Skip to main content

Get Started with OpenAdmin

The OpenAdmin offers an administrator-level interface where you can efficiently handle tasks such as creating and managing users, setting up hosting plans, configuring backups, and editing OpenPanel settings.

openpanel vs openadmin

Requirements

Mimumum Requirements:

  • A blank full virtual machine or bare metal server
  • Minimum of 1GB RAM and 15GB storage (4GB RAM and 50GB is recommended)
  • x86_64/amd64 architecture
  • IPv4 address

Supported OS:

  • Ubuntu 22 and 24
  • Debian 11 and 12
  • AlmaLinux 9.4
  • RockyLinux 9.4
  • CentOS 9
INFORMATION

If you are using external firewall, the following ports should be opened: 53 80 443 465 2083 2087 32768:60999

Installation

The installation process takes about 5 minutes. To install openpanel follow these steps:

  1. Log in to your new server;
  • as root via SSH or
  • as a user with sudo privileges and type "sudo -i"
  1. Copy and paste openpanel installation command into the terminal
bash <(curl -sSL https://openpanel.org)

The installation script supports optional flags that can be used to configure openpanel, skip certain installation steps or simply display debugging information.

If you encountered any errors while running the installation script, please copy & paste the installation log file to the community forums.

Post Install Steps

Recommended steps after installing OpenPanel:

Access OpenAdmin

Run opencli admin command to find the address on which admin panel is accessible. Example output:

root@server:/home# opencli admin
● AdminPanel is running and is available on: https://server.openpanel.co:2087/

To login to admin panel you need a username and password.

openadmin login page

Both username and password are random generated on installation.

To view admin accounts:

opencli admin list

To set a new password for the admin account run command: opencli admin password USER_HERE NEW_PASSWORD_HERE

Example:

root@server:/home# opencli admin password stefan ba63vfav7fq36vas
Password for user 'stefan' changed.

===============================================================
● AdminPanel is running and is available on: https://server.openpanel.co:2087/

- username: stefan
- password: ba63vfav7fq36vas

===============================================================

Enable Automatic Updates

  • autopatch option allows Administrator to automatically update OpenPanel to minor versions. MINOR versions include only security updates and bug fixes.
  • autoupdate option allows Aministrator to enable or disable automatic updates to major versions. MAJOR versions add new functionality in a backward compatible manner.

To enable automatic updates, navigate to OpenAdmin > General Settings and check both the 'Auto Updates' and 'Auto Patches' options:

openadmin update preferences

Disable Automatic Updates

To disable automatic updates, navigate to OpenAdmin > General Settings and uncheck the 'Auto Updates' and 'Auto Patches' options:

openadmin update preferences

Manual Updates

When a new update is available, you will receive a notification in the admin panel.

To manually update OpenPanel, navigate to OpenAdmin > General Settings and click on the "Update Now" button. NOTE: update is visible only if newer version is available.

Step 1.Step 2.
openadmin update manually openadmin update manually 2

License

OpenPanel is available in two editions:

  • OpenPanel Community edition is a free version of the panel that is limited to 3 user accounts and 50 domains, which should be more than enough for personal use.
  • OpenPanel Enterprise edition unlocks premium features for user isolation and management, suitable for web hosting providers. It has API access and can easily be integrated with 3rd party billing tools like WHMCS and FOSSBilling.

OpenPanel Community VS Enterprise

Security

OpenPanel has been built from the ground up with security in mind. Internet history is littered with painful security incidents, so we traded old software compatibility and insecure authentication methods for modern day security measures.

Firewall

OpenPanel supports both ConfigServer & Firewall (CSF) and UncomplicatedFirewall (UFW).

Isolated Services

Each user is provided with a containerized environment similar to a VPS, featuring their own web server (Nginx or Apache) and database (MySQL or MariaDB). This setup prevents resource hogging commonly associated with standard shared hosting.

Two-Factor Authentication

Users have the option to enable Two-Factor Authentication (2FA) for added security on their accounts. Administrators can manage this feature at the server level or for individual users.

Detailed Logging

All actions taken by OpenPanel users are recorded in per-user activity logs. This eliminates confusion over issues like file or webmail account deletions—every action is logged and can be reviewed by users.

Isolated Users and Admin

OpenPanel and OpenAdmin operate independently from one another. One runs as a systemd service while the other runs as a Docker container. OpenPanel utilizes SQLite for its database, whereas OpenAdmin relies on MySQL. Importantly, users can perform actions on their panel even if the admin panel is unreachable or disabled.

Disabling the Admin Panel

For production environments, particularly with the Community edition—which does not offer API access and lacks third-party integrations—it is advisable to disable the admin panel after configuring your server. Alternatively, you can restrict access to the admin port 2087 by whitelisting your team's IP addresses.

To disable OpenAdmin, navigate to OpenAdmin > Settings > OpenAdmin and click on "Disable Admin Panel" or use the terminal command opencli admin off. This will deactivate the admin panel, and you can re-enable it when necessary with the command opencli admin on.

Limiting Access to Admin Panel

To restrict OpenAdmin access to your team, whitelist your server's IP addresses in CSF/UFW, and then disable port 2087.

HTTP Basic Authentication

As an additional security measure, HTTP Basic Authentication can be enabled for the admin panel.

Brute-Force Protection

Both user and admin interfaces have a built-in rate limiting and IP address blocking to protect against brute-force attacks. You can configure the maximum number of failed login attempts allowed per IP (default is 5 per minute) and the total number of failed attempts (default is 20), after which the offending IP will be temporarily blocked by the firewall for one hour.

For user panel imits are configurable in: /etc/openpanel/openpanel/conf/openpanel.config file:

[USERS]
login_ratelimit=5
login_blocklimit=20

user ratelimit

For admin panel imits are configurable in: /etc/openpanel/openadmin/config/admin.ini file:

[PANEL]
login_ratelimit=5
login_blocklimit=20

admin ratelimit

If a user successfully logs in, the counter for login_blocklimit will reset. Failed login attempts and blocked IP addresses are logged in the /var/log/openpanel/admin/failed_login.log file for OpenAdmin and in the /var/log/openpanel/user/failed_login.log file for OpenPanel.

IP blocking per domain

Users can block IP addresses per domain name.

Was this helpful?