Self-healing hosting

ApisCP is an open-source hosting platform for your PHP, Ruby, Node, Python, and Go projects. Set-it-and-forget-it SSL with 1-click, automatically update web apps, securely isolate and clone WordPress sites, block threats real-time, fix OS configuration drifts, resolve service defects, and keep your site operating at peak performance.

ApisCP helped us create a hosting company. Now it's your turn.

Access Admin Demo Access Site Manager Demo Install 3.2

🎉 ApisCP turned 20 December 26! 🎉 Save 50% on all lifetime licenses with code ANNIVERSARY.

Get a product built by pros in the industry

ApisCP is built by a hosting company for hosting. It's the only hosting platform built for its original audience by its intended audience. ApisCP integrates a wealth of knowledge rolled up into best practices that achieves higher throughput, lower TTFB, fewer burnt CPU cycles, and denser servers than any other product on the market.

Any job worth doing is worth doing well.

Rampart performance

Built differently because progress is change



ApisCP is built to standalone. Builtin features include 1-click installs, resource enforcement, jailing, defect monitoring, outbound filtering, malware scans, and backups.

Simplicity first

Simple to use

Good design is simple. ApisCP configures itself optimally at install. Explore Scopes, which provide a guided tuning environment.



ApisCP automatically configures services, tunes on demand, and provides defect monitoring including monthly integrity checks through Bootstrapper.



ApisCP received Rack911's recommendation during an audit of emerging control panels.

The developer was one of the best that we interacted with
We had to pick from the 6 alternative control panels... it would be ApisCP
Patrick William – Rack911 Labs: "Security Analysis of Alternative Control Panels."

A swift, secure platform for your sites

Speed matters, which is why ApisCP is built with meticulous consideration for all components. On average ApisCP's backend can process over 13,000 privileged commands per second. Privilege escalation through careful API calls to its backend is just one way security comes first.

Previous Next
I just have to say, I really really love ApisCP.

I just decided to put one of my own apps on ApisCP using Redis and Horizon for Laravel queues for realtime push notifications. It's a SaaS app I'm building for a specific industry and have had it deployed on an Ubuntu server for maximum control since cPanel doesn't speak Redis or long running processes like Horizon without adding Supervisor. Setting this up on ApisCP really wasn't that hard and it works amazingly well and extremely fast.

Thanks @Matt for your amazing customer service, support and development skills. ❤️
Troy Siedsma – President, Lithium Hosting

A new standard in modern hosting

ApisCP is built by hosting companies for hosting companies. Our tools are designed to maximize efficiency and reduce misconfiguration while keeping third-party dependencies to a minimum.

Tools to help you succeed

Scoped configuration

Scopes reduce complex tasks into simple one-line commands with error checking. Smarthost, brute-force limits, hostname, and more.

Platform automation

ApisCP automates everything on your server. Automation can be run multiple times to easily detect and correct changes on your server.

Intelligent updates

ApisCP updates WordPress, Drupal, Ghost, Discourse, and Laravel whenever new updates are available.

Designed to keep you secure

Just last month, ApisCP helped with...

Updates deployed

ApisCP automatically deploys updates upon release, including WordPress plugins and themes.


Threats neutralized

ApisCP monitors all services for irregular activity and blocks these threats before they do harm.


Emails rejected

ApisCP monitors both inbound and outbound mail from the server looking for potentially malicious mail.

Quick installation

curl | bash
SHA2: fdbf16d76bffd0ebacf6bf840fc2e508f26a1362415e8d4c9d01d425a69c000d

Copy and paste on a new CentOS server from any major cloud provider and you're off!

Simple installation – use ApisCP's Bootstrapper to automatically personalize your server. Most servers complete Bootstrapper optimization in one hour.

Minimum requirements

  • 1 CPU
  • 2 GB RAM
  • 20 GB storage
  • RHEL/CentOS 7.4 or greater
Release Notes/Guide Frequently Asked Questions

Zero-configuration – sit back and relax while ApisCP automatically configures your server. Bootstrapper checks system integrity and can be run again and again to detect and correct only changes in your system.

Simple DNS integration

ApisCP supports a variety of plug-and-play DNS integrations. Select the provider, enter its authentication key, and ApisCP handles the rest. Different sites can use different DNS providers. The choice is yours.

Need DNS for a provider not listed? Just use an example module to guide you!

Integrated monitoring


ApisCP comes with Argos, the perfect decentralized monitoring solution. Argos monitors and repairs your server. If it detects a fault it sends a message to your phone. Spend more time traveling and less time worrying.

Powerful features

Enormous API

ApisCP ships with a reflected API that exposes over 2,000 commands. Achieve everything within the panel from outside the panel – or just use Beacon, a CLI API companion.

Multi-tenant isolation

ApisCP is multi-tenant. Multi-tenancy allows you to host multiple sites managed by multiple users with isolation and resource containment for each account.

Adaptive firewall

ApisCP is built for real-world hosting, which is under constant threat from hackers. ApisCP integrates rate-limited dynamic blacklists and permanent recidivism for persistent threats.

Light & nimble

Everything works best with more memory, but ApisCP is designed to run proficiently on 2 GB platforms by minimizing auxiliary processes and exploiting modern software.

Builtin cache

Upstream caching is built into the web server. Just send the requisite "cache-control" headers and let the web server accelerate your content improving WordPress throughput by 24x.

