Cyberpanel new user - 10 questions!

Support and Discussion General Discussion
1

First of all - we are quite impressed Cyberpanel but have a few questions to check some functionality:

  1. IP addresses. Is it mandatory to have a fixed public IP assigned to your VM, or can you use a local IP and NAT the public. Some panels require a public IP - for instance, ISP Manager if you want CloudLInux / Litespeed support. It’s not possible to use a O/S based Public IP in Azure with ARM or Google Cloud.

  2. I am a bit worried about the use of FTP as seriously old / insecure. FTP is also a nightmare to firewall too . Is there a more secure option? SFTP/FTPS?

  3. Is it possible to backup ONLY mySQL? Some customer sites are huge (10GB of files) and so zipping up the entire directory and sending each night is not really very efficient. So we would use a block based delta solution to back this up but we would like to be able to backup MySQL.

  4. Is it possible to access the actual LiteSpeed Web Admin (for enterprise version)? There are many settings such as context etc in the vhost which we would like to get access to. It is also handy to see the vhosts in a list, to check configuration etc.

  5. It seems like there are no options to run LiteSpeed Enterprise with more than one worker process. What if we want to run more than one?

  6. Is it possible anywhere to get a ‘site list’ where you can see on one page, which sites are using what resource (storage and bandwidth)? One of the major issues with administrating a server running shared sites is the ability to quickly identify ‘bad apples’ be they storage hogs, bandwidth hogs or CPU hogs.

  7. It does not appear possible to change a website URL. So for instance dev.mysite.com needs to be made live to www.mysite.com - I read this on a forum post - this is quite a needed feature, is there something planned to fix this? Otherwise to make a site live, it’s a lot of work to completely re-setup again. Interworx has a rename script which involves loading in an Alias and ‘swapping’ the alias with the running domain so ‘www’ becomes live and ‘dev’ becomes the alias. It does not change the directories or the user.

  8. The Mod_Security support is great, however in Litespeed we can configure enable this per vhost or even in a context of a vhost (so one particular path in a website). On CyberPanel it seems you have to set rules for the entire server. Can you set them per vhost? Access to LS Config would fix this.

  9. We really like the ‘main’ user interface, but the icons used in the ‘per website’ interface are quite off putting! Is there any plan to update this interface? It’s the interface my customers would use so I would rather this part looked slick and the main one not!

  10. I would welcome any integrations with security solutions that enabled centralised monitoring and reporting. So I would like to put in a ‘+1’ for integration with something like Imunify360.

That’s my 10 questions!

Kind regards,

Jeff

2

  1. If you want to use NAT, then you need to configure it properly. But recommended is a public static IP directly assigned to your VM/Node.

  2. We already use FTPs.

  3. Not yet, but there is a custom script did by a community member. If this is requested too much, we can consider it to add officially.

  4. Yes, same applies to LSWS Ent as well [Tutorial] How to setup and login to OpenLiteSpeed webadmin console - Blog Posts - CyberPanel Community

  5. There is, such as Bot Verification

  6. You can do that, here is more information https://cyberpanel.net/docs/3-view-website-user-resource-usage/

  7. Planning to add this feature, as it is often requested now. (Currently not possible)

  8. On the website launcher, you can control configurations for individual virtual host under vHost Conf. There you can add your custom modifications and they will not be overridden, you can also use include files.

  9. The new design is coming in a few days and it looks like https://scontent.fisb1-1.fna.fbcdn.net/v/t1.0-9/50018974_380301872520613_446163595005263872_n.png?_nc_cat=108&_nc_eui2=AeGW4mdpE2PhWDJ42V-jJM8sDPz27Nt32YoendVFLQFeHBU1hahDqbNJs72otJSzZk-tIVu-C7QmzVmvB3MG0wqTcfcFiBQvWrM4JK2brUqJnQ&_nc_ht=scontent.fisb1-1.fna&oh=d17d3e8d9078a090266c12353cdefcd3&oe=5D002690

The file manager is also redone among other things.

  1. Noted.
3

Thanks very much for your answers!

With regards to 1) - if you want CyberPanel to work on Azure, Google Cloud, it needs to work with an internal IP but have the public IP ‘assigned’ from the Cloud provider (forwarding) the public IP is never visible to the OS. I will test it out.

  1. FTPS. Do you know if the default is EXPLICIT or IMPLICIT FTPS? FTPS is a pretty awful protocol for firewalling. EXPLICIT I believe only secures the handshake and not the data sent, whereas IMPLICIT does everything. Then you have to open control ports, and is you need passive mode there are loads of UDP ports to open up too. SFTP would be a much cleaner, easier to firewall, better support with FTP clients, and more secure option.

  2. Right but this is not what I was talking about. On that page it shows you how to view resource use of just one website. What if there are 100 on the server, how do I know which site is chewing storage? What about docker containers - perhaps there is one that does not have enough CPU % assigned and are maxing out CPU wise - how could I find that?

What would be excellent is a list page which shows all sites by resource use, so you can quickly identify a single site that is using a lot of resources. As I said, this is a major problem with shared hosting - finding culprits.

  1. Thanks - definitely a feature we need to go production.

  2. New design for site interface looks great

Two more questions with regards to High Availability / cluster setups!

  1. Am I right in saying that the persistent data only ever exists on one node - so technically we are not talking ‘true H/A’ because if you rebooted the node that was running as a data note - everything would fail - right?

  2. Is it possible to ‘move’ a containerised app from one node to another (if the node simply got overloaded for example)?

Thanks again for all of your answers!

Jeff

4

  1. We’ve tested on GCP and AWS it works. We also have a one-click app on AWS AWS Marketplace: CyberPanel

  2. It is forced FTPS, passive ports are also added on Firewalld.

  3. It is not possible to view the usage of all websites from a single page. (If that is what you are asking)

  4. The new design is launched today. https://cyberpanel.net/2019/02/06/cyberpanel-1-8-1-released-website-limits-new-design-improved-file-manager/

  5. Yes, we are looking for some good alternatives for storage options on HA Apps. Docker does not provide good storage option for our use case as far as we know, we also need purge tracker, which currently needs implementation.

  6. You can use the remote transfer feature to transfer websites from a remote CyberPanel 3 - Remote Transfer - 07 - Backups - CyberPanel Community

This is not specific for a containerized website, but any website available on your CyberPanel.