Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Subscribe to our newsletter

Advertise on LowEndTalk.com

Latest LowEndBox Offers

    apnscp License Sale - $99 lifetime through Monday
    New on LowEndTalk? Please read our 'Community Rules' by clicking on it in the right menu!

    apnscp License Sale - $99 lifetime through Monday

    nemnem Member, Provider

    From the software formerly (and still officially known as apnscp), it’s the Apis Networks Control Panel: a hosting platform since 2002 engineered to help you achieve more. Once installed, apnscp’s adaptive firewall activates by protecting all facets from WordPress to SSH for added peace of mind. This is a multi-tenant platform in which each account is partitioned from one another and may be optionally controlled via resource enforcement. 1-click installation and automatic updates are provided for WordPress, Discourse, Ghost, Drupal, and Laravel.

    ApisCP evolved from my time behind the helm with Hostineer/Apis Networks as a platform free from third-party licenses and as close to set-it-and-forget-it as one can achieve. It’s built for shared hosting, but nimble enough to stand on its own as a platform for your VPS. ApisCP is built to be self-healing, capable of correcting anomalies to keep your sites humming as efficiently as possible.

    Black Friday sale!

    ApisCP lifetime licenses are on sale for $99 through Monday via https://my.apnscp.com. Firm limit of 10 per user.

    Even if you managed to grab a lifetime license, it’s a great opportunity to support development. :wink:

    Monthly licenses/NOC resellers

    Monthly licenses go on sale December 15 for $15/month per license. Volume discounts available over 10 licenses per month. Monthlies were slated to be part of the BF offering, but perfecting cPanel migrations took center stage to get existing clients off cPanel before the end of the year.

    NOC partnerships are also open. Reach out to [email protected] for reseller pricing, commit rates, custom deployment pipelines, and determining the best fit for your fulfillment process. Prebuilt images hydrate within 3 minutes and provide the same level of protection immediately on deployment.

    Getting started

    Visit Customization utility to get started with a trial install. Configure the panel how you’d like (PHP 7.4 available 11/28). INSTALL.md for in-depth details. Trials are fully functional for 30 days. You can easily upgrade to a paid license within the panel or from command-line. Information is in LICENSE.md. Paid licenses are available through my.apnscp.com and on sale for $99 (normally $159).

    Minimum requirements

    • CentOS 7.5+
    • 20 GB storage
    • 2 GB RAM

    apnscp can work on a 1 GB machine, but RAM is cheap nowadays - performance not so much. Whatever excess RAM can be utilized is utilized to boost throughput.

    2020 roadmap

    3.1, released October 27, introduced TimescaleDB that’ll serve as the backbone for predictive analytics going forward. Beyond highlighting abusive clients exceeding CPU and I/O limits, it serves as an aggregation service for instrumentation- PHP-FPM requests/second, maximum OPCache memory used, MySQL open tables/second, queries/second, mail flow rate, etc. Now we can take this data and perform hot optimizations based upon feedback to trim slack between services. Best of all, the longer your account resides on ApisCP the more intelligent it becomes.

    Metric logging is presently an opt-in feature released in 3.1.10 with implicit activation scheduled for January 2020. cpcmd scope:set cp.config telemetry enabled 1 will activate metrics logging.

    Metrics are stored in appldb.metrics within PostgreSQL. env DEBUG=1 cpcmd -d domain.com test:metrics performs a simple metric fetch. This feature will continue to expand rapidly over the next month, right now the focus is making sure data retrieval is fast and efficient.

    Secondly, rspamd will be fleshed out tremendously including DKIM/ARC signing and outbound rate-limiting per domain/authenticated source. There’s some wizardry involved with logical replication of data from PostgreSQL to Redis that will be implemented in the first half of 2020.

