Self-healing hosting

ApisCP is an open-source hosting platform for your PHP, Ruby, Node, Python, and Go projects. Set-it-and-forget-it SSL with 1-click, automatically update web apps, securely isolate and clone WordPress sites, block threats real-time, fix OS configuration drifts, resolve service defects, and keep your site operating at peak performance.

ApisCP helped us create a hosting company. Now it's your turn.

Access Site Manager Demo Install 3.2

🎉 ApisCP turns 20 December 26! 🎉 Save 50% on all lifetime licenses with code ANNIVERSARY.

Get a product built by pros in the industry

ApisCP is built by a hosting company for hosting. It's the only hosting platform built for its original audience by its intended audience. ApisCP integrates a wealth of knowledge rolled up into best practices that achieves higher throughput, lower TTFB, fewer burnt CPU cycles, and denser servers than any other product on the market.

Any job worth doing is worth doing well.

Built differently because progress is change

Licensing-free

ApisCP is built to standalone. Builtin features include 1-click installs, resource enforcement, jailing, defect monitoring, outbound filtering, malware scans, and backups.

Simple to use

Good design is simple. ApisCP configures itself optimally at install. Explore Scopes, which provide a guided tuning environment.

Self-sustaining

ApisCP automatically configures services, tunes on demand, and provides defect monitoring including monthly integrity checks through Bootstrapper.

Security-focused

ApisCP received Rack911's recommendation during an audit of emerging control panels.

The developer was one of the best that we interacted with

We had to pick from the 6 alternative control panels... it would be ApisCP

Patrick William – Rack911 Labs: "Security Analysis of Alternative Control Panels."

A swift, secure platform for your sites

Speed matters, which is why ApisCP is built with meticulous consideration for all components. On average ApisCP's backend can process over 13,000 privileged commands per second. Privilege escalation through careful API calls to its backend is just one way security comes first.

Site Administrator

Each account gets its own individual control panel separate from the master.

Web Apps

Effortlessly setup and automatically update Wordpress, Joomla, Drupal, Ghost, Laravel, Magento, and Discourse from within ApisCP. Setup SSL + create restricted write-only profiles for PHP applications with Fortification.

Let's Encrypt SSL

One-click setup + renewal of Let's Encrypt SSL. Take advantage of HTTP/2 with easy, free SSL sponsored by Let's Encrypt.

Add + Manage Sites

Add, delete, and edit your sites from a single point. You can even login to each of these accounts from Nexus.

File Manager

Manage your files in a pinch with ApisCP. Upload, download, change permissions, do it all from within the panel or use its integrated WebDAV support if you desire.

I just have to say, I really really love ApisCP.

I just decided to put one of my own apps on ApisCP using Redis and Horizon for Laravel queues for realtime push notifications. It's a SaaS app I'm building for a specific industry and have had it deployed on an Ubuntu server for maximum control since cPanel doesn't speak Redis or long running processes like Horizon without adding Supervisor. Setting this up on ApisCP really wasn't that hard and it works amazingly well and extremely fast.

Thanks @Matt for your amazing customer service, support and development skills. ❤️ Troy Siedsma – President, Lithium Hosting

A new standard in modern hosting

ApisCP is built by hosting companies for hosting companies. Our tools are designed to maximize efficiency and reduce misconfiguration while keeping third-party dependencies to a minimum.

Tools to help you succeed

Scoped configuration

Scopes reduce complex tasks into simple one-line commands with error checking. Smarthost, brute-force limits, hostname, and more.

Platform automation

ApisCP automates everything on your server. Automation can be run multiple times to easily detect and correct changes on your server.

Intelligent updates

ApisCP updates WordPress, Drupal, Ghost, Discourse, and Laravel whenever new updates are available.

Designed to keep you secure

Just last month, ApisCP helped with...

4,399

Updates deployed

ApisCP automatically deploys updates upon release, including WordPress plugins and themes.

