This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
1
Information / Some concerns about security
« on: June 18, 2020, 10:16:17 AM »
Hi all,
I use CWP now for a couple of years, and have (almost all the time) been happy using it, only one time all my sites went black. This was caused through an update which put PHP-FPM behind the cwppro subscription. From this time, I'm a bit concerned about the whole web panel.
The cwppro subscription isn't the problem, around 12 euros per year is a bargain. But the fact CWP added an update which broke all my websites without notifying is worrying me. This brought me some questions/concerns.
1. Can't find any contact details from the owner/developers (other then a croatian address and another hosting site)
2. CWP is using Ioncube to encrypt all source code (I can understand with some arguments about non-open source etc. But now point 3)
3. How is CWP updating your server so CWP Pro is enabled, is there a backdoor?
4. I won't link all of them, but there are some forum posts on the internet which doubt the security of CWP. One of them is the forum moderator of CentOS (not CWP, but the OS): https://forums.centos.org/viewtopic.php?f=12&t=66365&sid=49ccd4bcec4e7d009a6d1a94188559b6
So again, I'm using it for a long time, and CWP is offering a lot of functionalities for free, but at this point I'm having a lot of doubts about the safety/security of the web panel and even at the point of looking for an alternative. What are your thoughts?
I use CWP now for a couple of years, and have (almost all the time) been happy using it, only one time all my sites went black. This was caused through an update which put PHP-FPM behind the cwppro subscription. From this time, I'm a bit concerned about the whole web panel.
The cwppro subscription isn't the problem, around 12 euros per year is a bargain. But the fact CWP added an update which broke all my websites without notifying is worrying me. This brought me some questions/concerns.
1. Can't find any contact details from the owner/developers (other then a croatian address and another hosting site)
2. CWP is using Ioncube to encrypt all source code (I can understand with some arguments about non-open source etc. But now point 3)
3. How is CWP updating your server so CWP Pro is enabled, is there a backdoor?
4. I won't link all of them, but there are some forum posts on the internet which doubt the security of CWP. One of them is the forum moderator of CentOS (not CWP, but the OS): https://forums.centos.org/viewtopic.php?f=12&t=66365&sid=49ccd4bcec4e7d009a6d1a94188559b6
So again, I'm using it for a long time, and CWP is offering a lot of functionalities for free, but at this point I'm having a lot of doubts about the safety/security of the web panel and even at the point of looking for an alternative. What are your thoughts?
Pages: [1]