// File: admin/000_intro
# Get Started
The OpenAdmin offers an administrator-level interface where you can efficiently handle tasks such as creating and managing users, setting up hosting plans, enabling features, and editing OpenPanel settings.
## Requirements
Minimum Requirements:
- A blank full virtual machine or bare metal server
- Minimum of 1GB RAM and 5GB storage (4GB RAM and 50GB is recommended)
- AMD64(x86_64) or ARM(AArch64) architecture
- IPv4 address
Supported operating systems:
- **Ubuntu 22, 24, 26** (24.04 is recommended)
- **Debian 10, 11, 12, 13**
- **AlmaLinux 9.5 and 10** (9.5 is recommended for ARM CPU, 10 has a known issue [#744](https://github.com/stefanpejcic/OpenPanel/issues/744))
- **RockyLinux 9.6, 10**
- **CentOS 9.5**
On AlmaLinux 10 and RockyLinux 10, you must switch from `nftables` to `iptables`. See [#1472](https://github.com/docker/for-linux/issues/1472) and [#745](https://github.com/stefanpejcic/OpenPanel/issues/745#issuecomment-3451272947).
:::info
If you are using external firewall, the following ports should be opened:
- for dns: `53`
- for email: `25` `465` `993`
- for websites: `80` `443`
- for panels: `2083` `2087`
- for phpmyadmin: `2053` `8888`
- for user services: `32768:60999`
:::
## Installation
OpenPanel can be installed on both VPS and bare-metal servers.
The installation process takes about 5 minutes. To install openpanel follow these steps:
1. Log in to your new server;
- as root via SSH or
- as a user with sudo privileges and type "sudo -i"
2. Copy and paste openpanel installation command into the terminal
```shell
bash <(curl -sSL https://openpanel.org)
```
The installation script supports [optional flags](/install) that can be used to configure openpanel, skip certain installation steps or simply display debugging information.
If you encountered any errors while running the installation script, please copy & paste the installation log file to [the community forums](https://community.openpanel.org).
[Amazon Web Services (AWS)](/docs/articles/install-update/install-on-aws)
[DigitalOcean](/docs/articles/install-update/install-on-digitalocean)
[Google Cloud Platform (GCP)](/docs/articles/install-update/install-on-google-cloud)
[Microsoft Azure](/docs/articles/install-update/install-on-microsoft-azure)
[Vultr](/docs/articles/install-update/install-on-vultr)
[CloudInit](/docs/articles/install-update/install-using-cloudinit)
[Ansible](/docs/articles/install-update/install-using-ansible)
[Virtualizor](/docs/articles/install-update/install-on-virtualizor)
## Post Install Steps
Recommended steps after installing OpenPanel:
- [Access the OpenAdmin panel](/docs/articles/dev-experience/how-to-access-openadmin)
- [Configure Domain and SSL for OpenPanel](/docs/admin/settings/general/#set-domain-for-openpanel)
- [Enable Modules (features) in OpenPanel UI](/docs/admin/settings/modules/)
- [Configure Custom Nameservers](/docs/articles/domains/how-to-configure-nameservers-in-openpanel/)
- [Create Hosting Packages](/docs/admin/plans/hosting_plans#create-a-plan)
- [Create New User Accounts](/docs/admin/accounts/users/#create-users)
- [Set Email address to receive Alerts](/docs/admin/notifications/#email-alerts)
- [Change Update Preferences](/docs/admin/settings/updates)
- [Secure OpenPanel for Production Use](/docs/articles/security/securing-openpanel/)
---
// File: admin/001_dashboard
# Dashboard
The dashboard page is the hub of the OpenAdmin interface and provides the overview of the current server performance and usage.
The dashboard page contains widgets:
- **User Activity** widget: Displays real-time combined activity log of all OpenPanel users.
- **Latest News** widget: Displays blog articles from the OpenPanel blog.
- **System Information** widget: Displays Information about your server configuration: Hostname, OS, OpenPanel version, Kernel, CPU type, Uptime, NUmber of Running Processes and available Package Updates.
## Usage
In the top-right corner of every page in **OpenAdmin**, administrators can monitor real-time resource usage, including **Load**, **Memory**, **CPU**, and **Disk**.
Hovering over each metric provides detailed information:
* **Load** – Average system load over 1, 5, and 15 minutes
* **Memory** – Usage of physical memory and SWAP
* **CPU** – Usage per CPU core
* **Disk** – Usage per disk partition

## User Activity
The **User Activity** widget provides a combined list of latest actions from all OpenPanel users (their activity logs).
## Latest News
The **Latest News** widget displays news from [OpenPanel Blog](https://openpanel.com/blog).
## System Information
The **System Information** widget displays information about your server:
- Hostname
- OS
- OpenPanel version
- Server Time
- Kernel version
- CPU model
- Uptime
- Number of running processes
- Available Package updates
## Try Enterprise
The **Try Enterprise** widget is displayed on Community Edition only and displays features for Enterprise edition and options to upgrade.
## Found a Bug
By default, every page in both the OpenPanel and OpenAdmin UIs includes a **"Found a bug? Let us know"** link at the bottom. This link allows users to report issues directly to our [GitHub Issues](https://github.com/stefanpejcic/OpenPanel/issues) page and includes basic information to help reproduce the problem.
For the OpenPanel UI, administrators can disable this link by going to **OpenAdmin > Settings > OpenPanel** and toggling off the **"Display link to report bugs"** option.
## Dark Mode
To enable Dark Mode, click your username in the bottom-left corner and select the Moon icon. To switch back to Light Mode, click the Sun icon.

## Menu
OpenAdmin menu lists all available options in the OpenAdmin interface. Simply click on a menu item to open it.
## Search
Search returns:
- OpenPanel users with login link for their OpenPanel
- Website/Domains of users
- Features/pages in the Admin interface
## Keyboard Shortcuts
OpenAdmin UI can be navigated using keyboard shortcuts: [view documentation](/docs/articles/dev-experience/openadmin-keyboard-shortcuts/).
## Logout
To log out of the OpenAdmin account, click your username in the bottom-left corner and select 'Sign out' option.
---
// File: admin/002_notifications
# Notifications
Notifications are accessible via the 'Notifications' menu item in OpenAdmin.

OpenPanel tracks and notifies you of these events:
* Server reboot
* Service inactivity
* Available updates
* Admin login from a new IP address
* SSH login from a new IP address
* High memory usage
* High average load
* High CPU usage
* High disk usage
* High swap usage
* DNS changes
Each notification type can be individually disabled, and admins can set custom threshold limits.
To manage notification settings, click the **Settings** button on the Notifications page or navigate to: [Settings > Notifications](/docs/admin/settings/notifications).
---
// File: admin/license
# License
Add your OpenPanel Enterprise license key to unlock premium features.
## License Key
Enter your [OpenPanel Enterprise edition](https://my.openpanel.com/clientarea.php?action=products) license key here. Activating the license enables advanced capabilities such as:
* Email and FTP account management
* Reseller management
* API access
* Billing integrations with WHMCS, FOSSBilling, and more
For a step-by-step activation process, see the [Upgrading to OpenPanel Enterprise and activating License guide](/docs/articles/license/upgrade_to_openpanel_enterprise_and-activate_license/).
## Contact Support
When reaching out to support, generate a system report to provide detailed information about your setup.
---
// File: admin/accounts/users
# Users
OpenPanel has a single user role named **User** that can only manage their docker container and inherits settings specified by the Admin user.
## List Users
To access all OpenPanel users, navigate to Users.
The Users page displays a table with user information and buttons to manage it.

Additional Columns can be displayed using the 'Show Columns' button.
Suspended users are highlighted in red, and no actions can be performed on a suspended user.
To list all users, use the following command:
```bash
opencli user-list
```
Example output:
```bash
opencli user-list
+----+----------------------------------+----------------------+----------------+------------------+-------+---------------------+
| id | username | email | plan_name | server | owner | registered_date |
+----+----------------------------------+----------------------+----------------+------------------+-------+---------------------+
| 3 | forums | stefan@openpanel.com | Standard plan | forums | NULL | 2025-05-08 19:25:47 |
| 7 | pcx3 | stefan@pejcic.rs | Developer Plus | pcx3 | NULL | 2025-05-09 12:26:20 |
| 9 | openpanelwebsite | info@openpanel.com | Standard plan | openpanelwebsite | NULL | 2025-05-09 14:47:27 |
| 19 | SUSPENDED_20250529173435_radovan | radovan@jecmenica.rs | Standard plan | radovan | NULL | 2025-05-29 07:47:15 |
+----+----------------------------------+----------------------+----------------+------------------+-------+---------------------+
```
You can also format the data as JSON:
```bash
opencli user-list --json
```
To list all users, use the following api endpoint:
```bash
curl -X GET http://PANEL:2087/api/users -H "Authorization: Bearer JWT_TOKEN_HERE"
```
## Create Users
To create a new user, click on the 'New User' button on the Users page. A new section will be displayed with a form where you can set the email address, username, generate a strong password, and assign a hosting plan for the user.