    Geeky technical details

    • Open-source
    • Frontend : PHP7, Laravel interoperability
    • Backend : PHP7, MySQL, PostgreSQL
    • Customizable : Yes, via Laravel Blade. See Customizing.md
    • Platform management : Ansible
    • Stack : via Stackshare
    • Audited: yes, via Rack911. Disclosure report .
    • API : yes, 2,500+ commands via SOAP. Drop-in modules alter API schema, which SOAP enforces strict error checking.
    • Filesystem isolation : yes, via synthetic roots mounted with OverlayFS (called BoxFS )
    • Resource enforcement : yes, via cgroups
    • PHP-FPM : yes, suid and jailed prior to pool launch. Uses socket activation to stagger launch of boot thus mitigating a Thundering Herd effect. Pools sleep when appropriate to conserve memory. Each account pool is isolated from neighboring accounts.
    • Design architecture : API driven-development + principle of least-privilege with elevated backend broker. Backend throughput ~10k API commands/second
    • DNS support : PowerDNS, CloudFlare, Route53, DigitalOcean, Linode, and Vultr.
    • Billing support : WHMCS (third-party). Reach out to me ([email protected]) if you’d like to author a Blesta module.
    • Backups : Bacula
    • Imaging support : yes, hydration completes in ~3 minutes. A desiccated image provides brute-force protection too!
    • Multi-php : no, but may be compiled and shared via a synthetic root. Bear in mind the consequences of running potentially abandoned, 5+ year old code. Good code should persist with little change. Bad code (and thus vulnerable code) requires tender loving care. Bad code may expose your server to malicious actors.

    Contact

    Comments

    • Does apnscp have auto letsencrypt ssl?

    • nemnem Member, Provider

      @hiphiphip0 said:
      Does apnscp have auto letsencrypt ssl?

      Of course. It'll attempt to acquire SSL whenever a web app is installed via Web > Web Apps. letsencrypt:bootstrap is an API command that periodically attempts to acquire SSL for all domains on the account using a best-effort approach (DNS + wildcard, then domain validated per-domain). If you're migrating off a cPanel account, letsencrypt:bootstrap is automatically invoked at conclusion of migration.

    • @nem said:

      Of course. It'll attempt to acquire SSL whenever a web app is installed via Web > Web Apps. letsencrypt:bootstrap is an API command that periodically attempts to acquire SSL for all domains on the account using a best-effort approach (DNS + wildcard, then domain validated per-domain). If you're migrating off a cPanel account, letsencrypt:bootstrap is automatically invoked at conclusion of migration.

      If one server have hundreds of domain need to renew letsencrypt, would it handle it properly, like put it in a queue?

    • @hiphiphip0 im pretty sure it uses laravel horizon to manage job queues

      Thanked by 1hiphiphip0
    • Does it work with sofaculous? :)

    • nemnem Member, Provider

      @MACscr said:
      @hiphiphip0 im pretty sure it uses laravel horizon to manage job queues

      Yup. Any long-running API command may be jobified.

      @MatthewLeigh said:
      Does it work with sofaculous? :)

      No need, it runs its own set of curated Web Apps, which covers a variety of trusted, maintained applications. This is from a dev version, Magento is disabled in production and Nextcloud is coming soon.

      Each of these applications honors privilege-separation, deploys updates automatically, and provides a consistent API that helps your securely manage your sites. If you want to disable privilege separation for a less secure single-user model like cPanel/Plesk, then you may do so via Account > Settings > PHP > Pool owner > admin. I would recommend against it; there's no need to give someone the keys to your house if you leave your shed unlocked.

      Separation ensures that only specific assets may be written to by the web server. Any files created by the web server are tagged with that owner to make audit trails quite easy to follow. There's even an "Audit" feature in the panel that does just this.

      Core updates are deployed within 24 hours once discovered upstream. Packages for those apps are deployed periodically, every Wednesday and Sunday. You'll even get a helpful alert of what updated,

      There are better ways of providing secure 1-clicks. cPanel and the like never put effort into building out such a system leaving the impression it's impossible. It is possible, if you build a platform with a solid framework. Let's go forward instead of turning the clock back 10 years and build a safer web in the process.

    • I wish your software worked on things like open vz/kvm and so on rather than just dedicated servers.

    • nemnem Member, Provider

      @MatthewLeigh said:
      I wish your software worked on things like open vz/kvm and so on rather than just dedicated servers.

      It works just fine on kvm. That's how I run my hosting outfit via Hostineer these days. Bypassing BIOS on automated system recovery is key to fast sub 20 second reboots. Remember, this platform is built for modern tech ;).

      apnscp optimizes all facets of a server and is not intended to work in a restrictive, containerized environment. Such optimizations include tuning kernel parameters and setting a swap, which you need for a healthy system.

    • hzrhzr Member, Moderator

      just want to say that nem is smart and not dumb, have sent some web dev clients to apis for years, buy this panel, it is good

      Thanked by 1nem
    • Just saw your post on reddit about free license! A little late lol. This looks very interesting and this BF looks like a good deal.. Just been using so many panels.. to try another panel.. that is the question.

