New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
How can people buy from you or gain customers if, after several days of trying to purchase a license, they only see this?
Product group does not contain any visible productsOnly the free plan is visible
Can you tell us about any companies in your sector that use your product?
ok, my last comment was flagged, and got a warning for sarcasm of a shitty panel.
no, i haven't used it. but managed to shut his server down few weeks ago when he had the demo up, since most of the text boxes were easily explotable. this was reported by another member, so i hope he has fixed it already.
and with "he" i mean Claude suscription, who is trying to make a panel from broken prompts.
no lies on this reply, so no warning
Regarding "Product group does not contain any visible products": That was a limited-time promotional trial that has now expired as intended. It has been replaced with our Free Forever license a permanent, lifetime-free, fully functional hosting panel with no expiration, no credit card, and no restrictions.
Regarding proof and clients: We do not publicly disclose client server IPs, license keys, or company names without their written consent. This is standard practice for any software vendor. Our clients use HPanel in production across the UK, EU, and Asia including our own company, Hostlic Webhosting Ltd.
Why the negativity?
He tries to offer an alternative for the greedy bastards at cpanel who make millions.
Maybe the product is still raw, and lots of bugs and security issues exist, but at least
he is trying? While at the same time giving a free lifetime limited version for 5 users.
And since Claude can write better code than 99% of modern "skillfactory learners", I
actually don't see it as a bad thing per-se.
Thank you for the fair perspective. You're right we're building an alternative to overpriced panels that charge $15-69.99/month per server. HPanel's Free Forever plan is fully production-ready with no time limit.
Regarding security we take it seriously. Early demo environments are built to be tested and broken. That's how products improve. Our production builds include input sanitisation, CSRF protection, rate limiting, and security hardening.
We welcome constructive feedback. Anyone can deploy the Free Forever plan and report issues through proper channels. That's how good software gets built.
You can check it out for yourself:
https://hpanel.net/pricing.php
When you sign up for any plan, a "hidden product" appears
Only the free plan allows you to place an order
Thanks for flagging this the paid plans are now visible and fully functional.
Feel free to test any plan. If you encounter any other issues, we're happy to address them.
This thing been hacked yet?
Yes multiple times
Thought as much. Damnit AI!
Based on what evidence exactly? If you have specific details about any security incident, share them. Date, server IP, vulnerability exploited, anything concrete.
Making vague claims without proof isn't a security report, it's misinformation. We log every installation and every access attempt. If an actual breach occurred, we'd have records of it.
Interesting conversation. One asks "has it been hacked?" and the other confirms "yes multiple times" within 8 minutes, with zero evidence from either side.
If HPanel was hacked "multiple times", surely there would be at least one CVE report, one forum post with details, one screenshot, one affected server IP, something. But there's nothing. Just two users agreeing with each other based on nothing.
We maintain full access logs for every HPanel installation. No production breach has ever occurred. If either of you has actual evidence of a security incident, share it. Server IP, date, method of attack. We can verify it in seconds.
Until then, publicly claiming a product has been "hacked multiple times" without a single piece of evidence is defamation, and we will treat it as such.
How would HPanel know if there has been any breach after installation? Does HPanel installation send secret pings to HPanel operator (you)?
We don't monitor individual servers. If a breach had occurred on any HPanel installation, the server owner would report it. In 2 months of active installations, zero breach reports have been received through any channel.
Just cause its not reported doesn't meant its all green!!
Since that panel appears to be just a vibe coded slop, I asked AI too to create a security report for you
https://files.catbox.moe/39h3g3.md
Right. Maybe its a secure thing. The obvious AI thingy is worrisome.
While we at it, your logo infringes on cPanel IP. Surprisingly nobody brought it up yet.
From selling chocolate to making a cpanel alternative, this is LET nowadays....
https://find-and-update.company-information.service.gov.uk/officers/OSzGZMoVL4lEGmvw9hSHECzq-Qg/appointments
The logo was designed independently using a publicly available font and does not use any cPanel assets or branding.
Doesn't matter. Just giving you advice. Could elaborate but well... take it or leave it.
Thanks for the feedback. We’ll make some changes to the logo over time.
Overall Risk Rating: CRITICAL — The combination of root execution, hardcoded secrets, and unauditable compiled code presents an unacceptable risk for production deployment in its current state.
When we think about it, all panels introduce an extra attack surface because of their complexity and privileged system integration. Just earlier this month there was pre-auth
root RCE in cpanel
So I don't think any panel is "safe" for production. The shared hosting concept itself is slowly becoming a thing from the past. How many shared offers are here on LET? barely any over the past few years.
This project looks like a one man hobby, it will be hard to maintain a complex thing like
that alone. But not a bad progress for a 3 months old project either.
Great point. cPanel had a pre-auth root RCE vulnerability just this month, and they've been around for 25+ years with a massive security team and millions in funding. Security is an ongoing process for every panel, not a solved problem.
We're 3 months in, actively improving, and taking security seriously. We appreciate the fair perspective.
@HPanel I have a project related to the hosting world, you could call it a control panel, but with a very innovative approach.
I’ve been developing it for about a year now, and until today I still haven’t announced it.
Honestly, it looks like I’ll just leave it sitting on my D drive because I already know there will be people who try to tear it down and question my work even if I release it for free..
So I’ll probably keep it private or just use it for myself..
I hope you understand what i mean..
Would you mind sharing the prompt(s) used to create this? And the LLM used?
Try not to follow the path of CyberPanel - it became a meme in the hosting world.
More of a backdoor than a panel - at least 1 major pre-auth RCE every year
https://www.cvedetails.com/vulnerability-list/vendor_id-20009/product_id-56550/Cyberpanel-Cyberpanel.html
For the fairness at least CyberPanel is free and open source, so it's easily audited.
You charge way more than you currently able to deliver, and make it hard on people
to actually find issues because of the previously mentioned security by obscurity tactics.
We completely understand. The negativity from people who have never built anything themselves can be discouraging.
Our advice: release it. The critics will always be there, but so will the users who actually need your product. The hosting industry needs more innovation and competition. If your approach is truly innovative, the market will decide its value, not forum commenters.
Launch it. We'd love to see it.
Fair points, and we take them seriously.
CyberPanel's track record is exactly what we want to avoid. Security is a priority, not an afterthought.
Regarding pricing, our Free Forever plan gives full access with no restrictions. That said, we hear the feedback on paid plan pricing and will be revising it soon to better reflect where the product is today. Stay tuned.
Regarding code auditing, we understand the concern around compiled code. We're exploring options to make security verification easier for the community without fully open-sourcing the project at this stage. This is something we're actively discussing internally.
We appreciate the honest feedback. This is the kind of constructive input that actually helps us improve.
Who are "we" ???
You + claude + kimi + gpt + copilot + ....
I would call this Chocolate Panel just to have a continuity of your disolved company insted of make it "better than original", "best price just for you", "first quality my friend", "normal price x but for you y", etc...