To create a new user run the following command:
```bash
opencli user-add
```
Example:
```bash
opencli user-add filip password1234 filip@openadmin.com default_plan_apache
```
:::tip
Provide `generate` as password to generate a strong random password.
:::
To create a new user use the following api call:
```bash
curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer JWT_TOKEN_HERE" -d '{"email": "EMAIL_HERE", "username": "USERNAME_HERE", "password": "PASSWORD_HERE", "plan_name": "PLAN_NAME_HERE"}' http://PANEL:2087/api/users
```
Example:
```bash
curl -X POST "http://PANEL:2087/api/users" -H "Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGcBns" -H "Content-Type: application/json" -d '{"username":"stefan","password":"strongishpassword1234","email":"stefan@pejcic.rs","plan_name":"default_plan_nginx"}'
```
Example response:
```json
{
"response": {
"message": "Successfully added user stefan password: strongishpassword1234"
},
"success": true
}
```
- The OpenPanel username must be 3 to 16 characters long and can only contain letters and numbers.
- The OpenPanel password must be 6 to 30 characters long and can include any characters except for single quotes (`'`) and double quotes (`"`).
## Single User
To view detailed information about a user, and edit their settings, click on their username in the users table.
### Statistics
Statistics is the default tab, displays current usage statistics:
- Storage used
- Inodes used
- CPU usage
- Memory usage
- Number of running containers
- Disk I/O
- Network I/O
- Number of PIDs
- Time statistics usage was last update
- Historical usage
Clicking on 'Load Docker Usage History' will display a table with past resource usage for the user: Date, number of running containers, CPU% and Memory%, Net I/O and Block I/O.

### Services
Services tab displays all user services (docker containers):
- Service name
- Docker Image name and tag
- Current CPU usage
- Allocated CPU for the service
- Current Memory usage
- Allocated Memory for the service
- Current status: Enabled or Disabled
- Terminal link to run docker exec commands in that service.

### Storage
Storage tab displays data from the [docker system df](https://docs.docker.com/reference/cli/docker/system/df/) command.
- Volumes
- Containers
- Images
### Overview
Overview page displays detailed user information and allows Administrator to set a custom message specifically for this user.

Displayed information:
- User ID
- Email Address
- IP Address
- Geo Location for the IP
- Server Name
- Docker Context
- 2FA status
- Setup Time
- Custom Message for user
### Activity
Displays [users activity log](/docs/panel/account/account_activity/).
- Date
- Action performed
- IP Address

### Edit
From the Edit tab, Administrators can edit user information:
- Username
- Email address
- Password
- IP address
- Hosting Package

### Suspend
Suspending an account will immediately disable the user's access to the OpenPanel. This action involves pausing the user's Docker container and revoking access to their email, website, and other associated services. Please be aware of the immediate impact before proceeding.
To suspend a user click on the Suspend link on that user page and type the username to confirm, then click on 'Suspend account' button.

To suspend (temporary disable access) to user, run the following command:
```bash
opencli user-suspend
```
Example:
```bash
opencli user-suspend filip
```
### Unsuspend
To unsuspend a user click on the Unsuspend button for that user.
To unsuspend (enable access) to user, run the following command:
```bash
opencli user-unsuspend
```
Example:
```bash
opencli user-unsuspend filip
```
### Reset Password
To reset password for a user, click on "Edit" tab and set the new password in the Password field then click Save.

To reset the password for a OpenPanel user, you can use the `user-password` command:
```bash
opencli user-password
```
Use the `--ssh` flag to also change the password for the SSH user in the container.
Example:
```bash
opencli user-password filip Ty7_K8_M2 --ssh
```
To reset password for an OpenPanel user, use the following api call:
```bash
curl -X PATCH http://PANEL:2087/api/users/USERNAME_HERE -H "Content-Type: application/json" -H "Authorization: Bearer JWT_TOKEN_HERE" -d '{"password": "NEW_PASSWORD_HERE"}'
```
### Rename
To Rename a user, click on the 'Edit Information' link for the user, then change the address in 'Username' field and click on 'Save changes'.
To change username for a user run the following command:
```bash
opencli user-rename
```
Example:
```bash
#opencli user-rename stefan pejcic
User 'stefan' successfully renamed to 'pejcic'.
```
### Change Package
To change a package for a user, click on the 'Edit' link for the user, then select the new package and click on 'Save changes'.
To change a package for a user run the following command:
```bash
opencli user-change_plan ''
```
### Change Email
To change email address for a user, click on the 'Edit Information' link for the user, then change the address in 'Email address' field and click on 'Save changes'.
To change email address for a user run the following command:
```bash
opencli user-email
```
Example:
```bash
#opencli user-email stefan stefan@pejcic.rs
Email for user stefan updated to stefan@pejcic.rs.
```
### Login to OpenPanel
To auto-login to a OpenPanel account, click on the **OpenPanel** button in top-right corner of the page.
### Delete User
To delete a user click on the delete button for that user, then type 'delete' in the confirmation modal and finally click on the 'Terminate' button.
To delete a user and all his data run the following command:
```bash
opencli user-delete
```
add `-y` flag to disable prompt.
Example:
```bash
opencli user-delete filip -y
```
:::danger
This action is irreversible and will permanently delete all user data.
:::
---
// File: admin/accounts/resellers
# Resellers
The **Resellers** feature allows administrators to create and manage Reseller users within OpenPanel. Resellers can act as sub-administrators, managing their own set of user accounts within the limits defined by the root administrator.
This feature is useful for hosting providers who want to delegate control to third-party resellers, while still maintaining overall control and isolation.
---
## Reseller Management Interface
The interface displays a table of existing reseller users with the following columns:
- **Username**
The unique identifier of the reseller user.
- **Status**
Indicates whether the reseller account is active or suspended.
- **Last Login IP**
The IP address from which the reseller last accessed the panel.
- **Last Login Time**
Timestamp of the last successful login by the reseller.
- **Current Accounts**
The number of user accounts currently managed by the reseller.
- **Max Accounts**
The maximum number of user accounts the reseller is allowed to create.
- **Allowed Plans**
Lists the hosting plans available to the reseller for assigning to their users.
---
Reseller users have access only to the features and account management tools assigned to them by the root administrator. They cannot exceed the limits defined in their reseller settings.
---
// File: admin/accounts/administrators
import Tabs from '@theme/Tabs';
import TabItem from '@theme/TabItem';
# Administrators
The admin panel has three user roles:
| Role | Description |
| ------------------ | ------------------------------------------------------------------------- |
| **Super Admin** | Has unrestricted privileges, created on OpenPanel installation. |
| **Admin** | Has restricted privileges, can not access all OpenAdmin UI pages and can not edit the SuperAdmin user. |
| **Reseller** | Has restricted privileges. |
## Manage Admin users
Manage administrative users with access to the OpenAdmin interface via the **Administrators** page.
For each admin user, you can view and manage the following details: Username, Status Role, Last Login IP, Last Login Time, Actions.
To list admin users use command:
```bash
opencli admin list
```
## Reset Admin Password
To reset admin password click on the Edit for that user from *Settings > Accounts > Administrators* page, then set the new password.
To reset the password for an admin user:
```bash
opencli admin password
```
Example, reset password for and Admin user:
```bash
opencli admin password admin Pyl7_L2M1
```
## Create new Admin
To create new admin user click on the 'Create New' button in *Settings > Accounts > Administrators* page, set the username and password and click on *Save*.
To create new admin accounts:
```bash
opencli admin new
```
Example:
```bash
opencli admin new filip Pyl7_L2M1
```
## Rename Admin user
To rename an Admin user, select it on **Settings > Accounts > Administrators** page and click on the Edit button and set new username.

To rename admin user:
```bash
opencli admin rename
```
Example:
```bash
opencli admin rename filip filip2
```
## Suspend Admin user
To unsuspend an Admin user, select the user on **Settings > Accounts > Administrators** page and click on the Edit button, then **Unsuspend**.
```bash
opencli admin suspend
```
Example:
```bash
opencli admin suspend filip
```
---
To unsuspend admin user:
```bash
opencli admin unsuspend
```
Example:
```bash
opencli admin unsuspend filip
```
## Delete Admin user
Select the user on **Settings > Accounts > Administrators** page and click on the delete button then confirm.
From the terminal:
To delete admin user:
```bash
opencli admin delete
```
Example:
```bash
opencli admin delete filip
```
:::info
The Super Admin user can not be deleted.
:::
---
// File: admin/advanced/processes
# Process Manager
The Process Manager allows you to view and manage running system processes directly from the OpenPanel interface. It's a powerful tool for monitoring system activity and taking quick action when needed.
The process table includes the following details:
- **PID** – Process ID. Options are available to trace the process or kill it directly.
- **Owner** – The user that owns the process.
- **Priority** – The process's current scheduling priority.
- **CPU** – Percentage of CPU usage.
- **Memory** – Percentage of Memory usage.
- **Command** – The command or service that launched the process.
Use this tool to identify resource-heavy or suspicious processes, manage system load, or terminate unresponsive services.
---
// File: admin/advanced/terminal
# Terminal
The Web Terminal is available in **OpenAdmin**, allowing Super Administrators to manage their server environments directly from the browser.
1. Log in to your OpenAdmin panel.
2. Navigate to **Advanced > Terminal**.
3. Use the dropdown menu or selector to choose your preferred shell type: `sh` or `bash`.
4. The terminal interface will load, and you can begin typing commands immediately.
:::info
The web terminal is available only to the Super Admin. Other Admin users will see a 403 error on this page.
To disable web terminal for Super Admin also, refer to [How to disable the Terminal feature in OpenAdmin](/docs/articles/dev-experience/disable-openadmin-web-terminal/)
:::
---
// File: admin/advanced/root-password
# Change Root Password
Use this section to securely update the SSH password for the root user.
To ensure strong security, your new password must meet the following requirements:
- Length: 8–20 characters
- Must include both letters and numbers
- No spaces, special characters, or emoji are allowed
This action updates the root user's credentials used for direct SSH access to the server. Always store your new password securely and avoid using easily guessable combinations.
---
// File: admin/advanced/ssh
# SSH Access
*OpenAdmin > Server > SSH Access* allows Administrators to view and modify current server SSH configuration.
### Basic SSH Settings

