cPanel is an integral part in shared web hosting now a days. Here are the things to do after installing cPanel in your server before adding websites. The foremost thing you need to do is to update cPanel to the latest version, by running /scripts/upcp –force
1. Set up Hostname.
Once you have installed cPanel, in your server. You need to make sure that the server have a fully qualified domain name as its hostname. The normal convention is that you need to name the hostname as name.somedomain.tld, and the hostname should point towards the primary IP of the server. Then you need to ask your webhost to create a PTR ( reverse DNS ) record so that the PTR of the IP matches the hostname.
2. Secure SSH
As described in this post, you need to change the SSH port, disable direct root login and disable password authentication, if possible.
3. Install CSF
CSF ( ConfigServer Security and Firewall ) is a good software firewall which works well with cPanel servers. It can do a security audit, and ask you to disable certain obvious things in the server which would otherwise be an issue.
It can also close down traffic to unwanted ports and do a brute force protection as well.
I do not recommend to run cphulk and CSF in parallel.
4. Install MariaDB
I would suggest to switch to MariaDB just because it have less memory footprint compared to MySQL. You can switch to MariaDB from WHM itself.
4. Recompile Apache and PHP
cPanel by default comes with very minimal modules for Apache and PHP, You will need to add those you need in your server and configure the PHP engine.
5. Secure FTP
cPanel by default allows anonymous uploads and login with root password which you need to disable.
The other tasks will include fine tuning MySQL server, email server, and setting up monitoring. Then you need to go to the service manager are of cPanel and make sure that you have all the service enabled and monitored.