================================================================ PANDUAN DEPLOY TUNNEL SaaS v2 KE cPANEL (Updated: support cross-platform path, system check) ================================================================ Panduan langkah demi langkah deploy SaaS server + admin panel ke hosting cPanel (Niagahoster, Hostinger, IDCloudHost, dll). ---------------------------------------------------------------- RINGKASAN ARSITEKTUR ---------------------------------------------------------------- Yang akan di-deploy: 1. SERVER PUSAT -> 1 lokasi (folder server/) 2. ADMIN PANEL -> 1 lokasi (folder admin/) 3. CLIENT FILES -> per domain client (generate dari admin) Struktur ideal di cPanel: /home/USER/public_html/ ├── api/ <- isi folder server/ (subdomain api.dom.com) │ ├── render.php │ ├── saas_config.php │ ├── index.php (engine) │ ├── ... semua file engine │ ├── amp/ │ └── cache/ (auto-create, 755) │ └── manage/ <- isi folder admin/ (subdomain manage.dom.com ├── index.php ATAU /manage/ subfolder) ├── .htaccess └── data/ (sensitive! di-deny via .htaccess) ├── keys.json ├── blacklist.txt ├── research_results.json └── clients/ ---------------------------------------------------------------- A. PERSIAPAN HOSTING (5 menit) ---------------------------------------------------------------- [1] Login cPanel hosting Anda [2] Buat 2 SUBDOMAIN cPanel > Domains > Subdomains Subdomain 1: Name : api Domain : mydomain.com Document Root: public_html/api Klik Create Subdomain 2 (opsional, bisa juga subfolder): Name : manage (atau admin) Domain : mydomain.com Document Root: public_html/manage Klik Create [3] AKTIFKAN EKSTENSI PHP cPanel > Select PHP Version (atau MultiPHP Manager) Pilih PHP 7.4 atau 8.x Centang ekstensi: [x] gd (untuk banner image) [x] curl (untuk client proxy + keyword) [x] mbstring (untuk Unicode) [x] json [x] zip (untuk generate file download) Klik "Save" [4] CEK PHP OPTIONS cPanel > Select PHP Options Pastikan: allow_url_fopen = On max_execution_time = 600 memory_limit = 256M upload_max_filesize = 16M ---------------------------------------------------------------- B. DEPLOY SERVER PUSAT (10 menit) ---------------------------------------------------------------- [1] ZIP folder server/ di komputer Anda Klik kanan folder tunnel-saas/server/ > Send to > Compressed (zipped) folder Hasil: server.zip [2] Upload ke public_html/api/ cPanel > File Manager Navigasi ke: public_html/api/ Klik "Upload" Pilih server.zip Klik "Upload Files" [3] Extract di server Setelah upload selesai, kembali ke File Manager Klik kanan server.zip > Extract Pastikan struktur jadi: public_html/api/render.php public_html/api/saas_config.php public_html/api/index.php public_html/api/... Kalau ada folder "server" di dalam api/, pindahkan isinya ke api/ langsung (jangan nested). Hapus server.zip. [4] Set Permission Folder Cache Klik kanan public_html/api/cache > Permissions > 755 (Atau folder cache akan auto-create dengan 755 saat request pertama, kalau parent folder writable) [5] Test Endpoint Buka browser: https://api.mydomain.com/render.php Expected: "Invalid API key" Itu artinya endpoint hidup. Klik next step. ---------------------------------------------------------------- C. DEPLOY ADMIN PANEL (5 menit) ---------------------------------------------------------------- [1] ZIP folder admin/ di komputer Anda [2] Upload ke public_html/manage/ (atau public_html/admin/) cPanel > File Manager > Upload > admin.zip [3] Extract di server Struktur jadi: public_html/manage/index.php public_html/manage/.htaccess public_html/manage/data/... [4] Set Permission Data Folder Klik kanan public_html/manage/data > Permissions > 755 Pastikan PHP bisa write di sana. [5] GANTI PASSWORD ADMIN! File Manager > Edit public_html/manage/index.php Cari baris 13: $ADMIN_PASSWORD = 'admin123'; GANTI ke password kuat, mis: $ADMIN_PASSWORD = 'k7Hn4qP9mZ2vXyR3wBcD8jL5fN1a'; Save. [6] Test Admin Buka: https://manage.mydomain.com/ Muncul login screen ungu. Login pakai password yg baru di-set. Dashboard muncul. ✓ ---------------------------------------------------------------- D. VERIFIKASI VIA SYSTEM CHECK (Penting!) ---------------------------------------------------------------- [1] Login admin [2] Klik menu sidebar: 🩺 System Check [3] Cek semua 20 item: ✓ PHP Version ✓ Ekstensi gd, curl, mbstring, json ✓ allow_url_fopen ✓ max_execution_time ✓ Folder writable (cache, data, clients) ✓ Required files (render.php, saas_config.php, ...) ✓ Server endpoint test [4] Kalau ada FAIL: Lihat kolom "Fix" untuk panduan perbaikan. Biasanya tinggal aktifkan ekstensi PHP via cPanel. ---------------------------------------------------------------- E. TAMBAH CLIENT PERTAMA (3 menit) ---------------------------------------------------------------- [1] Admin > 🔑 API Keys & Client [2] Form Tambah Client: Nama : Client Test Host : client-test.com [x] Clone master template Klik "Generate Key + Buat Folder" [3] Key 40 karakter muncul -> COPY [4] Admin > 📦 Download Client Files [5] Server URL: https://api.mydomain.com/render.php [6] Pilih client "Client Test" [7] Klik "📥 Download ZIP Lengkap" Hasil: tunnel-client-client-test.com.zip ---------------------------------------------------------------- F. OWNER CLIENT PASANG DI DOMAINNYA (5 menit) ---------------------------------------------------------------- Kirim ZIP ke owner client. Mereka: [1] Login cPanel hosting mereka [2] File Manager > public_html/ [3] Upload tunnel-client-XXX.zip [4] Extract [5] Pindah isi folder main-domain/ ke public_html/ (main-domain/index.php → public_html/index.php main-domain/.htaccess → public_html/.htaccess) [6] Cek cPanel > Select PHP Version > centang cURL [7] Buka https://domain-client.com di browser Halaman langsung tampil dari server pusat. ✓ KALAU AMP DI DOMAIN TERPISAH: [8] Buat subdomain amp.domain-client.com di cPanel mereka [9] Upload amp-domain/index.php + .htaccess ke folder subdomain [10] Buka https://amp.domain-client.com → versi AMP tampil ---------------------------------------------------------------- G. POST-DEPLOY CHECKLIST ---------------------------------------------------------------- Setelah selesai, pastikan: [ ] Admin password BUKAN 'admin123' (sudah diganti) [ ] saas_config.php > 'allow_any' = false (production) [ ] Test browser dari incognito (cek tanpa cookie) [ ] System Check semua hijau [ ] Backup saas_config.php + admin/data/ (DOWNLOAD ke lokal) [ ] Submit sitemap ke Google Search Console URL sitemap: https://CLIENT-DOMAIN.com/sitemap.xml [ ] Set Cloudflare di depan server pusat (opsional) [ ] Pasang Auto-SSL di subdomain api.* dan manage.* ---------------------------------------------------------------- H. TROUBLESHOOTING UMUM cPANEL ---------------------------------------------------------------- Q: render.php muncul source code (raw PHP) A: PHP belum aktif. cPanel > MultiPHP Manager > pilih versi untuk domain itu > Apply. Q: 500 Internal Server Error A: Permission .htaccess salah. CHMOD 644. Atau cek error_log di cPanel. Q: Admin login muter terus A: Folder session PHP tidak writable. Atau cookie diblock. Cek cPanel > PHP Options > session.save_path. Q: "Failed to fetch from ip-api" A: allow_url_fopen Off. Aktifkan di PHP Options. Q: Banner image broken (404) A: GD library belum aktif. cPanel > Select PHP Version > centang gd > Save. Q: Folder cache/ tidak terbuat otomatis A: Parent folder (api/) tidak writable. CHMOD 755. Atau buat manual via File Manager + CHMOD 755. Q: Admin > System Check semua FAIL A: Path antara admin/ dan server/ tidak sebagai sibling. Cek saas_config.php > 'admin_data_path' isi manual: 'admin_data_path' => '/home/USER/public_html/manage/data', ---------------------------------------------------------------- I. SECURITY HARDENING ---------------------------------------------------------------- [1] Password Admin Minimal 20 karakter random. Generate via: bin2hex(random_bytes(15)) [2] HTTP Auth tambahan di /manage/ cPanel > Directory Privacy > public_html/manage/ Set username + password. Owner butuh DUA login (HTTP Basic + form admin). [3] IP Whitelist (opsional) cPanel > IP Blocker Atau di .htaccess /manage/: Require ip 1.2.3.4 [4] Disable testkey123 Edit saas_config.php Hapus baris 'testkey123' => '*' Hanya pakai keys dari admin panel. [5] HTTPS only .htaccess (di api/ dan manage/): RewriteCond %{HTTPS} off RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] ---------------------------------------------------------------- J. BACKUP & MAINTENANCE ---------------------------------------------------------------- Backup harian (wajib): - public_html/manage/data/ (semua per-client data) - public_html/api/saas_config.php (config api keys) Backup mingguan: - public_html/api/ (semua file engine) - Setting cPanel Tools backup: - cPanel > Backups > Generate - JetBackup (kalau hosting menyediakan) - Script cron rsync ke external storage Log monitoring: - public_html/api/saas_access.log - Cek size berkala, archive kalau > 50MB ---------------------------------------------------------------- K. UPGRADE / UPDATE TEMPLATE ---------------------------------------------------------------- Untuk update template (CSS, struktur HTML, dll): [1] Edit file di public_html/api/ langsung via File Manager [2] Atau upload file baru replace lama [3] Tidak perlu touch file di client domain mana pun [4] Semua client otomatis dapat update JANGAN ganti file di public_html/api/ ini saat update: - saas_config.php (configurasi & API keys) - list.txt (kalau master template ingin tetap) - cache/ (akan di-regenerate) ================================================================ Semoga sukses jualan SaaS! ================================================================