This page displays:
- **Port** - current SSH port
- **PermitRootLogin** - allow login for *root* user
- **PasswordAuthentication** - enable usage of passwords for ssh
- **PubkeyAuthentication** - enable usage of ssh keys
You can change any value and click on the save button to apply.
### Advanced SSH Settings
Here you can edit the SSH configuration file: `/etc/ssh/sshd_config`
### Authorized SSH Keys
Here you can view current authorized ssh keys, remove them or add new key.
---
// File: admin/advanced/crons
# Cron jobs
**OpenAdmin > Advanced > System Cron Jobs** lets Administrators view the scheduled cron tasks used by OpenPanel, modify their schedules, or enable/disable logging to the file `/etc/openpanel/openadmin/cron.log`.

Changing schedules may cause some OpenPanel features to stop working correctly. Only adjust these settings if:
- You need to fine-tune execution on servers with limited resources, or
- You have been advised to do so by OpenPanel support.
These cron jobs are essential for OpenPanel’s internal operations.
If you want to add your own custom cron jobs, use the root user’s crontab.
---
// File: admin/advanced/reboot
# Server Reboot
Initiate a reboot of the server. Depending on the situation, you can perform either a **graceful reboot** or a **forceful reboot**.
- **Graceful Server Reboot** attempts to safely stop running processes and allow the operating system to cleanly shut down services before restarting.
- **Forceful Server Reboot** immediately restarts the system at the kernel level and should only be used if the server is unresponsive.
## Graceful
A graceful reboot tells the operating system to restart normally. Services and user processes are given a chance to shut down cleanly.
Command used:
```bash
reboot
```
## Forceful
A forceful reboot bypasses the normal shutdown procedure and immediately reboots the kernel. This may result in **data loss** or **filesystem inconsistencies**, so it should only be used when the server is completely unresponsive.
Command used:
```bash
echo b > /proc/sysrq-trigger
```
:::danger
⚠️ Use with caution. This command forces an immediate reboot without syncing disks or safely stopping processes.
:::
---
// File: admin/advanced/timezone
# Server Time
Use the Server Time section to update the system-wide timezone for both the host operating system and the OpenPanel user interface.
Changing the timezone ensures that logs, scheduled tasks, and UI timestamps align with your desired regional time settings.
:::info
After changing timezone, we recommend to restart the server or at least the OpenAdmin and Cron services: `systemctl restart admin cron`.
:::
---
// File: admin/advanced/cpanel
# Import cPanel Account
Use **OpenAdmin > Advanced > Import cPanel Account** to create an OpenPanel account from a full cpanel account backup.
For detailed instructions, see the [Import cPanel backup guide](https://openpanel.com/docs/articles/transfers/import-cpanel-backup-to-openpanel/)
---
// File: admin/advanced/demo-mode
# Demo Mode
Enable Demo Mode to lock both the OpenPanel and OpenAdmin interfaces in read-only mode.
This mode is ideal for hosting providers who want to showcase OpenPanel in a secure, public demo environment. Users will be able to explore the UI, but no changes can be made—all actions are disabled across both the admin and user panels.
Once enabled, Demo Mode cannot be turned off via the admin panel.
To disable it, run the following command in your terminal:
```
opencli config update demo_mode off
```
Make sure to configure your demo content and secure the server before enabling this mode. 📘 [Learn more](https://dev.openpanel.com/cli/config.html#Demo-mode)
---
// File: admin/domains/domains
# Manage Domains
Domains page displays all domains currently hosted on server.
## List domains
To list all current domains navigate to Domains page:
| Field | Description |
|-----------------|-------------------------------------------------------------------|
| **Domain** | The domain name. |
| **Status** | Indicates whether the domain is active or suspended. |
| **PHP Version** | The PHP version configured for the domain. |
| **SSL** | Shows whether SSL is enabled for the domain. |
| **WAF** | Indicates if Coraza WAF is enabled or disabled for the domain. |
| **Owner** | The user who added or owns the domain. |
| **Analytics** | View analytics data and reports for the domain. |
To list all current domains run:
```bash
opencli domains-all
```
Example output:
```bash
opencli domains-all
stefan.openpanel.org
pejcic.rs
nesto.com
```
## Add domain
Click on 'Add Domain' button, insert the domain and select the user to add it, then click on 'Add Domain'.
To create a new plan run the following command:
```bash
opencli domains-add [--debug]
```
Example:
```bash
root@stefan:/usr/local/admin# opencli domains-add pejcci.rs wzs11p2i --debug
Checking if domain already exists on the server
Adding pejcci.rs to the domains database
Purging cached list of domains for the account
Creating document root directory /home/wzs11p2i/pejcci.rs
Checking webserver configuration
Checking if default vhosts file exists for Nginx
Checking IPv4 address for the account
Creating /etc/nginx/sites-available/pejcci.rs.conf
Restarting nginx to apply changes
Creating vhosts proxy file for Nginx
Webserver is running, reloading configuration
Creating DNS zone file: /etc/bind/zones/pejcci.rs.zone
DNS service is running, adding the zone
Adding the newly created zone file to the DNS server
Checking and setting nginx service to automatically start on reboot
Starting service for the default PHP version 8.2
Checking and setting PHP service to automatically start on reboot
Checking and starting the ssl generation service
Starting Let'sEncrypt SSL generation in background
Domain pejcci.rs added successfully
```
## Move domain
This is currently not possible.
## Delete domain
Domains can currently be deleted only [from the user interface](/docs/panel/domains/#delete-a-domain).
---
// File: admin/domains/dns
# DNS Zone Editor
Edit the DNS zone for any domain hosted on the server.
1. Navigate to **OpenAdmin > Domains > DNS Zone Editor**.
2. Select the domain whose zone you want to edit.
3. Make your changes in the editor and click **Save** when done.
The DNS zone is reloaded immediately, and propagation begins.
> ⚠️ If there are syntax errors, the zone file will be excluded.
> ✅ Always create a backup before making changes and validate the file to avoid misconfiguration.
---
// File: admin/domains/dns-cluster
# DNS Cluster
DNS clustering allows you to synchronize DNS records from one OpenPanel server to other machines.
To use this feature, **all machines in the cluster must be running BIND9** — either through the OpenPanel installation or as a standalone service/container.
---
## Enable Clustering
Click **Enable DNS Clustering** to activate the feature.
---
### Add Slave Servers
To set up a slave BIND9 server, follow the instructions in [How-to Guides > DNS Clustering](/docs/articles/domains/how-to-setup-dns-cluster-in-openpanel/).
Once the slave is ready:
1. Enter the slave server's IP address in the form on master server.
2. OpenAdmin will attempt to connect and immediately sync DNS zones.
3. All future domains and DNS changes made by users will be automatically propagated to the slave server.
> To confirm the setup is working, check that the DNS zones appear on the slave server.
---
### Remove Slave Server
Currently, slave servers can **only be removed via the terminal**.
---
## Disable Clustering
Click **Disable DNS Clustering** to turn off the feature.
---
// File: admin/domains/dns_templates
# Edit Zone Templates
This interface allows you to edit the DNS zone file templates that OpenPanel uses when creating zones for new domains.
It is useful if you require custom DNS configurations.