513,416

Threats neutralized

ApisCP monitors all services for irregular activity and blocks these threats before they do harm.

172,821

Emails rejected

ApisCP monitors both inbound and outbound mail from the server looking for potentially malicious mail.

Quick installation


    
        
            
            GitHub
        
        
            
            Copy
        
    

    
        
            curl https://raw.githubusercontent.com/apisnetworks/apiscp-bootstrapper/master/bootstrap.sh | bash
        
        
            
                
                Copy

SHA2: 961cb8501ee53697d4de761b5960d43c3791aa0cb7e3a3c76fc078fc9825bdd6

Copy and paste on a new CentOS server from any major cloud provider and you're off!

Simple installation – use ApisCP's Bootstrapper to automatically personalize your server. Most servers complete Bootstrapper optimization in one hour.

Minimum requirements

1 CPU
2 GB RAM
20 GB storage
RHEL/CentOS 7.4 or greater

Release Notes/Guide Frequently Asked Questions

Zero-configuration – sit back and relax while ApisCP automatically configures your server. Bootstrapper checks system integrity and can be run again and again to detect and correct only changes in your system.

Simple DNS integration

ApisCP supports a variety of plug-and-play DNS integrations. Select the provider, enter its authentication key, and ApisCP handles the rest. Different sites can use different DNS providers. The choice is yours.

Need DNS for a provider not listed? Just use an example module to guide you!

Integrated monitoring

04:52

Argos

Service Alert

From Argos on 2/02/23 at 4:51 PM

[myserver] ApisCP alert - process is not running

Service Alert

From Argos on 2/02/23 at 4:52 PM

[myserver] ApisCP alert - process is running with pid 32120

ApisCP comes with Argos, the perfect decentralized monitoring solution. Argos monitors and repairs your server. If it detects a fault it sends a message to your phone. Spend more time traveling and less time worrying.

Powerful features

Enormous API

ApisCP ships with a reflected API that exposes over 2,000 commands. Achieve everything within the panel from outside the panel – or just use Beacon, a CLI API companion.

Multi-tenant isolation

ApisCP is multi-tenant. Multi-tenancy allows you to host multiple sites managed by multiple users with isolation and resource containment for each account.

Adaptive firewall

ApisCP is built for real-world hosting, which is under constant threat from hackers. ApisCP integrates rate-limited dynamic blacklists and permanent recidivism for persistent threats.

Light & nimble

Everything works best with more memory, but ApisCP is designed to run proficiently on 2 GB platforms by minimizing auxiliary processes and exploiting modern software.

Builtin cache

Upstream caching is built into the web server. Just send the requisite "cache-control" headers and let the web server accelerate your content improving WordPress throughput by 24x.

Playbook driven

ApisCP utilizes Ansible playbooks to provide a powerful, consistent, and intuitive provisioning process. Once provisioned, ApisCP takes over.

Simple migrations

ApisCP includes an easy-to-use unassisted migration tool. Use a supported DNS provider and ApisCP will migrate your accounts between platforms with zero downtime.

Built for longevity

ApisCP works with RHEL and CentOS, with 10 year support lifecycles. Ubuntu LTS-based products only provide 5 years of ongoing support.

DNS independence

ApisCP works great with Linode, DigitalOcean, Cloudflare, and more. Declare your DNS provider, set the API key, and that's it. Full DNS management within ApisCP.

Use any-version

Users may roll out any version of Ruby, Python, Node, and Go within their account. Each version is private to their account.

Limit resources

Limit resources per-account using control groups, built into ApisCP. Restrict memory consumption, assign CPU priority, and limit process counts.

Tuners welcome

Customization makes any product great. You can customize the panel internals up to the theme and even the apps.

Comprehensive integrity

ApisCP playbooks are idempotent ensuring that it can be run multiple times to detect service anomalies. Munged something? Just run the playbook.

Push monitoring

Argos is a collection of monitoring patterns developed over 16 years in hosting. Travel without worry. It fixes what it can and only alerts you during extremes.

