Server Setup

cPanel is a big no-no

by , , revisited on

We have by far the largest RPM repository with NGINX module packages and VMODs for Varnish. If you want to install NGINX, Varnish, and lots of useful performance/security software with smooth yum upgrades for production use, this is the repository for you.
Active subscription is required.

I’ll start off right away: if you’re using cPanel – stop before it’s too late! Backup your website and wipe your server clean.

That’s perhaps a very rude and not the most elegant intro to my cPanel overview, but that was for the many lazy readers out there.

Up to this day, I have to state the obvious every day in multiple conversations.

If you have been using cPanel and think you can get decent performance or security for your website – you shouldn’t have a website. Chances are high that with cPanel in use, your website will be too slow or hacked soon enough. Yes. Fast to hack and not fast page speed.

Let’s see why I had to put those bold statements above.

cPanel is just slow because…

It uses Apache.

That should be enough for technical users to understand why it’s slow. nGinx is the lightweight counterpart to Apache. It performs better and takes fewer system resources.

It is extremely bloated.

cPanel is a bloatware. It is actually more like a root-kit software because it puts its evil roots deep inside Linux system. Eating up precious RAM and CPU resources, it makes servers crawl to a halt. cPanel tries to address your every “management” need and includes too many unnecessary components.

Easier to hack

cPanel is de-facto the most widely used control panel for web servers. But it’s propriatery software. What happens when many people are using proprietary software? Ta-da! It gets hacked once in a while.

Why it’s less secure.

cPanel is more prone to hacks because it has to have full access to the Linux system. The more unnecessary software you’re running on your system, the more is the chance for server to be easily ruined by script kiddies. By running cPanel, you’re providing hackers an additional, more vulnerable gateway for your website data and server resources. You really should only have SSHD running for root management.

How the hell should I manage my server then?

Wake up alarm! You shouldn’t. Set it up once properly and that’s it. You should manage your website content, and not your server.

  • If you have problems with initial server configuration – hire a dedicated engineer to set it up for you. That is, if you’re serious about running your website. No need to pay extra hidden fee for a server with cPanel. Now you can run perfect server setup with Vultr, DigitalOcean or Linode – save big and make your website really fast.
  • If you really need server management, which means proactive server changes, then I’d say that your project should be big enough and requires a dedicated sysadmin.

Still inclined to use cPanel? You must have a lot of free time then, because building websites with cPanel is a hobby, not a business.

  1. Dave

    You’ve got alot to learn. Without cpanel server admin for multiple sites and emails etc would take much longer, esp with clients not being able to add and remove email etc themselves.
    Cpanel was mostly designed for management of multiple accounts, you’re talking about one website. Don’t be so narrow minded.

    • Danila Vershinin

      The blog/site is about performance. There are certainly use cases for cPanel which are hosting many websites on a single server.

      cPanel may be useful only to server admins / the lazy ones, because they “get the job done” (in fact, not).

      In all probability, cPanel-hosted websites are ending up to be websites which can never outgrow the cPanel constraints because they cannot gracefully handle high traffic.

      As a website owner, you would never wanted to be hosted with cPanel.

      You, sure enough, can run many websites on the same server without cPanel. It just takes a qualified engineer to setup things once and there is no need to have the bloatware panel “running” all the time.

      And don’t get me started on cPanel email, this is an even worse thing that you can use.
      There are so many third-party email services for your domain who will get the things done right in regards to email.

      • fox

        ohh boyy, I can’t help but feeling like you know what I feel when using cpanel. Thank you for this, tho.

  2. HP

    Hello, we use cpanel since years with a multi websites magento installation. So far no problems in terms of security. Speed is fine according google (94) , also with many customers. Perhaps there should be an update in the blog.

    • Danila Vershinin

      Unfortunately, the Google PageSpeed test is quite flawed. You can have a perfect score for a website, yet that same “perfect score” website would load in minutes. Not to say that it simply measures the client-side speed, which is largely irrelevant. Really, read those in full for better understanding.

      also with many customers

      And what if I told you that you could have times and times more actual customers and actual income by just getting rid of cPanel and making a proper setup with the fine software like NGINX and Varnish?
      That is also unfortunate for other misguided people that run cPanel and “everything is fine to them”. They don’t even get to see the real limiting factor to traffic.

      Perhaps there should be an update in the blog

      This website is actually dedicated to “real performance, not fake scores”. This is a bold statement, which was put on the homepage. I suggest reading more articles on the website to get ideas about performance and security.

      cPanel has its uses stated above. But for those who want the maximum speed, and maximum profits, it is out of the question that it’s not even considered in the first place.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: