New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
aaPanel Quick Guide (Free cPanel Alternative) Is it good to use?
Been testing aaPanel on a cheap VPS.
Setup was stupid easy:
1 command install
LNMP in a few clicks
Site + SSL in minutes
Honestly… it feels smoother than some “popular” panels.
🤔 But here’s the thing…
I keep seeing people saying:
“security issues”
“not safe for production”
At the same time, others claim it’s:
stable
lightweight
perfect for low-end boxes
💬 My take
For $5 VPS / personal projects → seems great 👍
For serious production → kinda risky? ⚠️
Comments
Is aaPanel actually unsafe, or just overhyped drama?
Anyone audited it?
Any real-world hacks?
Would you trust it with client sites?
Curious what you guys think 👀
https://www.aapanel.com/forum/d/21188-aapanel-is-hacked
https://www.exploit-db.com/exploits/48886
https://www.exploit-db.com/exploits/50780
So, no. I wouldn't trust it.
would probably add it to the crapware list -> cwp,cyberpanel etc.
Were they fixed tho? I don't use aaPanel myself but I've used it for testing setups a few times and I think it's a good fit for some people running personal sites/apps, but not for giving others hosting. For a private/unshared environment. I have mixed feelings because it has a lot of features, the main people who've built it clearly have put a lot of time into it.
Yup they were fixed but as you said I always have mixed feelings about it.
If you IP restrict the panel/port to your ip only, you might be safe around, but atp you can probably rely on safer ones like hestiacp etc.
meanwhile hestia:
https://github.com/hestiacp/hestiacp/issues/5229
He clearly chose a panel that didn't prioritize security.
aapanel ftw.
BT.cn ( aapanel ) is a very small company, but they are legal business in China, has around 10-20 full time employees working in the company
Hestiacp is an open-source project maintained by a few part-time contributors
for me personally, i will choose bt.cn
I always isolate my control panel (DirectAdmin, HestiaCP, aaPanel) to wireguard VPN so I didnt need worry about front door exploit.
This extra step wouldn't hurt my workflow at all.
Oops. I havent looked into these panels recently, it was a while ago and hestiacp was actually good.
but as I said,
I've been using aaPanel for production since 2023, it's good tbh.
But the pro license is fking expensive
What kind of guide is this xD
there are nulled version, if you don't mind
Nope
What more does the pro license give you?
Application WAF, load balancer etc. The full comparison is here: https://www.aapanel.com/new/pricing.html
simple and ez panel i ever use
I left aapanel because the free version doesn't support multiple users. Now I use fastpanel and hestiacp.
I don't get why anyone uses these panels. SSH is a thing.
Keyhelp is a great free control panel.
https://www.keyweb.de/en/keyhelp/keyhelp/
Dont know why they are delaying fixing security issues.
Doesn't look like they accept customers outside of either Germany or Europe.
Ai player like me/us needs panel. I only know 1 Linux command "htop"! I am running a vps and a website without knowing any code or command.
what about this one? https://github.com/1panel-dev/1panel
free and open source, is it safe?
people probably spend more time hoping between and getting used to panels than it would take them learn basics of server administration, especially with LLMs that could directly answer your questions