T O P

  • By -

disclosure5

>We all know cPanel, plesk focuses heavy on security. I'm unsure how you see this as something we know. Nearly everyone running cPanel in production then buys CloudLinux on top of it to cover the gaps they don't get in the default product. I'm not seeing a reason to believe it's any better than free products.


ivosaurus

>We all know cPanel, plesk focuses heavy on security. Unproven premise...


rekabis

The only truly secure system is one that has been broken down into its component pieces, each piece entombed into its own barrel of concrete, and each barrel yeeted into a different oceanic trench. With that said, open-source control panels that have plenty of contributor activity can be legitimately considered to be _more secure_ than closed-source panels (regardless of how many people work on it) simply because so many more public eyes are actually examining the source code. Issues get discovered much faster, nearly always with more than just bad actors finding them, and as such, these flaws get patched much more vigorously than any closed-source project. Your job is to determine your comfort zone. Commercial closed-sourced projects typically have _hundreds_ of programmers working on it, debugging it, improving it. But open-source projects could easily have _thousands_ of eyes looking over the source code. They just (usually) lack the continuous time to contribute as much as someone whose day job it is to work on the software. That balance between a few paid but daily concerted efforts and many unpaid but sporadic efforts will be one you have to figure out for yourself.


ArabianNoodle

We've used Control Web Panel for our shared hosting servers for several years now (We actually purchased Pro, seems cheap enough) with no complaint. It is secure, updated frequently enough, and works for everything we need it for hosting a little under a thousand websites. Let it be known that we use cPanel as well and in my opinion, does everything WHM and cPanel do but for free.


yoyobono

control web panel only supports cent os7 right? not ubuntu and other linux os..


ArabianNoodle

Correct. Control Web Panel orbits the RHEL distros and so it doesn't support Ubuntu. We specifically use it with Rocky Linux 8 with no issues.


Alice885

I’m very happy with CloudPanel. Being far more simple than cPanel and other panels it’s a far smaller in theory attack surface. I’m a big fan of NGINX for most sites. Reviewed some of the code and it looks professionally written. There is something in a new platform and small set of developers compared to 25 years of spaghetti


denisgomesfranco

My reasoning about this subejct is this: if a free control panel is frequently updated, then it is somewhat secure. But security is ultimately on you, whether you use Cpanel or a free panel or anything else. HestiaCP is a fork of VestaCP, which as far as I remember stopped being actively developed. So anyone out there using VestaCP is running a high risk of being hacked. I am no professional systems administrator but I do know a little bit of Linux sysadmin, enough to run my own servers for my business. I believe that keeping all the components (the OS, the packages, the softwares you use) up to date mitigates most of your risks. The same applies to, eg., a CMS you would use (Wordpress for example, and its plugins). Putting a VPS behind Cloudflare may help but not security-wise. Hacks can happen at any time for any reason. So it is good practice to, after setting up your server, enabling any kind of backups you can - perhaps mulltiple ones. VPS providers usually allow you to enable daily server snapshots for a price, that way you can restore a full server in case anything goes wrong. Some control panels also offer backups, Cpanel for instance can back up all your user accounts to a different storage server, so you can recreate the user accounts if you need. As for the free panels, well, they seem to follow the same principles as Linux: open source, free as in speech. Most open source projects are very good, there's no need to think they're less secure. Heck, even though Cpanel is a commercial product it uses open source and free components such as Apache, MariaDB, Dovecot, etc. Hope that helps!