Playbook driven

ApisCP utilizes Ansible playbooks to provide a powerful, consistent, and intuitive provisioning process. Once provisioned, ApisCP takes over.

Simple migrations

ApisCP includes an easy-to-use unassisted migration tool. Use a supported DNS provider and ApisCP will migrate your accounts between platforms with zero downtime.

Built for longevity

ApisCP works with RHEL and CentOS, with 10 year support lifecycles. Ubuntu LTS-based products only provide 5 years of ongoing support.

DNS independence

ApisCP works great with Linode, DigitalOcean, Cloudflare, and more. Declare your DNS provider, set the API key, and that's it. Full DNS management within ApisCP.

Use any-version

Users may roll out any version of Ruby, Python, Node, and Go within their account. Each version is private to their account.

Limit resources

Limit resources per-account using control groups, built into ApisCP. Restrict memory consumption, assign CPU priority, and limit process counts.

Tuners welcome

Customization makes any product great. You can customize the panel internals up to the theme and even the apps.

Comprehensive integrity

ApisCP playbooks are idempotent ensuring that it can be run multiple times to detect service anomalies. Munged something? Just run the playbook.

Push monitoring

Argos is a collection of monitoring patterns developed over 16 years in hosting. Travel without worry. It fixes what it can and only alerts you during extremes.

Go headless

Quickly set the panel into headless to block external access. Fret not! Every command in the panel is reflected from terminal with cpcmd.


Pro license $20/month

Licenses are priced per server. Host as many domains as resources permit. No restrictions on usage. Price guaranteed.

lifetime license $499

Lifetime licenses work for all versions forever— that's lifetime!

  • Host unlimited domains + accounts, no restrictions
  • One license is required per server
  • Free panel updates
  • Includes Bronze-level support
  • License is transferable
  • License valid for all ApisCP releases
  • Volume licensing discounts available
Free Dev and DNS-only licenses available Buy Now


  • Apache 2.4 + Event MPM
  • Let's Encrypt integration
  • HTTP/2, Brotli + gzip compression
  • WordPress, Discourse, Drupal, Ghost, Laravel 1-click installs + automatic updates
  • Joomla, Magento 1-click installs
  • /etc version control
  • Daily database backups; snapshots + rollbacks included
  • Control panel file manager
  • Integrated service monitoring + push notification
  • CLI toolkit (cpcmd)
  • Choose your version MariaDB, PostgreSQL, PHP
  • Any-version Node, PHP (native + Remi), Python, Ruby, Go
  • Platform integrity checks
  • cgroup resource enforcement
  • PHP Fortification
  • Multitenant, jailed environments
and much more


How many sites can ApisCP host?

A single ApisCP server can manage as many sites as resources permit. We've used ApisCP to host over 1,250 domains on a 32 GB machine, but discourage this in favor of multiple small servers:

  • There is diminishing marginal return with larger servers. Caches must be larger to accommodate increase data, which is counterintuitive to an efficient cache. PHP and MySQL especially suffer from retrograde performance as cache requirements grow beyond 1 GB.
  • More sites draw more attacks; it's not uncommon for a server hosting 250 sites to block over 2,500 IPs a day.
  • Hardware fails. Avoid single points of failure by distributing clients across multiple servers. ApisCP provides monthly server summaries to help you administrate.
  • Accounts create configuration that must load before a service starts. Increased startup times hurt resiliency. In the case of MySQL, it can take over 5 minutes to start on servers with many thousand InnoDB tables. 5 databases/site × 20 tables per database × 500 sites = 50,000 tables
While there is no set formula, we recommend no more than 250 accounts on a 16 GB server to provide an elastic buffer for traffic surges. Whatever memory is not used for processing is used by the kernel for caching. ApisCP is capable of maintaining itself and with a proxied install, completely transparent to the user.

Why Apache over Nginx?

Apache is used to provide comprehensive compatibility and protection. For example, Nginx has no comparable inherited rewrite facility that is used to dynamically redirect a variety of subdomain tiers unique to ApisCP. Apache's Event MPM operates similar to Nginx's event loop and in benchmarks is about 2 milliseconds slower.

A web site's chokepoint therefore is not the web server, but how congested a server is from external threats. ApisCP bundles an enhanced mod_evasive module that blocks abusive IPs across all virtual servers. Nginx has a similar component but lacks granular control found with ApisCP's mod_evasive release.

What support is available?

Support is separated into free community-driven and paid support. All licenses include 1 free bronze support request/year.

Community support includes forums and chat. It is the best way to get support in a public setting that benefits everyone else who might have a similar concern.

Paid support includes SLA response times as well as an emergency 1-hour turnaround with no blackouts. Support is priced per incident with 1 hour maximum time. Paid support plans are structured to keep licensing costs low, support quality high, and focus human resources on development. Support exists in absence of a good product. There is little incentive to make ApisCP anything but an extraordinary product.

How did ApisCP begin?

ApisCP began as the control panel for Apis Networks in 2002, originally nicknamed "APNSCP". In fact, its name Apis Networks Control Panel reflects its heritage. Over the years it has grown and achieved in large part to customer feedback through our separate hosting outfit. Today that hosting company continues to serve as an internal testing environment for ApisCP.

Are refunds provided?

No refunds are provided. ApisCP includes a 30-day free trial to evaluate the product.