New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
cPanel alternative for reseller
I am looking for alternative for cPanel. My main product is selling WordPress hosting, so it doesn't need fancy features. It just needs jailed home. So, when one website is compromised, it doesn't affect the others.
Is there any good free things out there? I know about vesta, CWP, kloxo, webmin, but I prefer shell access without gui.
Any recommendation?
Thanked by 1websitehostingvps
Comments
Only three panels are mostly usable from a commercial point of view (in my humble opinion): DirectAdmin, Webmin, ISPConfig, in that order. See which one fits you and run with it?
All of them comes with gui. I prefer gui less. Because most of my clients doesn't even know that their service comes with a panel. I did all the stuff, behind their back.
If I am going to change from cpanel to other things, better take it to the next level
@yokowasis how come you want a panel without GUI?
I am not looking for a panel. I am looking for something like centmin mod.
Centminmod on CentOS then perhaps?
Or EasyEngine?
mmm... ok...
Script-based (in no particular order):
https://slickstack.io/
https://roots.io/trellis/
https://easyengine.io/
https://webinoly.com/en/
https://captaincore.io/
Panel: there's a thread about apnscp, perhaps can suit your needs --> https://www.lowendtalk.com/discussion/155702/built-a-control-panel-over-16-years-free-lifetime-release-round-two/
Does it support jailed multi user? Because the nature of shared hosting some site will be compromised. I need it to not affect other user.
https://kb.apnscp.com/tag/jail/
I am referring to the script based. But thanks for the link. Never heard of apnscp before, will take a look at it.
I think both, Centmindmod and EasyEngine (especially for WP) support the use of PureFTPD. PureFTPd supports chroot jailing: https://download.pureftpd.org/pub/pure-ftpd/doc/FAQ
I have found a case where a compromised WordPress site (without ftp), can create strange files / back door to the parent directory. This is what I want to prevent. And the reason why I am buying reseller account instead of 1 big shared hosting account previously.
Some of my customer install shady nulled plugin, imagine the chaos, if the shady script have access to parent folder.
Well, prevent all users from using the shell or having the privileges to execute commands from it and chroot them to their directory. Of course alternatively you can stick to shared
If you don't really want GUI than better you don't say "control panel" because they are UI. If you want like a shell script or Bash script, that is called like just script or maybe deployment and provision (configuration) setup script.
Anyway yes its a good option for better performance, lightweight, security. No reason to install some control panels if your clients just gonna create problems.....
SlickStack is for only single WP sites (that is 1 site for every VPS / node). So that is very strong security if you care about malware or don't want to mix sites on the same server. And then you can choose which datacenter to put each your customer website for better speed and cloud VPS only like $5/each these days.......
http://mirrors.slickstack.io/ss-config-sample.txt
So you choose the password for SSH to be Sudo user, and the SFTP password you can give it to your customer so they can only access public directory and nothing else...
/var/www/htmlThat is enough access for WordPress files, etc.
If your customer site got malware, it will never affect another site this way. Also if their site had high resources of CPU and RAM memory it will not matter because only 1 site in VPS. Your other customers is 100% independence.....
Hey guys he search for somehting as cpanel jailed apache option if I understand correctly not jail for ftp
ISP Configs sets open base dir policy by default as in cPanel (when you enable open base dir) so if you disable init_set and shell functions and do not allow accounts to run cgi scripts (due to cgi shell) it should be relatively save user isolation
I not tested it personally but if you have budet to spend you can try cloudlinux without an panel according to the official docs it will work and users will be isolated between each other
https://cloudlinux.zendesk.com/hc/en-us/articles/115004059733
Just do the adjustments to run fpm + nginx (nod documented but should work) or with open lite speed
Have you considered creating multiple small containers on CloudJiffy? You could have one Database server or DB cluster (master/slave or galera) serving all your WordPress accounts. You can then have one Nginx container per WordPress application.
Each WordPress will be limited to its own environment. You can use git/svn/ssh/code editor through the portal. With vertical scaling, each WP should use only 1 or 2 cloudlets (128-256MB RAM) on average.
1 cloudlet is roughly $1, 10 account will cost me $10 / month or $120 / year. I am looking for $25ish / year solution.
If you willing to do the job and is not too complex for you could probably do 1 KVM vps with nginx on main IP as revers proxy and multiple lxc containers inside of it (to do nginx + php-fpm) db can be on the main vps too as it will save ram and resources but with expense of some ram and if you run mysql inside of users LXCs too you create truly fair environment for your users
Too complicated for me.
Webmin+Virtualmin has a cli. (or just whitelist your IP for webmin miniserv(management perl webserver)
You can consider cloud based control panels. ClusterCS.com has Installers and does have one for Wordpress too. Don't use such for reselling, but I know its a feature due soon.
Quick web search shows all kinds of ansible playbooks for installing wordpress.
Plesk . It has wordpress toolkit
Plesk - It is owned by Oakley Capital. Don't get cPaneled.
I end up using vesta cp. If has decent api and cli. Also it support softaculous which is always a plus.
I just downloaded vesta and looked at the code. It's mostly shell scripts! Wow! I wonder how much more stuff is in something like cpanel. Vesta is not all that large or complicated.
@willie @yokowasis The fork is where it's at, just sayin' - https://hestiacp.com
the fork doesn't have support for softaculous or any auto installer for that matter. That makes it not suitable for commercial hosting. Just saying.
VestaCP / HestiaCP itself is lack of decent file manager. that's where softaculous comes comes in handy in installing extplorer.
Fair enough. I think file manager should definitely be on their list, even if it's just integrating another open source project.
I thought Vesta had a (premium add-on) file manager? I see it listed in features but not in the add-ons area.
1 click installer isn't that important to me personally, but I see if you're giving end user access then at least a WP auto installer would be good. Wonder how difficult it would be to get them to integrate Softac...
I'm backing Hestia going forward though for the security updates and such. Vesta dev's attitude during the hack turned me off and don't feel comfortable supporting it.
Vesta has premium file manager. But their premium is shit / very bad. Free file manager provided by WordPress plugin, or cyber panel file manager ( also free) is way better.
Don't get me wrong, I have tried heetia, and it looks better than vesta cp. But they have already stated that they will not support softaculous, and any kind of auto installer is not their priority right now, is what makes me can't use them for the moment.
Make sure to try the fork HestiaCP (in which @Falzo ) is involved. It focuses on more security and stability