Starburst — I know you are active here on the forum, I’ve been following your replies, and I appreciate the work you are doing.
However, before any workaround solutions are suggested, I want to clarify something important.
A few months ago, I opened a support ticket on the CWP platform regarding this issue. @josemnunez was aware of it and had reviewed my report, but after I continued to insist on the same concern, the ticket was closed without any real resolution.
If this is a financial or resource issue, then that is fine — increase the license price, even double it if necessary. I personally would agree to that.
But what should not continue is the current approach based on patchwork fixes and temporary solutions for core issues in CWP.
At this point, I would like to restate the main issue clearly:
I would like to clarify and consolidate my previous points regarding the CWP installation process and the default stack on AlmaLinux 8/9.
This is not about choosing between Nginx, Apache, or any specific web server. The issue is the default state and quality of a fresh CWP installation.
At the moment, a clean installation of CWP on AlmaLinux 8/9 results in an outdated and inconsistent software stack, including older versions of core components such as:
MariaDB
Apache
Nginx (if selected)
PHP (non-modern default setup)
phpMyAdmin
Roundcube
Postfix
system packages related to web and security that are not aligned with current security standards
This means that immediately after installation, we are forced to manually update multiple critical components just to reach a modern, secure, and stable state. As you already know, this update process is not always straightforward and can sometimes introduce issues based on forum-provided solutions, which is not ideal for production environments.
What I am suggesting is a modern secure baseline for new installations:
On AlmaLinux 8/9, CWP should install by default a modern and secure stack:
PHP 8.3+ as system default
latest stable MariaDB
latest stable Apache
latest stable Roundcube
phpMyAdmin updated according to current security standards
If Nginx is selected during installation, it should also be installed in its latest stable version, not an outdated one.
In addition, there is another important issue:
On AlmaLinux 9, CWP installation requires additional packages to be installed manually before running the installation script. However, this is not clearly documented in the official installation guide. These requirements and workarounds were originally published on the forum during the Beta stage. Since AlmaLinux 9 is now officially supported, these prerequisites should either be integrated into the installation script or documented officially.
A fresh installation should not require users to search forums for known prerequisites or fixes.
At some point, the installation process and default stack need to be properly modernized instead of constantly relying on temporary solutions.