    • nemnem Member, Provider

      @darvil said:
      Just saw your post on reddit about free license! A little late lol. This looks very interesting and this BF looks like a good deal.. Just been using so many panels.. to try another panel.. that is the question.

      Installation is completely automated. Spin up a VPS, run the one-liner, and poke around in a hour after it's setup. It's the most hands off of all panels. :smiley:

    • This looks good, but I really would like to use softaculous as well due to their large library of apps. Is it compatible?

    • nemnem Member, Provider

      @shillshocked said:
      This looks good, but I really would like to use softaculous as well due to their large library of apps. Is it compatible?

      No, although I'm curious as to what apps you want from Softaculous integrated into apnscp beyond WordPress, Ghost, Discourse, Drupal, Joomla, Laravel, Nextcloud, and Composer-backed projects. Depending upon general sentiment, I may integrate them to apnscp along with a corresponding Fortification profile.

      I'm against having a library of software that isn't properly vetted for the sake of numbers. The moment Softaculous falls behind on delivering patches or the authors of those apps stop producing updates, the server turns into a minefield of malware.

    • I just want to test what's out there. That's the advantage of something like softaculous. Once I've settled on software packages, I can batten down the hatches then.

    • nemnem Member, Provider

      @shillshocked said:
      I just want to test what's out there. That's the advantage of something like softaculous. Once I've settled on software packages, I can batten down the hatches then.

      I'm open to app ideas, but I need to hear why you want it, what the broad appeal is, and what features it offers that the other apps don't provide. Every app that I add must be capable of unassisted updates. APIs are built around each app. 1500 lines of code per app is no small feat to continuously manage, so these apps need to have some merit.

      Having a curated selection of apps that are vetted by the platform authors go a lot further than just giving you a means to install it. Beyond Fortification, certain apps support the ability to restart as well as reconfigure attributes such as admin or database credentials. In 2020, apps that are present in apnscp will support multi-user staging/development environments, which are more valuable additions than giving someone decision paralysis with 50 blog variations.

      There's little reason to have 50 different blogs when 1 (WordPress) addresses 99.5% of use cases and is vigorously maintained. Heaven knows what percentage of those 451 apps in Softaculous are actually secure.

    • @nem said:

      @darvil said:
      Just saw your post on reddit about free license! A little late lol. This looks very interesting and this BF looks like a good deal.. Just been using so many panels.. to try another panel.. that is the question.

      Installation is completely automated. Spin up a VPS, run the one-liner, and poke around in a hour after it's setup. It's the most hands off of all panels. :smiley:

      I mainly use directadmin now. Just a hassle with having too many panels to support.

      One question, are we allow to resell these license? Or trade I mean. I know we can buy a few. Just wondering thanks.

    • nemnem Member, Provider

      darvil said: I mainly use directadmin now. Just a hassle with having too many panels to support.

      Be sure to keep us in mind if you need a fresh change down the road. apnscp was built specifically for a hosting company, serving as the panel for Hostineer/Apis Networks since 2002. It's heavily automated, so I could spend less work administering and well, building the platform. apnscp is even better once you start delivering value-added releases from a custom repostiroy. I use a separate delivery pipeline for Hostineer that mixes in custom apps, modules, and migrations.

      One question, are we allow to resell these license? Or trade I mean. I know we can buy a few. Just wondering thanks.

      Yes, licenses are transferable. NOC partnerships - bulk reselling - are also open as well, which go live Q1 2020. Email [email protected] for details on commit rates and discussing delivery options (prebuilt images, custom repos, vanilla installs, etc).

    • Bought another 3 licenses :)

      Thanked by 1nem
    • nemnem Member, Provider

      @hiphiphip0 said:
      Bought another 3 licenses :)

      Thank you very much for your continued support :).

      New edge release provides early work in PHP-FPM management from within the panel, including granting users the option to flip between privilege-separation and cPanel same-user. It may be disabled within the panel via cpcmd scope:set cp.config httpd fpm_user_change false. Will have some tweaks to alter OPcache limits in a few days, which will morph into "auto" caps to dynamically reconfigure based upon utilization metrics up to the account resource limits early next year.

      Last chance for Lifetime Licenses! Sale ends Tuesday and it will be the last time they're this low. Lifetime prices go up permanently from $159 to $299 on December 15.

    Sign In or Register to comment.