- **IPv4 Template** – Used for new domains assigned IPv4 addresses.
- **IPv6 Template** – Used for new domains assigned IPv6 addresses.
---
## Available Template Variables
You can include the following variables in your DNS zone templates:
| Variable | Description |
|----------------|-----------------------------------------------------------------------------|
| `{ns1}` | Hostname of the primary nameserver (used in the NS record). |
| `{ns2}` | Hostname of the secondary nameserver. |
| `{ns3}` | Hostname of the tertiary nameserver. |
| `{ns4}` | Hostname of the quaternary nameserver. |
| `{server_ip}` | IP address of the domain (either IPv4 or IPv6, depending on the template). |
| `{rpemail}` | Contact email address from OpenAdmin, or `root@domain`. |
---
## Restore Defaults
To reset a template to its default version:
1. Click **Restore Default** for the corresponding section.
2. Then click **Save Files** to apply the changes.
> ⚠️ Defaults are pulled from the official GitHub repository. Always review before saving.
---
// File: admin/domains/file_templates
# Edit Domain Templates
This interface allows you to edit the VirtualHosts templates and default landing pages used for new domains.
- Default Page: Template displayed on new domains without any content.
- Suspended Website: Template displayed on websites (domains) that user suspends.
- Suspended User: Template displayed on all websites (domains) that suspended user owns.
- Apache VirtualHost: Template used for creating VirtualHosts of domains added by users with Apache webserver.
- Nginx VirtualHost: Template used for creating VirtualHosts of domains added by users with Nginx webserver.
- OpenResty VirtualHost: Template used for creating VirtualHosts of domains added by users with OpenResty webserver.
## Default Page
This is the HTML page shown on new domains that do **not** have `index.html` or `index.php` in their document root.
```html
No website yet
Reaaady, set, internet 🎉
This domain currently has no website. Please check back later.
```
- Edit the code on the **left side** of the editor.
- Preview live changes on the **right side**.
- When finished, click **Save Files** to apply your changes.
To revert to the original template:
1. Click **Restore Default** to reload the version from GitHub.
2. Don’t forget to click **Save Files** afterward to confirm the reset.
## Suspended Website
This is the HTML page shown on all domains that users suspend **manually**.
```html
Website Suspended
Website Suspended
This website has been suspended. Please contact the administrator for more details.
```
- Edit the code on the **left side** of the editor.
- Preview live changes on the **right side**.
- When finished, click **Save Files** to apply your changes.
To revert to the original template:
1. Click **Restore Default** to reload the version from GitHub.
2. Don’t forget to click **Save Files** afterward to confirm the reset.
## Suspended User
This is the HTML page shown on all domains owned by the user when their account is suspended **by the Administrator**.
```html
Account Suspended
Account Suspended
This account has been suspended. If you believe this is a mistake, please contact support.
```
- Edit the code on the **left side** of the editor.
- Preview live changes on the **right side**.
- When finished, click **Save Files** to apply your changes.
To revert to the original template:
1. Click **Restore Default** to reload the version from GitHub.
2. Don’t forget to click **Save Files** afterward to confirm the reset.
## Apache VirtualHost
This is the template used for creating VirtualHosts of domains added by users **when using the Apache webserver**.
```bash
ServerName
ServerAlias www.
DocumentRoot
#
>
Require all denied
#
>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
DirectoryIndex index.php index.html default_page.html
# Alias for default_page.html
Alias /default_page.html /etc/apache2/default_page.html
Require all granted
Options -Indexes
SetEnvIf Request_URI ^/default_page.html allow_default_page
SetHandler "proxy:fcgi://php-fpm-:9000"
ServerName
ServerAlias www.
DocumentRoot
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/cert.crt
SSLCertificateKeyFile /etc/apache2/ssl/cert.key
>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
DirectoryIndex index.php index.html default_page.html
# Alias for default_page.html
Alias /default_page.html /etc/apache2/default_page.html
Require all granted
Options -Indexes
SetEnvIf Request_URI ^/default_page.html allow_default_page
SetHandler "proxy:fcgi://php-fpm-:9000"
```
- Edit the code in the editor.
- When finished, click **Save Files** to apply your changes.
To revert to the original Apache template:
1. Click **Restore Default** to reload the version from GitHub.
2. Don’t forget to click **Save Files** afterward to confirm the reset.
## Nginx VirtualHost
This is the template used for creating VirtualHosts of domains added by users **when using the Nginx webserver**.
```bash
# content
server {
listen 80;
server_name www.;
access_log off;
#
location ~* ^/(\.git|composer\.(json|lock)|auth\.json|config\.php|wp-config\.php|vendor) {
deny all;
return 403;
}
#
root ;
location / {
real_ip_header X-Forwarded-For;
set_real_ip_from 172.17.0.0/16;
try_files $uri $uri/ /index.php$is_args?$args;
index index.php index.html /default_page.html;
autoindex on;
}
location = /default_page.html {
alias /etc/nginx/default_page.html;
default_type text/html;
access_log off;
log_not_found off;
}
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass php-fpm-:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
}
server {
listen 443 ssl;
http2 on; #nginx >= 1.25.1
server_name www.;
access_log off;
root ;
# SSL Configuration
ssl_certificate /etc/nginx/ssl/cert.crt;
ssl_certificate_key /etc/nginx/ssl/cert.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
location / {
real_ip_header X-Forwarded-For;
set_real_ip_from 172.17.0.0/16;
try_files $uri $uri/ /index.php$is_args?$args;
index index.php index.html /default_page.html;
autoindex on;
}
location = /default_page.html {
alias /etc/nginx/default_page.html;
default_type text/html;
access_log off;
log_not_found off;
}
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass php-fpm-:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
}
```
- Edit the code in the editor.
- When finished, click **Save Files** to apply your changes.
To revert to the original Nginx template:
1. Click **Restore Default** to reload the version from GitHub.
2. Don’t forget to click **Save Files** afterward to confirm the reset.
## OpenResty VirtualHost
This is the template used for creating VirtualHosts of domains added by users **when using the OpenResty webserver**.
```bash
# content
server {
listen 80;
server_name www.;
access_log off;
#
location ~* ^/(\.git|composer\.(json|lock)|auth\.json|config\.php|wp-config\.php|vendor) {
deny all;
return 403;
}
#
root ;
location /hello {
default_type 'text/plain';
content_by_lua_block {
ngx.say("Hello from OpenResty!")
}
}
location / {
real_ip_header X-Forwarded-For;
set_real_ip_from 172.17.0.0/16;
try_files $uri $uri/ /index.php$is_args?$args;
index index.php index.html /default_page.html;
autoindex on;
}
location = /default_page.html {
alias /etc/nginx/default_page.html;
default_type text/html;
access_log off;
log_not_found off;
}
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass php-fpm-:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
}
server {
listen 443 ssl;
http2 on; #nginx >= 1.25.1
server_name www.;
access_log off;
root ;
# SSL Configuration
ssl_certificate /etc/nginx/ssl/cert.crt;
ssl_certificate_key /etc/nginx/ssl/cert.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
location /hello {
default_type 'text/plain';
content_by_lua_block {
ngx.say("Hello from OpenResty!")
}
}
location / {
real_ip_header X-Forwarded-For;
set_real_ip_from 172.17.0.0/16;
try_files $uri $uri/ /index.php$is_args?$args;
index index.php index.html /default_page.html;
autoindex on;
}
location = /default_page.html {
alias /etc/nginx/default_page.html;
default_type text/html;
access_log off;
log_not_found off;
}
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass php-fpm-:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
}
```
- Edit the code in the editor.
- When finished, click **Save Files** to apply your changes.
To revert to the original OpenResty template:
1. Click **Restore Default** to reload the version from GitHub.
2. Don’t forget to click **Save Files** afterward to confirm the reset.
## Varnish Template
This is the template used for creating `default.vcl` file for users **when using the Varnish Caching**.
The placeholder `VARNISH_BACKEND_HOST` is automatically replaced with the user's actual web server - Nginx, Apache, or OpenResty.
```bash
vcl 4.1;
backend default {
.host = "VARNISH_BACKEND_HOST";
.port = "80";
.max_connections = 2048;
}
# Define an access control list to restrict cache purging.
acl purge {
"localhost";
"172.17.0.0/16";
}
sub vcl_hit {
if (req.http.X-Forwarded-Proto == "https") {
set req.http.X-Forwarded-Proto = "https";
} else {
set req.http.X-Forwarded-Proto = "http";
}
if (obj.ttl > 0s) {
return (deliver);
}
if (obj.ttl + obj.grace > 0s) {
return (deliver);
}
return (miss); # Use "miss" instead of "fetch"
}
sub vcl_recv {
# Remove empty query string parameters
# e.g.: www.example.com/index.html?
if (req.url ~ "\?$") {
set req.url = regsub(req.url, "\?$", "");
}
# Remove port number from host header
set req.http.Host = regsub(req.http.Host, ":[0-9]+", "");
# Remove the proxy header to mitigate the httpoxy vulnerability
# See https://httpoxy.org/
unset req.http.proxy;
# Purge logic to remove objects from the cache.
# Tailored to the Proxy Cache Purge WordPress plugin
# See https://wordpress.org/plugins/varnish-http-purge/
if(req.method == "PURGE") {
if(!client.ip ~ purge) {
return(synth(405,"PURGE not allowed for this IP address"));
}
if (req.http.X-Purge-Method == "regex") {
ban("obj.http.x-url ~ " + req.url + " && obj.http.x-host == " + req.http.host);
return(synth(200, "Purged"));
}
ban("obj.http.x-url == " + req.url + " && obj.http.x-host == " + req.http.host);
return(synth(200, "Purged"));
}
# Only handle relevant HTTP request methods
if (
req.method != "GET" &&
req.method != "HEAD" &&
req.method != "PUT" &&
req.method != "POST" &&
req.method != "PATCH" &&
req.method != "TRACE" &&
req.method != "OPTIONS" &&
req.method != "DELETE"
) {
return (pipe);
}
# Remove tracking query string parameters used by analytics tools
if (req.url ~ "(\?|&)(_branch_match_id|_bta_[a-z]+|_bta_c|_bta_tid|_ga|_gl|_ke|_kx|campid|cof|customid|cx|dclid|dm_i|ef_id|epik|fbclid|gad_source|gbraid|gclid|gclsrc|gdffi|gdfms|gdftrk|hsa_acc|hsa_ad|hsa_cam|hsa_grp|hsa_kw|hsa_mt|hsa_net|hsa_src|hsa_tgt|hsa_ver|ie|igshid|irclickid|matomo_campaign|matomo_cid|matomo_content|matomo_group|matomo_keyword|matomo_medium|matomo_placement|matomo_source|mc_[a-z]+|mc_cid|mc_eid|mkcid|mkevt|mkrid|mkwid|msclkid|mtm_campaign|mtm_cid|mtm_content|mtm_group|mtm_keyword|mtm_medium|mtm_placement|mtm_source|nb_klid|ndclid|origin|pcrid|piwik_campaign|piwik_keyword|piwik_kwd|pk_campaign|pk_keyword|pk_kwd|redirect_log_mongo_id|redirect_mongo_id|rtid|s_kwcid|sb_referer_host|sccid|si|siteurl|sms_click|sms_source|sms_uph|srsltid|toolid|trk_contact|trk_module|trk_msg|trk_sid|ttclid|twclid|utm_[a-z]+|utm_campaign|utm_content|utm_creative_format|utm_id|utm_marketing_tactic|utm_medium|utm_source|utm_source_platform|utm_term|vmcid|wbraid|yclid|zanpid)=") {
set req.url = regsuball(req.url, "(_branch_match_id|_bta_[a-z]+|_bta_c|_bta_tid|_ga|_gl|_ke|_kx|campid|cof|customid|cx|dclid|dm_i|ef_id|epik|fbclid|gad_source|gbraid|gclid|gclsrc|gdffi|gdfms|gdftrk|hsa_acc|hsa_ad|hsa_cam|hsa_grp|hsa_kw|hsa_mt|hsa_net|hsa_src|hsa_tgt|hsa_ver|ie|igshid|irclickid|matomo_campaign|matomo_cid|matomo_content|matomo_group|matomo_keyword|matomo_medium|matomo_placement|matomo_source|mc_[a-z]+|mc_cid|mc_eid|mkcid|mkevt|mkrid|mkwid|msclkid|mtm_campaign|mtm_cid|mtm_content|mtm_group|mtm_keyword|mtm_medium|mtm_placement|mtm_source|nb_klid|ndclid|origin|pcrid|piwik_campaign|piwik_keyword|piwik_kwd|pk_campaign|pk_keyword|pk_kwd|redirect_log_mongo_id|redirect_mongo_id|rtid|s_kwcid|sb_referer_host|sccid|si|siteurl|sms_click|sms_source|sms_uph|srsltid|toolid|trk_contact|trk_module|trk_msg|trk_sid|ttclid|twclid|utm_[a-z]+|utm_campaign|utm_content|utm_creative_format|utm_id|utm_marketing_tactic|utm_medium|utm_source|utm_source_platform|utm_term|vmcid|wbraid|yclid|zanpid)=[-_A-z0-9+(){}%.*]+&?", "");
set req.url = regsub(req.url, "[?|&]+$", "");
}
# Only cache GET and HEAD requests
if (req.method != "GET" && req.method != "HEAD") {
set req.http.X-Cacheable = "NO:REQUEST-METHOD";
return(pass);
}
# Mark static files with the X-Static-File header, and remove any cookies
# X-Static-File is also used in vcl_backend_response to identify static files
if (req.url ~ "^[^?]*\.(7z|avi|bmp|bz2|css|csv|doc|docx|eot|flac|flv|gif|gz|ico|jpeg|jpg|js|less|mka|mkv|mov|mp3|mp4|mpeg|mpg|odt|ogg|ogm|opus|otf|pdf|png|ppt|pptx|rar|rtf|svg|svgz|swf|tar|tbz|tgz|ttf|txt|txz|wav|webm|webp|woff|woff2|xls|xlsx|xml|xz|zip)(\?.*)?$") {
set req.http.X-Static-File = "true";
unset req.http.Cookie;
return(hash);
}
# No caching of special URLs, logged in users and some plugins
if (
req.http.Cookie ~ "wordpress_(?!test_)[a-zA-Z0-9_]+|wp-postpass|comment_author_[a-zA-Z0-9_]+|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_[a-zA-Z0-9]+|wordpress_logged_in_|comment_author|PHPSESSID" ||
req.http.Authorization ||
req.url ~ "add_to_cart" ||
req.url ~ "edd_action" ||
req.url ~ "nocache" ||
req.url ~ "^/addons" ||
req.url ~ "^/bb-admin" ||
req.url ~ "^/bb-login.php" ||
req.url ~ "^/bb-reset-password.php" ||
req.url ~ "^/cart" ||
req.url ~ "^/checkout" ||
req.url ~ "^/control.php" ||
req.url ~ "^/login" ||
req.url ~ "^/logout" ||
req.url ~ "^/lost-password" ||
req.url ~ "^/my-account" ||
req.url ~ "^/product" ||
req.url ~ "^/register" ||
req.url ~ "^/register.php" ||
req.url ~ "^/server-status" ||
req.url ~ "^/signin" ||
req.url ~ "^/signup" ||
req.url ~ "^/stats" ||
req.url ~ "^/wc-api" ||
req.url ~ "^/wp-admin" ||
req.url ~ "^/wp-comments-post.php" ||
req.url ~ "^/wp-cron.php" ||
req.url ~ "^/wp-login.php" ||
req.url ~ "^/wp-activate.php" ||
req.url ~ "^/wp-mail.php" ||
req.url ~ "^/wp-login.php" ||
req.url ~ "^\?add-to-cart=" ||
req.url ~ "^\?wc-api=" ||
req.url ~ "^/preview=" ||
req.url ~ "^/\.well-known/acme-challenge/"
) {
set req.http.X-Cacheable = "NO:Logged in/Got Sessions";
if(req.http.X-Requested-With == "XMLHttpRequest") {
set req.http.X-Cacheable = "NO:Ajax";
}
return(pass);
}
# Remove any cookies left
unset req.http.Cookie;
return(hash);
}
sub vcl_hash {
if(req.http.X-Forwarded-Proto) {
# Create cache variations depending on the request protocol
hash_data(req.http.X-Forwarded-Proto);
}
}
sub vcl_pipe {
if (req.http.upgrade) {
set bereq.http.upgrade = req.http.upgrade;
}
return (pipe);
}
sub vcl_backend_response {
# Inject URL & Host header into the object for asynchronous banning purposes
set beresp.http.x-url = bereq.url;
set beresp.http.x-host = bereq.http.host;
# If we dont get a Cache-Control header from the backend
# we default to 1h cache for all objects
if (!beresp.http.Cache-Control) {
set beresp.ttl = 1h;
set beresp.http.X-Cacheable = "YES:Forced";
}
# If the file is marked as static we cache it for 1 day
if (bereq.http.X-Static-File == "true") {
unset beresp.http.Set-Cookie;
set beresp.http.X-Cacheable = "YES:Forced";
set beresp.ttl = 1d;
}
# Remove the Set-Cookie header when a specific Wordfence cookie is set
if (beresp.http.Set-Cookie ~ "wfvt_|wordfence_verifiedHuman") {
unset beresp.http.Set-Cookie;
}
if (beresp.http.Set-Cookie) {
set beresp.http.X-Cacheable = "NO:Got Cookies";
} elseif(beresp.http.Cache-Control ~ "private") {
set beresp.http.X-Cacheable = "NO:Cache-Control=private";
}
}
sub vcl_deliver {
# Debug header
if(req.http.X-Cacheable) {
set resp.http.X-Cacheable = req.http.X-Cacheable;
} elseif(obj.uncacheable) {
if(!resp.http.X-Cacheable) {
set resp.http.X-Cacheable = "NO:UNCACHEABLE";
}
} elseif(!resp.http.X-Cacheable) {
set resp.http.X-Cacheable = "YES";
}
### uncomment to remove from responses ###
# unset resp.http.X-Powered-By;
# unset resp.http.Server;
# unset resp.http.server;
# unset resp.http.via;
# unset resp.http.x-powered-by;
# unset resp.http.x-runtime;
# unset resp.http.x-varnish;
unset resp.http.x-url;
unset resp.http.x-host;
return (deliver);
}
```
- Edit the code in the editor.
- When finished, click **Save Files** to apply your changes.
To revert to the original Varnish template:
1. Click **Restore Default** to reload the version from GitHub.
2. Don’t forget to click **Save Files** afterward to confirm the reset.
---
// File: admin/emails/emails
# Email Accounts
The Emails section provides an overview of all email accounts managed through OpenPanel.
Use this interface to review usage, access webmail, and manage user-level email settings.
The table includes the following information:
- **Email** – The full email address of the account.
- **Quota** – The storage limit assigned to the account.
- **Webmail** – A quick-access button to log in directly to the webmail interface for that account.
This section is useful for monitoring email resource usage and offering users easy access to their inbox.
:::info
Emails are only available on [OpenPanel Enterprise edition](/enterprise)
:::
---
// File: admin/emails/summary
# Summary Reports
Email Summary Reports show daily and monthly reports for all outgoing emails on the server.
:::info
Emails are only available on [OpenPanel Enterprise edition](/enterprise)
:::
---
// File: admin/emails/settings
# Email Settings
The Email Settings section allows you to configure various parameters for the MailServer stack to ensure efficient and secure email management.
:::info
Emails are only available on [OpenPanel Enterprise edition](/enterprise)
:::
## MailServer Status
The status of the Mail Server service is displayed at the top of the page, where administrators can start, stop, or restart the service as needed.
## Accounts
Displays the total number of email accounts currently active on the server. This includes all accounts across all domains configured on the system.
## Webmail
- Status - displays current webmail service status
- Current Software - displays current selected client
- Select Webmail Client - Choose the webmail client your users will interact with. The service will be restarted to apply any changes made.
- Set Webmail domain - Configure domain to be used for webmail service. Webmail will be available on this domain and /webmail on every user domain will redirect to this domain.
## Enable Services
Administrators can set and configure different services based on their needs.
Configure services for the MailServer stack:
| Service | Description |
|----------------------------------------|-----------------------------------------------------------------------------|
| **Amavis** | Amavis content filter (used for ClamAV & SpamAssassin). |
| **DNS block lists** | Enables DNS block lists in Postscreen. |
| **Rspamd** | Enable or disable Rspamd. |
| **SpamAssassin** | Analyzes incoming mail and assigns a spam score. |
| **MTA-STS** | Enables MTA-STS support for outbound mail. |
| **OpenDKIM service** | Enables the OpenDKIM service for email signing. |
| **OpenDMARC service** | Enables the OpenDMARC service for email domain-based message authentication. |
| **POP3** | Enables the POP3 service for email retrieval. |
| **IMAP** | Enables the IMAP service for email retrieval. |
| **ClamAV** | Enables the ClamAV antivirus service. |
| **fail2ban** | Enables the fail2ban service to ban IPs based on suspicious activity. |
| **Only SMTP** | If enabled, only the Postfix service is started, and users cannot receive incoming email. |
| **Sender Rewriting Scheme** | Enables the Sender Rewriting Scheme, needed for email forwarding (see [postsrsd](https://github.com/roehling/postsrsd/blob/main/README.rst) for explanation). |
Changes to this service will interrupt current email traffic and restart the mailserver.
## Relay Hosts
The **Relay Hosts** feature allows you to configure an SMTP relay service (also known as a relay host or smarthost) for relaying (forwarding) outbound email on behalf of third parties. This service does not manage mail domains but helps in routing emails through an external SMTP server.
This feature is useful for organizations that need to route their outgoing email traffic through a trusted third-party service or SMTP server for better deliverability and security.
The following parameters are used to configure the relay host settings:
- **DEFAULT_RELAY_HOST**
Default relay host for outgoing emails. This should match the **RELAY_HOST**.
- Example: `mail.example.com`
- **RELAY_HOST**
The SMTP relay host that all outbound emails will be routed through.
- Example: `mail.example.com`
- **RELAY_PORT**
The port to be used for connecting to the SMTP relay host.
- Example: `25`
- **RELAY_USER (optional)**
The username for authenticating with the relay host. If this is set, secure connections will be required for outbound mail traffic.
- Example: `relay_user`
- **RELAY_PASSWORD**
The password for authenticating with the relay host, used alongside the **RELAY_USER**.
- Example: `relay_password`
When both **RELAY_USER** and **RELAY_PASSWORD** are configured, all outbound mail traffic will require a secure connection and the credentials will be mandatory.
Once configured, click the **Save Relay** button to apply the settings and begin routing outbound emails through the specified relay host.
---
// File: admin/plans/hosting_plans
# User Packages
Hosting plans set limits for users.
## List hosting plans
To list existing plans navigate to Plans page:

| Field | Description |
| ------------------ | ------------------------------------------------------------------------- |
| **Plan Name** | Display name that users will see in their OpenPanel dashboards. |
| **Memory** | Physical Memory (RAM) in GB allocated to the user on this hosting plan. |
| **CPU** | Number of CPU cores dedicated to the user on this hosting plan. |
| **Disk** | Disk space in GB allocated for all user files. |
| **Inodes** | Limits the total number of files allowed for the user. |
| **Port Speed** | Maximum post speed for users in mbit/s. |
| **Domains** | Total number of domain names allowed per user on the plan. |
| **Websites** | Total number of websites (WordPress, NodeJS, Python) per user on the plan. |
| **Databases** | Total number of MySQL/MariaDB databases allowed per user on the plan. |
| **Email accounts** | Total number of email accounts that user can create on the plan. |
| **Mailbox quota** | Max mailbox size for email accounts that user can set on this plan. |
| **Max hourly emails** | Max number of emails that all addresses under this account can send within one hour. |
| **FTP accounts** | Total number of ftp accounts that user can create on the plan. |
| **Feature Set** | [Feature Sets](/docs/admin/settings/openpanel/#enable-features) determine which pages users can access from the OpenPanel interface. |
To list all current hosting packages (plans) run:
```bash
opencli plan-list
```
Example output:
```bash
[root@fajlovi ~]# opencli plan-list
+----+----------------+------------------------+---------------+----------------+-------------+-----------+------------+--------------+----------+------+------+-----------+-------------+-----------------+------------------+
| id | name | description | domains_limit | websites_limit | email_limit | ftp_limit | disk_limit | inodes_limit | db_limit | cpu | ram | bandwidth | feature_set | max_email_quota | max_hourly_email |
+----+----------------+------------------------+---------------+----------------+-------------+-----------+------------+--------------+----------+------+------+-----------+-------------+-----------------+------------------+
| 1 | Standard plan | Small plan for testing | 0 | 10 | 0 | 0 | 5 GB | 1000000 | 0 | 2 | 2g | 10 | basic | 0 | 0 |
| 2 | Developer Plus | 4 cores, 6G ram | 0 | 10 | 0 | 0 | 20 GB | 2500000 | 0 | 4 | 6g | 100 | default | 0 | 1000 |
+----+----------------+------------------------+---------------+----------------+-------------+-----------+------------+--------------+----------+------+------+-----------+-------------+-----------------+------------------+
```
You can also format the data as JSON:
```bash
opencli plan-list --json
```
## Create a plan
To create a new hosting package, click the **'Create New'** button and configure the desired limits:

* **Name** – Can include any characters.
* **Description** – Internal note for admins, visible only in OpenAdmin.
* **Disk** – Storage in GB. Use `0` for unlimited.
* **Inodes** – Number of inodes. Use `0` for unlimited.
* **CPU** – Number of CPU cores allocated across all user services. Set to `0` for unlimited. Cannot exceed total server cores.
* **Memory** – Amount of physical memory in GB allocated across all user services. Set to `0` for unlimited. Cannot exceed total server memory.
* **Port Speed** – Maximum speed in Mbit/s for user services *(Deprecated and not enforced)*.
* **Databases** – Max number of databases (MySQL, MariaDB, PostgreSQL). Use `0` for unlimited.
* **Websites** – Max number of websites in Site Manager (WordPress, WebsiteBuilder, NodeJS/Python). Use `0` for unlimited.
* **FTP accounts** – Max number of FTP sub-accounts. Use `0` for unlimited.
* **Email accounts** – Max number of email sub-accounts. Use `0` for unlimited.
* **Max hourly emails** – Max number of emails that can be sent within one hour. Use `0` for unlimited.
* **Mailbox quota** – Max mailbox size for email accounts that user can set on this plan.
* **Feature Set** – Name of the feature set that defines available services in the OpenPanel UI.
To create a new plan run the following command:
```bash
pencli plan-create name"" description="" emails= ftp= domains= websites= disk= inodes= databases= cpu= ram= bandwidth= feature_set= max_email_quota= max_hourly_email=
```
Example:
```bash
opencli plan-create name="New Plan" description="This is a new plan" emails=100 ftp=50 domains=20 websites=30 disk=100 inodes=100000 databases=10 cpu=4 ram=8 bandwidth=100 feature_set=default max_email_quota=2G max_hourly_email=1000
```
## Modify plan
To change plan limits click on the **Edit** button for the plan in **OpenAdmin > User Packages** and set the new limits.


The new limits will be applied immediately to all accounts using the package.
## List Users on Plan
To view all users that are currently using a hosting package, simply sort the users table by that package name, or in the search field type the package name.


List all users that are currently using a plan:
```bash
opencli plan-usage
```
Example:
```bash
[root@fajlovi ~]# opencli plan-usage 'Standard plan'
+----+----------------------------------+----------------------+---------------+---------------------+
| id | username | email | plan_name | registered_date |
+----+----------------------------------+----------------------+---------------+---------------------+
| 3 | forums | stefan@openpanel.com | Standard plan | 2025-05-08 19:25:47 |
| 19 | radovan | radovan@jecmenica.rs | Standard plan | 2025-05-29 07:47:15 |
+----+----------------------------------+----------------------+---------------+---------------------+
```
You can also format the data as JSON:
```bash
opencli plan-usage --json
```
## Delete Plan
To delete a hosting package click on the **Delete** link for the desired package.

