, including all errors encountered and their solutions.

🏗️ System Architecture

Server Stack Architecture

┌─────────────────────────────────────────┐ │ CLIENT REQUESTS │ └───────────────────┬─────────────────────┘ │ ┌───────────────────▼─────────────────────┐ │ BIND DNS (53) │ │ ns1.jazila-traders.com │ └───────────────────┬─────────────────────┘ │ ┌───────────────────▼─────────────────────┐ │ APACHE2 (80/443) │ │ with PHP-FPM & SSL │ └───────────────────┬─────────────────────┘ │ ┌───────────────────▼─────────────────────┐ │ APPLICATION LAYER │ │ ┌─────────────┬─────────────┬─────────┐ │ │ │ WordPress │ Roundcube │ Custom │ │ │ │ Database │ Webmail │ Apps │ │ │ └─────────────┴─────────────┴─────────┘ │ └─────────────────────────────────────────┘ │ ┌───────────────────▼─────────────────────┐ │ SERVICE LAYER │ │ ┌─────────────┬─────────────┬─────────┐ │ │ │ MySQL │ Postfix │ Dovecot │ │ │ │ 8.0.43 │ SMTP │ IMAP │ │ │ └─────────────┴─────────────┴─────────┘ │ └─────────────────────────────────────────┘

📋 Phase 1: Pre-Migration Planning

Inventory Current Environment

Document all domains, subdomains, databases, email accounts, and cron jobs in cPanel.

# Check cPanel account structure
ls -la /home/username/
# List databases
mysql -e "SHOW DATABASES;"

Resource Analysis

Analyze disk usage, bandwidth patterns, and database sizes to plan VPS specifications.

# Check disk usage
du -sh /home/username/*
# Check database sizes
mysql -e "SELECT table_schema 'Database', SUM(data_length + index_length) 'Size' FROM information_schema.TABLES GROUP BY table_schema;"

DNS Preparation

Reduce TTL values to 300 seconds for faster DNS propagation during cutover.

Pro Tip: Lower TTL 24-48 hours before migration to minimize downtime.

🖥️ Phase 2: VPS Foundation Setup

Learning Objective: Master initial server configuration, security hardening, and service stack installation.

Initial Server Configuration

# System update & upgrade
sudo apt update && sudo apt upgrade -y

# Install essential tools
sudo apt install curl wget vim htop ufw -y

# Configure firewall
sudo ufw enable
sudo ufw allow ssh
sudo ufw allow 80,443
sudo ufw allow 53

LEMP Stack Installation

# Install Nginx, MySQL, PHP-FPM
sudo apt install nginx mysql-server php8.1-fpm php8.1-mysql -y

# Install additional PHP extensions
sudo apt install php8.1-curl php8.1-xml php8.1-mbstring -y

# Start and enable services
sudo systemctl enable nginx mysql php8.1-fpm
sudo systemctl start nginx mysql php8.1-fpm

Security Note: Always change default MySQL root password and secure the installation with sudo mysql_secure_installation

🌐 Phase 3: BIND DNS Server Configuration

Learning Objective: Understand DNS fundamentals and master BIND configuration for self-hosted DNS.

BIND Installation & Configuration

# Install BIND9
sudo apt install bind9 bind9utils bind9-doc -y

# Configure options
sudo nano /etc/bind/named.conf.options

# Configure local zones
sudo nano /etc/bind/named.conf.local

Zone File Creation

# Create zone directory
sudo mkdir -p /var/lib/bind/

# Create zone file
sudo nano /var/lib/bind/jazila-traders.com.hosts

# Sample zone content:
$TTL 604800
@ IN SOA jazila-traders.com. root.jazila-traders.com. (
  2024111101 ; Serial
  604800     ; Refresh
  86400      ; Retry
  2419200    ; Expire
  604800 )    ; Negative Cache TTL

; Name servers
@    IN  NS    ns1.jazila-traders.com.
@    IN  NS    ns2.jazila-traders.com.

; A records
@        IN  A     46.224.20.162
www      IN  A     46.224.20.162
webmail  IN  A     46.224.20.162
ns1      IN  A     46.224.20.162
ns2      IN  A     46.224.20.162

rndc Key Configuration (Troubleshooting)

# Fix rndc key issues
sudo rndc-confgen -a
sudo chown bind:bind /etc/bind/rndc.key
sudo chmod 640 /etc/bind/rndc.key

# Test configuration
sudo named-checkconf
sudo named-checkzone jazila-traders.com /var/lib/bind/jazila-traders.com.hosts

DNS Fundamentals: Understand the difference between A records (address), NS records (name server), MX records (mail exchange), and CNAME records (canonical name).

