Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Advertise on LowEndTalk.com
opinions about aapanel
New on LowEndTalk? Please read our 'Community Rules' by clicking on it in the right menu!

opinions about aapanel

donkodonko Member

I recently found about it while searching for free control panels with OpenLiteSpeed (besides cyberpanel which i don't like), anyone who have used it long time for "production" or sites with traffic can share some review?
Also i want to know if they don't usually break critical things with their updates.

Comments

  • hzrhzr Member, Moderator
    edited May 23

    https://www.lowendtalk.com/discussion/123884/aapanel-the-preferred-panel-for-spammers-everywhere/p1

    0) their installer is still a plaintext-http pipe into root shell. (note for jsg: this is also on a cloudflare free plan, with backend connection set to flexible/http to origin)

    image

    1) you need python, openssl or other dependencies? instead of using an apt or yum repo, you get unsigned, random, untrusted downloads directly run as root:

    image

    2) hidden tracking code, not mentioned anywhere as far as I can tell

    image

    3) almost no QA, also bonus http download from a bare ip somewhere, no signatures or even a md5:

    image

    4) downloads and runs additional plaintext http bash scripts as root:

    image

    5) doesn't bother hashing or verifying packages downloaded from some random webserver, instead checks if their filesize happens to be big enough (WTF?)

    image

  • notarobonotarobo Member
    edited May 23

    Aapanel good. Fast loading, most time stable if not always follow upgrade. Many small apps can install like fail2ban , one click migration.

    OLs is beta now but working good. Just not possible one click migrate because it detect as Apache (error). Normal nginx migrate no problem

    No problem uptime, bug just few but fixing always.

    Thanked by 1donko
  • notarobonotarobo Member

    @hzr said:
    https://www.lowendtalk.com/discussion/123884/aapanel-the-preferred-panel-for-spammers-everywhere/p1

    0) their installer is still a plaintext-http pipe into root shell. (note for jsg: this is also on a cloudflare free plan, with backend connection set to flexible/http to origin)

    image

    1) you need python, openssl or other dependencies? instead of using an apt or yum repo, you get unsigned, random, untrusted downloads directly run as root:

    image

    2) hidden tracking code, not mentioned anywhere as far as I can tell

    image

    3) almost no QA, also bonus http download from a bare ip somewhere, no signatures or even a md5:

    image

    4) downloads and runs additional plaintext http bash scripts as root:

    image

    5) doesn't bother hashing or verifying packages downloaded from some random webserver, instead checks if their filesize happens to be big enough (WTF?)

    image

    Is this real bad for user? And what is tracking about is it one time or always

  • hzrhzr Member, Moderator

    notarobo said: Is this real bad for user?

    It's either extremely incompetent or careless or intentionally insecure.

    Thanked by 2notarobo AlwaysSkint
  • jetchiragjetchirag Member

    @hzr the last part tho -

    Thanked by 1AlwaysSkint

    ^-^!

  • Don't, just don't.

    Long live LowEndInfo.com

  • MohamadSYMohamadSY Member

    I use it for my websites and for production, it’s a great lightweight one ☝️
    Try it, I think it’s a good free one.

    Thanked by 1donko
  • yokowasisyokowasis Member

    Shady owner, will create shady product.

Sign In or Register to comment.