To delete a hosting plan:
```bash
opencli plan-delete
```
Example:
```bash
opencli plan-delete 'Standard plan'
```
Note: A package cannot be deleted if it has users assigned to it.
---
// File: admin/plans/feature-manager
# Feature Manager
The Feature Manager allows administrators to enable or disable specific features (pages) within the OpenPanel UI. This is useful for customizing the control panel experience based on user roles, security policies, or hosting plans.
Each feature can be toggled individually via the interface. Once activated, the feature becomes visible and accessible to all users. Deactivating a feature hides it from the panel and disables its functionality.


---
## Available Features
Here is the rewritten information in a table format with the requested columns:
| **Name** | **Link** | **Description** | **Note** |
| -------------------------- | ------------------------ | -------------------------------------------------------- | ---------------------------------------------- |
| Email Notifications | `/account/notifications` | Manage email notification preferences. | Emails are sent based on selected preferences. |
| Locales (Language Change) | `/account/languages` | Change the panel interface language. | |
| Favorites (Bookmarks) | `/account/favorites` | Bookmark frequently used pages. | |
| Varnish Caching | `/cache/varnish` | Manage Varnish caching per domain. | |
| Docker (Containers) | `/containers` | Allocate resources and manage container lifecycles. | |
| FTP Accounts | `/ftp` | Create and manage FTP accounts. | Requires separate FTP server configuration. |
| Email Accounts | `/emails` | Manage email accounts. | Requires separate mail server configuration. |
| Remote MySQL | `/mysql/remote-mysql` | Allow or block remote MySQL connections. | |
| MySQL Configuration | `/mysql/configuration` | Modify MySQL settings from the panel. | |
| PHP Options | `/php/options` | Edit PHP directives via a user-friendly page. | |
| PHP.INI Editor | `/php/ini` | Directly edit the `php.ini` file. | Applies to any configured PHP version. |
| phpMyAdmin | `/mysql/phpmyadmin` | Manage databases with phpMyAdmin. | |
| Cronjobs | `/cronjobs` | Create, edit, and schedule cron jobs. | |
| WordPress | `/wordpress` | Install and manage WordPress sites. | Managed via WP Manager. |
| Disk Usage Explorer | `/disk-usage` | Visually explore disk usage across directories. | |
| Inodes Explorer | `/inodes-explorer` | View inode usage per directory. | |
| Resources Usage | `/usage` | View Docker container resource usage. | |
| Server Info | `/server/info` | View hosting limits and server details. | |
| Apache/Nginx Configuration | `/server/webserver_conf` | Modify webserver (Apache/Nginx) container configuration. | |
| Change Timezone | `/server/timezone` | Update system timezone settings for containers. | |
| Coraza WAF | `/waf` | Manage Coraza WAF per domain. | Enabled by default for new domains. |
| Fix Permissions | `/fix-permissions` | Fix file ownership and permissions for websites. | |
| DNS | `/dns` | Manage DNS records with a zone editor. | Requires BIND9 server. |
| Domain Redirects | `/domains/redirects` | Manage domain-level redirects. | |
| Malware Scanner | `/malware-scanner` | Scan for malware using ClamAV. | Directory exclusions can be configured. |
| GoAccess | `/domains/logs` | View GoAccess-generated log reports. | |
| Process Manager | `/process-manager` | View and terminate system processes. | |
| Redis | `/cache/redis` | Configure Redis per user. | |
| Memcached | `/cache/memcached` | Configure Memcached per user. | |
| Elasticsearch | `/cache/elasticsearch` | Configure Elasticsearch from the panel. | |
| Opensearch | `/cache/opensearch` | Configure Opensearch from the panel. | |
| Temporary Links | `/websites` | Test websites using temporary OpenPanel subdomains. | Links expire after 15 minutes. |
| Login History | `/account/loginlog` | View history of the last 20 IP logins. | |
| 2FA | `/account/2fa` | Enable Two-Factor Authentication. | |
| Activity Log | `/account/activity` | Review all recorded account actions. | |
## Use Cases
**Feature Sets** are used to control which UI features users can access based on their assigned hosting package. This allows for clear separation between user types and service levels.
### Example 1: Database-Only Plans
Create a feature set named **"MySQL Only"** and enable only MySQL-related features within it.
Assign this feature set to all database-focused hosting packages. For instance:
* One package allows up to **10 databases**.
* Another package allows **unlimited databases** (`0` for no limit).
Despite the difference in limits, all users under these plans will see **only MySQL-related pages** in the UI.
### Example 2: Beginner vs. Advanced Users
Create two separate feature sets:
* **Advanced Users Set**:
Enable features like **Docker** and **PHP.INI Editor** to give experienced users full control—such as setting custom resource limits, restarting services, etc.
* **Beginner Users Set**:
Do **not** enable advanced features. Instead, allow access to a **PHP selector** with limited options. This keeps the UI simple and safe for users with minimal technical experience.
## Feature not showing?
Features are accessible to users [only if the corresponding **Module** is active](/docs/admin/settings/modules/). Modules control which OpenPanel features are available, while **Feature Sets** determine access based on the user's hosting package.
For example, adding the "Docker" feature to a plan does **not** grant access to the Docker (Containers) pages in the UI unless the **Docker module** is also activated under **OpenAdmin > Settings > Modules**.
---
// File: admin/security/basic_auth
# Basic Auth
Enable [Basic Access Authentication](https://en.wikipedia.org/wiki/Basic_access_authentication) as an additional security layer for the OpenAdmin interface.

## Enable
To enable Basic Auth, select **Yes** under **Enable** and click **Save Setting**.
To disable Basic Auth, select **No** under **Enable** and click **Save Setting**.
## Logins
When Basic Auth is enabled, a username and password are required.
Configure the username and password fields, then click **Save Changes** to apply.
---
// File: admin/security/waf
# WAF
The WAF section allows you to manage CorazaWAF, a powerful Web Application Firewall integrated into OpenPanel.
Use this interface to enhance security by enabling protection against common web threats such as SQL injection, XSS, and other malicious behavior.
## Enable
Toggle the Web Application Firewall (WAF) on or off.
When enabled, CorazaWAF inspects incoming requests in real time and blocks suspicious activity according to the configured rules.
- **Enabled**: Executes the command `opencli waf enable`, activating [the WAF module](/docs/admin/settings/modules/#waf). This makes WAF manageable by users and automatically enables it for any new domains.
- **Disabled**: Executes the command `opencli waf disable -y`, deactivating [the WAF module](/docs/admin/settings/modules/#waf). This disables WAF management for users and turns off WAF for all existing and new domains.
## Rule Sets
Manage the rule sets that CorazaWAF uses to protect your applications.
**Active:** Displays the number of currently active rule sets (e.g., 21 / 23).
Click **Manage Rules** to enable or disable individual WAF rule sets according to your security needs.
The rule set table includes the following columns:
- **Name** – The name or identifier of the rule set.
- **Number of Rules** – Total number of rules contained within the set.
- **Status** – Indicates whether the rule set is currently enabled or disabled.
- **Actions** – Options to View rule details or Disable the rule set.
Properly configuring WAF rules helps maintain a balance between strong protection and minimizing false positives.
---
// File: admin/security/firewall
# Firewall
OpenPanel supports [Sentinel Firewall](https://sentinelfirewall.org/) - a fork of the *ConfigServer Security and Firewall* (CSF).
## CSF
Firewall (CSF) UI is displayed on **OpenAdmin > Firewall**.
For instructions on how to use the CSF UI, please refer to [Sentinel Firewall official documentation](https://sentinelfirewall.org/docs/usage/introduction/).