🌍 Phase 4: Apache Web Server with SSL

Virtual Host Configuration

# Create virtual host file
sudo nano /etc/apache2/sites-available/jazila-traders.com.conf

# Sample virtual host configuration:
<VirtualHost *:80>
    ServerName jazila-traders.com
    ServerAlias www.jazila-traders.com
    DocumentRoot /home/jazila-traders/public_html
    Redirect permanent / https://jazila-traders.com/
</VirtualHost>

<VirtualHost *:443>
    ServerName jazila-traders.com
    ServerAlias www.jazila-traders.com
    DocumentRoot /home/jazila-traders/public_html

    SSLEngine on
    SSLCertificateFile /etc/letsencrypt/live/jazila-traders.com/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/jazila-traders.com/privkey.pem

    <Directory "/home/jazila-traders/public_html">
        Require all granted
        Options FollowSymLinks
        AllowOverride All
    </Directory>
</VirtualHost>

SSL Certificate with Let's Encrypt

# Install Certbot
sudo apt install certbot python3-certbot-apache -y

# Obtain SSL certificate
sudo certbot --apache -d jazila-traders.com -d www.jazila-traders.com

# Test renewal
sudo certbot renew --dry-run

SSL Troubleshooting: Wildcard certificates (*.domain.com) may require different Apache configuration. Use cert.pem + chain.pem instead of fullchain.pem if encountering issues.

📧 Phase 5: Email Server Setup

Postfix SMTP Configuration

# Install Postfix
sudo apt install postfix postfix-mysql -y

# Configure main.cf
sudo nano /etc/postfix/main.cf

# Key configurations:
myhostname = webmail.jazila-traders.com
mydomain = jazila-traders.com
myorigin = $mydomain
mydestination = $myhostname, $mydomain, localhost.$mydomain, localhost
home_mailbox = Maildir/

Dovecot IMAP/POP3

# Install Dovecot
sudo apt install dovecot-imapd dovecot-pop3d -y

# Configure mail location
sudo nano /etc/dovecot/conf.d/10-mail.conf
mail_location = maildir:~/Maildir

🔧 Troubleshooting & Debugging

Common Issues and Solutions

BIND rndc Key Issues

Symptoms: "reload failed" errors, service running but cannot reload configuration.

# Regenerate rndc key
sudo rndc-confgen -a
sudo chown bind:bind /etc/bind/rndc.key
sudo systemctl restart named

Apache SSL Certificate Mismatch

Symptoms: "certificate does NOT include an ID which matches the server name"

# Verify certificate
sudo openssl x509 -in /path/to/cert.pem -text -noout | grep "DNS:"
# Use cert.pem + chain.pem instead of fullchain.pem
SSLCertificateFile /path/to/cert.pem
SSLCertificateChainFile /path/to/chain.pem

DNS Propagation Issues

Symptoms: Domain resolves locally but not externally, SERVFAIL errors.

# Test local resolution
dig @localhost domain.com
# Test external resolution
dig @1.1.1.1 domain.com
# Check nameservers
whois domain.com | grep "Name Server"

🎯 Key Takeaways

Infrastructure Independence: Moving from managed hosting to self-managed VPS provides complete control and cost efficiency
DNS Mastery: Understanding BIND configuration is crucial for reliable web services
Security First: Proper firewall configuration and service hardening are non-negotiable
Troubleshooting Skills: Real-world server administration requires systematic debugging approaches
Backup Strategy: Always maintain recent backups before major configuration changes
Documentation: Comprehensive documentation saves hours of troubleshooting

🧠 Knowledge Check

Question 1: What is the purpose of reducing DNS TTL before migration?

Answer: Lower TTL (Time To Live) allows faster DNS propagation during cutover, minimizing potential downtime when switching to new servers.

Question 2: Why might a wildcard SSL certificate (*.domain.com) not work for the main domain?

Answer: Some Apache versions have issues with wildcard certificates in fullchain.pem. The solution is to use cert.pem + chain.pem separately or get a dedicated certificate.

Question 3: What does the "SERVFAIL" DNS error indicate?

Answer: SERVFAIL indicates the nameserver is unable to process the query due to configuration errors, DNSSEC issues, or service problems.

🎉 Conclusion

This comprehensive migration from cPanel to self-managed VPS demonstrates the journey from dependency on managed hosting to complete infrastructure control. The skills acquired—DNS management, web server configuration, SSL implementation, and systematic troubleshooting—are fundamental to modern web administration.

Real-World Application: Every command and configuration in this document was tested and implemented in a production environment, providing authentic learning experiences for students.

By mastering these skills, you transition from being a user of web services to becoming a creator and maintainer of web infrastructure—a crucial step in professional web development and system administration careers.