I ran into trouble installing CyberPanel, 
now I can’t ssh -p 4xxxx back into my server, guessing the switch from ufw to FirewallD. I am about to reinstall Linux on my VPS but would like to know the correct order to do the following:
Disable root login
Change SSH port number
Install and active Fail2Ban
Install CyberPanel
Please advise and thank you!
Hey @Ai!
Your list is correct. The one thing to add is when you install CyberPanel, make sure you instruct FirewallD to close port 22 and open up the port you selected for the SSH.
You can open up a port in FirewallD by typing:
firewall-cmd --permanent --zone=public --add-port=PORT_NUMBER/tcp
And replace the PORT_NUMBER with your new SSH port.
Using the same approach, you can remove Port 22, by typing:
firewall-cmd --permanent --zone=public --remove-port=22/tcp
Thank you, Vasileios!
Being someone who can’t just sit around and wait, I tried again and realized that I needed to do the FirewallD commands before restarting the CyberPanel after the installation. I laughed at myself for not getting it the first time I was locked out. 
I will do better for the next full server setup and get the process down.
I did find repeating the entire process very helpful. As we all know, practice makes a pro (or less of a newbie). And having re-watched both the full server and fail2ban videos, I noticed I understood more of what you showed. So, I’m happy experimenting away.
Thank you for all your help and encouragement! 
You are most welcome, @Ai!
These procedures can be indeed daunting at first. However, practice makes perfect! After a while, you’ll be amazed on how easy things will get for you. The first time I installed Arch, for example, it took me around 40 minutes. Now, it takes me 5 minutes and I’ve basically memorized the commands.
Keep up the great work! 