Go headless

Quickly set the panel into headless to block external access. Fret not! Every command in the panel is reflected from terminal with cpcmd.

Pricing

Pro license $20/month

Licenses are priced per server. Host as many domains as resources permit. No restrictions on usage. Price guaranteed.

Host unlimited domains + accounts, no restrictions
One license is required per server
Free panel updates
Includes Bronze-level support
License is transferable
License valid for all ApisCP releases
Volume licensing discounts available

Free Dev and DNS-only licenses available Buy Now

Features

Apache 2.4 + Event MPM
Let's Encrypt integration
HTTP/2, Brotli + gzip compression
WordPress, Discourse, Drupal, Ghost, Laravel 1-click installs + automatic updates
Joomla, Magento 1-click installs
/etc version control
Daily database backups; snapshots + rollbacks included
Control panel file manager
Integrated service monitoring + push notification
CLI toolkit (cpcmd)
Choose your version MariaDB, PostgreSQL, PHP
Any-version Node, PHP (native + Remi), Python, Ruby, Go
Platform integrity checks
cgroup resource enforcement
PHP Fortification
Multitenant, jailed environments

and much more

ApisCP FAQ

How many sites can ApisCP host?

A single ApisCP server can manage as many sites as resources permit. We've used ApisCP to host over 1,250 domains on a 32 GB machine, but discourage this in favor of multiple small servers:

There is diminishing marginal return with larger servers. Caches must be larger to accommodate increase data, which is counterintuitive to an efficient cache. PHP and MySQL especially suffer from retrograde performance as cache requirements grow beyond 1 GB.
More sites draw more attacks; it's not uncommon for a server hosting 250 sites to block over 2,500 IPs a day.
Hardware fails. Avoid single points of failure by distributing clients across multiple servers. ApisCP provides monthly server summaries to help you administrate.
Accounts create configuration that must load before a service starts. Increased startup times hurt resiliency. In the case of MySQL, it can take over 5 minutes to start on servers with many thousand InnoDB tables. 5 databases/site × 20 tables per database × 500 sites = 50,000 tables

While there is no set formula, we recommend no more than 250 accounts on a 16 GB server to provide an elastic buffer for traffic surges. Whatever memory is not used for processing is used by the kernel for caching. ApisCP is capable of maintaining itself and with a proxied install, completely transparent to the user.

Why Apache over Nginx?

Apache is used to provide comprehensive compatibility and protection. For example, Nginx has no comparable inherited rewrite facility that is used to dynamically redirect a variety of subdomain tiers unique to ApisCP. Apache's Event MPM operates similar to Nginx's event loop and in benchmarks is about 2 milliseconds slower.

A web site's chokepoint therefore is not the web server, but how congested a server is from external threats. ApisCP bundles an enhanced mod_evasive module that blocks abusive IPs across all virtual servers. Nginx has a similar component but lacks granular control found with ApisCP's mod_evasive release.

What support is available?

Support is separated into free community-driven and paid support. All licenses include 1 free bronze support request/year.

Community support includes forums and chat. It is the best way to get support in a public setting that benefits everyone else who might have a similar concern.

Paid support includes SLA response times as well as an emergency 1-hour turnaround with no blackouts. Support is priced per incident with 1 hour maximum time. Paid support plans are structured to keep licensing costs low, support quality high, and focus human resources on development. Support exists in absence of a good product. There is little incentive to make ApisCP anything but an extraordinary product.

How did ApisCP begin?

ApisCP began as the control panel for Apis Networks in 2002, originally nicknamed "APNSCP". In fact, its name Apis Networks Control Panel reflects its heritage. Over the years it has grown and achieved in large part to customer feedback through our separate hosting outfit. Today that hosting company continues to serve as an internal testing environment for ApisCP.

Are refunds provided?

No refunds are provided. ApisCP includes a 30-day free trial to evaluate the product.