Goodbye CWP — I’m done for good

Goodbye CWP, I’m done for good.

Alright folks, this is my last post here.

I’m officially moving away from Control Web Panel and I’m not looking back. This isn’t a rage-quit. It’s a long-overdue “operations sanity” decision.

Why I’m leaving:

• Admins missing in action. Too often it feels like nobody is steering the ship.
  
• A few loud users run the forum. If you ask real questions, you get politics instead of answers.
  
• Support reality: Asking for help here is mostly useless and if you positively criticize something, some people act like you committed a crime.
  
• The usual reply: “Go buy a paid panel then.” Cool. That’s exactly what I did because when clients are paying me, I need reliability and support, not forum drama.
  
• Updates went for a toss: There hasn’t been a meaningful update in forever (feels like a year+). PHP updates feel like a wishful dream, roadmap talk stays talk, and the product momentum just isn’t there.
  
• Updates + security: CVEs get discovered fast… but fixes feel slow. And in between, you’re left patching holes with your own custom scripts just to keep things tight.
  
• DIY forever: Fixing loopholes and making things “production-safe” shouldn’t require custom scripts for half the stack, but here we are.
  
• DNS cluster (sorry): It’s not production-grade. I ended up writing my own DNS cluster scripts and they’ve been more stable and predictable than what I got out of the box.
  

My take (simple):
Open-source is amazing when it’s actively maintained and supported. 
But if you’re running a business, charging clients, or your uptime matters, then support and accountability aren’t “luxury items.” They’re the basics.

So yeah… I finally did it. Moved on. 
And honestly, if you’re reading this while firefighting the same stuff every week maybe you should consider it too.

No hate, no personal beef just facts from the trenches.

Wishing you all the best. 
Logging off for good...

--
Jaspreet Singh

Completely agree with Jaspreet Singh.

This project seems to be dead, as we have not received any updates since Nov 2024, and there is no support on the forum either.

Some time ago, I contacted the CWP team, and they said they were working, but they blocked me then. There are a few members who are running the forum by just saying "CWP Team is working, CWP is not dead, blah blah, etc.." and a few of them are sharing their article users, but the actual CWP team doesn't bother looking at the forum.

It's time to move on

I think the same way. I'm gradually transferring my websites to another panel.

Completely agree with Jaspreet Singh.

This project seems to be dead, as we have not received any updates since Nov 2024, and there is no support on the forum either.

Some time ago, I contacted the CWP team, and they said they were working, but they blocked me then. There are a few members who are running the forum by just saying "CWP Team is working, CWP is not dead, blah blah, etc.." and a few of them are sharing their article users, but the actual CWP team doesn't bother looking at the forum.

It's time to move on

Project is NOT DEAD. Not sure why you keep posting that line...

CWP pushed an update today (2026-02-18)  0.9.8.1222.
And before that 0.9.8.1221 was pushed on 2026-02-02

It's personal preference if you want to stop using CWP and 'move on'

I've tested other panels, and they all have CVEs and can not be kept updated as easily as CWP can be.
Some don't even have the features CWP has, and cost $$$ more.

Can CWP do better with some things, yes.

Goodbye CWP, I’m done for good.

Okay, goodbye. We'll miss your contribution here.

I for one (and my customers obviously agree) do NOT want rapid change. Slow, gradual iterative improvement is welcome as long as it doesn't introduce new bugs and CVEs. They do not want or need the kitchen sink of features nor do they want a fresh GUI for the sake of... something. They would revolt if the webmail suddenly changed from Roundcube to Rainloop. They want consistency. As long as their (fairly static) site is up and they can check their e-mail, they are happy.

Yes, they will want PHP 8.4 and someday 8.5. But 8.1 and 8.3 meets the minimum requirements of my most demanding customers. If I absolutely needed it, there are guides on AlphaGNU on how to install it. Changelogs would be nice, but are not strictly necessary. TBH, I maybe reference one or two changelogs per year. Time is too precious to pore over them, unless there's a specific CVE I need to address.

As for other panels, sure there are many, but they are 3x, 5x, or 10x the price of CWP. CWP is the sweet spot of price and features for me. Once cPanel went for the greed grab and upped their pricing tiers to the stratosphere, I jumped ship and haven't looked back. Now most panels set their reference pricing to cPanel, so most of them are out of reach. But if it would motivate the CWP team to increase their cadence and communication and hire more devs & support staff, I would pay 1.5x to 2x what I pay now for CWP Pro. But paying more, I would expect more. Right now, for the price point, I feel I am getting a good value for my money. Look around -- I have and I know Starburst has. Nothing is as good at this price point.

