New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
You have to break down CloudLinux's features into two sets. Additional resource limitations and CageFS.
The additional resource limitations I never had much luck with. The idea (at least I thought) with limiting memory, CPU, IOPS resources was so that you could have different tiers of accounts, i.e. pay a lot of money and you get higher memory, CPU, and IOPS resources on the same server. But in practice I didn't find this to be possible. If you set the default resource limits too low, then the resources start to clash with each other and undercut overall server performance. If you set the default resource limits high enough to eleviate this clash - then the resources are too high for anyone to even think about needing to upgrade. And so if EVERY account on the server is using the default resource limits - then there's no advantage to having resource limits.
Additionally, you can utilize cgroups on your own without a CloudLinux license to get much of the same functionality. Essentially CloudLinux is just taking the cgroup system and prettying it up with easier to understand interfaces to accomplish the same task.
CageFS on the surface looks good. But the Linux filesystem technically already has measures in place - the problem is too few people realize this. The Linux filesystem permission system already handles this. Don't want another user on the server to read your wp-config.php file? Use chmod to change the permissions of the wp-config.php to 0600 - then only the owner of the file can read and write to the file, other users can't read or write the file. Disabling a lot of the execution functions in PHP and setting open_basedir will also help. Since practically every shared hosting server is using something other than mod_php to execute PHP and PHP execution is performed by the owner of the specific VirtualHost - these permission settings still allow that VirtualHost to access these files as they normally would.
So I don't think CloudLinux is really that necessary for a shared hosting environment. Perhaps if you're unfamiliar with Linux and/or just don't have the ambition to tackle these issues yourself, then CloudLinux can help. But I also think you can license yourself to death buying software license after software license to provide functionality to your company that with a little effort, you can do on your own.
--
My problem isn't money man, it's learning things.
Now I am looking for good alternatives and ideas for cloudlinux as well.
Ask chatgpt
I remember when many used to use that but it caused issues.
CloudLinux now have in documentation
"Note
It is recommended to disable VMEM limits (set them to 0) in your system at all because they are deprecated in CloudLinux OS Shared 6 and 7 system and can cause unexpected issues."
So I guess everyone only use pmem and not vmem.
I could never get used to DA going from cPanel.
I think Enhance with new docker is the only one that has built-in isolation at no extra cost. I am waiting for the roadmap to be completed before looking into it again. It is still missing a lot of features.
Webuzo looks good but you would still need CloudLinux/CageFS for shared hosting environment.
Cloudlinux is not just about using all ressources, this is a silly argument.
If a provider is overselling his servers the customer experience will be bad with or without cloudlinux, it's the mindset of the provider the issue. (or the price the customer is willing to pay for the service..)
Cloudlinux also add ease of management that helps keeping features up to date, like php selector that will allow you to offer all flavours of PHP and give the customer the ability to tune it per his requirements.
CageFS isolation will help you avoid spread of hacked accout to another
Yes you can do without it but it will consume more admin time.
If you are "considering providing shared web hosting", yes it is a must, at least in the beginning.
cloudlinux+cplane+litespeed This is the best solution in my opinion, the others are not good, thanks!
best for marketing 😁 👌
Most panels with CL + LS would be good
Is CloudLinux necessary? No, not really, but it is highly recommended by most definitely. I suspect most don't have experience providing hosting when CloudLinux wasn't around. Of course, there are other solutions to the problem if you have experience or your panel supports them. If you're asking the question if it's necessary, you probably fall under either requiring CloudLinux or the control panel you intend on using, providing the significant features (resource isolation, virtualized filesystem). If the concern with using CloudLinux is bursting, they have promised it for some time ( https://features.cloudlinux.com/c/9-limit-bursting-v1-0 ). In the CloudLinux scenario, you could also read the real-time usage and adjust LVE limits automatically if your server has spare resources.
CloudLinux, short-lived BetterLinux, and cgroup/container solutions have increased the reliability and security of shared web hosting. The software solutions can be used to increase density, but overall, most web hosts are now significantly more reliable for the average user. Let's, though, take a look at cases without resource isolation and virtualized filesystems.
You could operate without resource isolation, and your average user would find no difference whether there is isolation or not. Eventually, you'll have a user who will try to soak up every resource possible. That abusive user will be delighted as long as you tolerate them. They're paying you for shared web hosting and getting an almost dedicated server. Your average user will be unhappy, and their performance will drop due to that abusive user trying to use 40 CPU cores on your dedicated server with only 20.
You could operate without the virtualized filesystem, but there are issues to consider. You cannot assume your users will use proper file permissions. The first step in many tutorials states to set every file on their website to 777. For many error messages, it also has on the list of possible solutions put everything to 777. There is a solution to this problem, though. You can watch the filesystem and proactively try to set proper permissions. Changing the permissions of files on users will result in complaints, so that is something to keep in mind.
To address other suggestions for security like open_basedir:
The same can be said with disable_functions due to the numerous bypass situations that continue to come up. I would also remember that functions like shell_exec may also be used for legitimate purposes.
While it is not absolutely necessary to use CloudLinux for shared web hosting, it is highly recommended. Without CloudLinux, there are several drawbacks that you may encounter:
Security concerns: Shared hosting environments are particularly vulnerable to security issues, as a single compromised account can affect all the other accounts on the server. CloudLinux provides increased security by isolating each account and preventing one account from affecting others.
Stability issues: Without CloudLinux, one account can consume all the resources on the server, causing stability issues and downtime for other accounts on the server. CloudLinux provides better resource management and isolation, ensuring that each account has its fair share of resources.
Performance issues: Shared hosting environments can suffer from performance issues, as one account can consume all the resources on the server, causing slow loading times and downtime for other accounts on the server. CloudLinux provides better resource management and isolation, ensuring that each account has its fair share of resources and improving overall server performance.
Difficulty in managing accounts: Without CloudLinux, it can be difficult to manage accounts on a shared hosting server, as there is no clear separation between accounts. This can lead to confusion and errors when managing accounts and can make it difficult to troubleshoot issues.
In summary, while it is not necessary to use CloudLinux for shared web hosting, it is highly recommended as it provides many benefits, including increased security, stability, and performance, as well as better resource management and isolation.
As a customer I feel safer seeing cloudlinux. I don’t trust providers to adequately secure and separate customers
It’s like the safety of KVM compared to the ‘trust me bro’ of openvz or lxc
for shared hosting, it helps a lot
CloudLinux gives a more advanced resource management per account and without it the load on the support team will be very high.
Exactly, even worse when they advertise blazing fast nvme or ssd shared hosting speeds but limiting the IO to 20 MB/s.