Completely agree with Jaspreet Singh.

This project seems to be dead, as we have not received any updates since Nov 2024, and there is no support on the forum either.

Some time ago, I contacted the CWP team, and they said they were working, but they blocked me then. There are a few members who are running the forum by just saying "CWP Team is working, CWP is not dead, blah blah, etc.." and a few of them are sharing their article users, but the actual CWP team doesn't bother looking at the forum.

It's time to move on

Project is NOT DEAD. Not sure why you keep posting that line...

CWP pushed an update today (2026-02-18)  0.9.8.1222.
And before that 0.9.8.1221 was pushed on 2026-02-02

It's personal preference if you want to stop using CWP and 'move on'

I've tested other panels, and they all have CVEs and can not be kept updated as easily as CWP can be.
Some don't even have the features CWP has, and cost $$$ more.

Can CWP do better with some things, yes.

Clarifying “dead” vs “production-viable” (and what I’m asking for)

Nobody is saying “no code ever ships” or “the installer stops working.” The point is operations reality : predictable maintenance, transparent communication, and accountable support.

Right now, what’s missing (for me, and for others replying here) is official clarity :

• Release notes / changelog transparency:
  Version numbers being pushed is not a changelog. A serious production panel needs release notes that answer:
  
  • What changed?
  • What was fixed?
  • What was removed/broken?
  • What security issues were addressed (with references)?
  If there is an official changelog for 2025–2026, please link it. If not, that’s exactly the problem.
• Security cadence & accountability:
  “All panels have CVEs” is true and irrelevant. The question is: how fast are fixes shipped and communicated?
  Please provide:
  
  • The last 5 high/critical CVEs that affected CWP’s stack
  • For each: disclosure date → patch date → where it was documented
  Without that, admins are forced into DIY patching and custom scripts to stay safe which is not acceptable for client workloads.
• Roadmap (missing or opaque):
  This is the biggest gap. A roadmap isn’t “talk.” It’s a public commitment with dates (even if approximate) and scope.
  Examples of what operators need to know:
  
  • PHP cadence: When are 8.4 and 8.5 planned, and what is the official method (repo/channel) and support window?
  • OS support: Which distro versions are officially supported today, and until when? What is the plan for newer major OS releases?
  • Core components roadmap: web stack changes, mail stack changes, kernel/openssl compatibility, DB stack changes  what is planned and what is not?
  • Breaking changes policy: How are breaking changes communicated and how are rollbacks handled?
  • EOL policy: What is the official end-of-support policy for older stacks?
  If the answer is “use a community guide” or “you can DIY it,” that’s precisely confirming the ops problem: we’re building the missing roadmap ourselves.
• Support reality:
  Community help is appreciated but it is not the same as official support. 
  If the official support channel exists, please share:
  
  • Where to file issues
  • Expected response time
  • What’s covered vs not covered
  Forum replies and unofficial “help hubs” can’t replace accountability when clients are paying and uptime/security matter.
• Production-grade features (example: DNS cluster):
  If DNS clustering is considered production-ready, please link the official documentation/design and the supported failure modes (sync model, consistency, recovery, monitoring).
  If it requires custom scripts to be stable and predictable, then it’s not production-grade.

So my position stays simple:
If someone wants to argue “Project is NOT DEAD,” that’s fine but then please answer with links and specifics:

• Official changelog/release notes (2025–2026)
• CVE fix timelines (disclosure → patch → documentation)
• Official roadmap (PHP + OS support + core stack + policy)
• Official support channel + expectations

On the “but it’s cheaper” argument (price vs total cost)

Cost is not the point being debated predictable operations are.

Yes, other panels can be more expensive up-front. But the real comparison for anyone running client workloads is TCO (Total Cost of Ownership):

• Admin time: Hours spent firefighting, writing custom scripts, applying workarounds, and reverse-engineering changes.
• Security exposure: Slow fixes + unclear advisories increases risk, and one incident costs more than years of license fees.
• Downtime cost: Outages, mail issues, broken updates your time + customer churn + reputational damage.
• Opportunity cost: Time wasted on panel survival is time not spent growing the business.

So “it’s cheaper” is not a rebuttal to missing changelogs, missing roadmap, slow security response, or support gaps.
It only proves this: some users accept those risks because their use-case is static and price-sensitive. That’s fine.
But for production hosting where accountability matters, cheap without transparency becomes expensive.

If a “cheap” panel costs even 2–3 extra hours/week in babysitting, that alone can exceed the license price difference before counting downtime or security incidents.

Until those exist publicly and consistently, calling it “alive” doesn’t help the people running production. 
That’s why I moved on. No drama just operational facts.