## External Firewall
Some cloud providers, like [Hetzner](https://docs.hetzner.com/robot/dedicated-server/firewall/), offer their own external firewalls. If you are using an external firewall, ensure the following ports are open for OpenPanel services to be accessible: `53` `80` `443` `2083` `2087` `32768:60999`
If you are [using a custom port for OpenPanel instead of the default 2083](/docs/admin/settings/general/#change-openpanel-port), ensure that port is open as well.
---
// File: admin/security/imunify
# ImunifyAV
[ImunifyAV](https://cloudlinux.zendesk.com/hc/en-us/articles/4716287786396-Imunify360-Standalone-installation-guide-with-integration-conf-examples) enhances your server’s security by allowing you to scan user website files for malicious content.
> Note: Imunify, its trademarks, and all related assets are the property of [CloudLinux Zug GmbH](https://cloudlinux.com/).
## Install
Starting version 1.5.4 - ImunifyAV is included with OpenPanel by default.
If you are using an older version, to install, run:
```bash
opencli imunify install
```
This command installs the latest PHP version, the *imunify360-agent*, and configures access through OpenAdmin.
## Start
To start the Imunify graphical interface, use:
```bash
opencli imunify start
```
## Login
Access the Imunify GUI from **OpenAdmin > Security > Imunify**.
## Manage
Imunify allows you to scan user files and detect any malicious content.
----
> For more usage examples refer to [How-to Guides > Setting Up ImunifyAV](/docs/articles/security/setup-imunifyav/).
---
// File: admin/security/disable-admin
# Disable OpenAdmin
As an advanced security measure, OpenPanel allows you to completely disable the OpenAdmin interface and its related admin service.
By enabling this option, access to OpenAdmin will be blocked, preventing any further administrative changes through the UI. This is particularly useful for hardened production environments where direct UI access is unnecessary or unwanted.
Use this feature with caution — re-enabling OpenAdmin access will require manual intervention via server-side configuration. To enable access to the OpenAdmin: `opencli admin on`
---
// File: admin/services/status
# Service Status
The Service Status section allows you to view and control the status of system services and containers running on your server.
This table provides key details for each service:
* **Service** – Display name of the service.
* **Status** – Indicates if the service is active or inactive.
* **Version** – Current version (if available).
* **Real Name** – Internal service name or container name (e.g., admin for OpenAdmin).
* **Type** – Identifies whether the service is a system process or a container.
* **Port** – Lists the ports used by the service.
* **Monitoring** – Shows whether the service is actively being monitored and logged.
* **Action** – Options to start, stop, or restart the service.
## Edit Services
You can customize which services appear and are manageable from this section by clicking the **Edit Services** button.
Services are configured in JSON format:
* **name** – Display name for the service.
* **type** – Either `system` or `container`.
* **real_name** – Internal service or container identifier.
Default OpenPanel services are actively monitored by SentinelAI, which will try to diagnose and restart failed services automatically. If you manually stop a service, remember to disable this monitoring feature via the [OpenAdmin Notifications](/docs/admin/notifications/) page.
---
// File: admin/services/ftp
# FTP Accounts
The FTP Accounts section allows you to view and manage all FTP sub-accounts associated with OpenPanel users.
Use this tool to create, review, or remove FTP access for specific directories, ensuring secure and controlled file transfers.
The FTP service must be running for accounts to function properly.
The table includes the following details:
- **Account** – Username of the FTP account.
- **Owner** – The OpenPanel user account that owns the FTP account.
- **Path** – The file system path to which the FTP account has access.
- **Action** – Options to manage each account (e.g., delete or edit access).
The list of FTP sub-accounts is periodically refreshed in line with the `opencli ftp-users` cronjob schedule.
---
// File: admin/services/logs
# View Log Files
The *OpenAdmin > Services > View Log Files* feature enables Administrators to access and monitor logs for both OpenPanel and system services.

## How to View Log Files
Navigate to *Services > View Log Files*
Select the log file you would like to view and optionally number of lines from the file.
After selecting a log file, two new buttons appear under the log content:
- *Delete* - will empty the file contents
- *Download* - will download the entire log file to your browser.
## Settings
This functionality supports modularity by allowing customization of the log files displayed in the viewer.
List of default log files: https://raw.githubusercontent.com/stefanpejcic/openpanel-configuration/main/openadmin/config/log_paths.json
To define custom log files for the viewer, click on the 'Settings' link next ot the heading. IN the form edit the json and click on 'Save'.
---
// File: admin/services/limits
# Service Limits
The **Service Limits** section allows Administrators to view and adjust the allocated CPU and Memory resources for system services.
---
To update limits, enter new values in the fields for the appropriate service.
> **Note:** The service must be stopped and restarted for the new limits to take effect.
**Available Services**:
- openpanel
- caddy
- mysql
- clamav
- redis
- bind9
- ftp
---
To edit limits via the terminal, modify the `/root/.env` file directly.
---
// File: admin/settings/general
# General Settings
From this page Administrators can configure the domain to access both OpenPanel and OpenAdmin interfaces, as well as ports for those services.

## Domain
To enable access to both OpenAdmin and OpenPanel through a domain name, such as srv.your-domain.com:2083, follow these three steps:
1. Set hostname:
Set the desired subdomain as server hostname:
```
hostnamectl set-hostname server.example.net
```
2. Configure DNS:
Point the subdomain to the public IP of the server.
Use a tool such as https://www.whatsmydns.net/ to check that domain is pointed to server ip.
3. Set in General Settings
Set the domain name in *OpenAdmin > Settings > General Settings*.
:::info
You can also [set a separate domain just for OpenPanel UI](/docs/articles/dev-experience/separate-domain-for-openpanel-access)
:::
## Set IP address for OpenPanel
To access OpenPanel and OpenAdmin via server public IP address, set IP address in *OpenAdmin > Settings > General Settings*.
## Ports
Port configurations for OpenAdmin and OpenPanel interfaces can be modified from their default settings (`2087` for OpenAdmin and `2083` for OpenPanel).
- To change the port for the OpenPanel from the default `2083` to another value, set the desired port in the "OpenPanel Port" field.
- To change the port for the OpenAdmin from the default `2087` to another value, set the desired port in the "OpenAdmin Port" field.
## Redirect
By default, when users add a domain, the addition of "/openpanel" to the domain URL will redirect them to the OpenPanel interface. However, you have the flexibility to customize this, such as changing it to "/awesome," allowing users to access their OpenPanel via "their-domain.com/awesome".
To change the "/openpanel" to something else, simply set the value for the "OpenPanel is also available on:" field and click on save. Changes take effect instantly without service interruption.
---
// File: admin/settings/openpanel
# OpenPanel
Configure nameservers, branding, and UI display settings for the OpenPanel interface.
---
## Branding
Customize the appearance of OpenPanel to match your brand:
- **Brand Name**
Set a custom name to appear in the OpenPanel sidebar and on login pages by entering it in the **"Brand name"** field.
- **Logo**
Display a logo instead of the brand name by providing a URL to the image in the **"Logo image"** field.
Supported formats: `.png` or `.svg`
**Recommended size:** `200px × 36px`
- **Logout URL**
Specify the URL users are redirected to after logging out from the panel (typically your main website).
## Nameservers
- ns1
- ns2
- ns3
- ns4
[Guide on how to properly configure nameservers](/docs/articles/domains/how-to-configure-nameservers-in-openpanel)
## Display
Additional display settings include:
- **Avatar Type:** Choose between Gravatar, Letter, or Icon for user avatars.
- **Charts Mode for Resource Usage:** Select to show 1 chart, 2 charts, or no charts on the Resource Usage page.
- **Check Passwords Against Weakpass.com:** When enabled, user passwords during account creation and reset are verified against Weakpass.com’s list of compromised passwords.
- **Enable Password Reset:** Allow users to reset passwords via the login form (not recommended for security reasons).
- **Display 2FA Widget:** Show a message on users' dashboards encouraging them to enable Two-Factor Authentication for enhanced security.
- **Enforce 2FA:** On login redirects users to 2FA setup page and prevents them from accessing other pages until 2FA is configured.
- **Display How-to Guides Widget:** Display helpful how-to articles on users’ dashboard pages.
- **Display Link to Report Bugs:** Show a “Found a bug? Let us know” link at the bottom of all user pages for easy bug reporting.
- **Display Country Flag Icons:** Show country flags next to the last login IP in the OpenPanel dashboard.
## File Manager
Configure the following settings for the File Manager:
- **Max File Size for Viewer:** Maximum file size (in MB) allowed to be opened in the Viewer. Recommended maximum is 20 MB.
- **Max File Size for Editor:** Maximum file size (in MB) allowed to be opened in the Code Editor. Recommended maximum is 10 MB.
- **Max File Size for Upload:** Maximum file size (in MB) allowed to be uploaded via the File Manager. Recommended maximum is 2000 MB.
- **Max File Size for Download:** Maximum file size (in MB) allowed to be downloaded via the File Manager. Recommended maximum is 2000 MB.
- **Auto-Purge Trash After:** Number of days files remain in the user’s trash bin before automatic deletion. Setting to 0 disables auto-purge. Recommended setting is 30 days.
- **Max Time for Compress Process:** Maximum number of minutes before aborting archive compression processes. Recommended to keep this to a few minutes.
- **Max Time for Extract Process:** Maximum number of minutes before aborting archive extraction processes. Recommended to keep this to a few minutes.
- **Enable View and Edit Options for (textual) Extensions:** Specify file extensions allowed to be opened and edited in the File Manager (should be textual file types).
- **Enable View Option for (base64 image) Extensions:** Specify image file extensions that can be displayed using base64 encoding in the Viewer.
- **Enable Extract and Archive Options for (archives) Extensions:** Specify archive file extensions that can be extracted using the File Manager.
## Statistics
Configure the following settings related to user login attempts, session management, and data retention:
- **Failed Logins per Minute Before User is Rate-Limited:** Number of failed login attempts allowed per minute from a single IP before that IP is temporarily rate-limited to prevent brute-force attacks.
- **Failed Logins per Minute Before User is Blocked for 1 Hour:** Threshold of failed login attempts per minute that triggers a 1-hour block for the offending IP address.
- **Session Duration (in Minutes):** Length of time a user session remains active before requiring re-authentication.
- **Session Lifetime (in Minutes):** Total maximum lifetime of a session, after which the user will be logged out regardless of activity.
- **Login Records to Keep per User:** Number of recent login attempts stored per user for audit and security tracking purposes.
- **Activity Records to Store per User:** Maximum number of user activity logs retained for reviewing past actions within the panel.
- **Activity Items per Page:** Number of activity log entries displayed per page in the user interface.
- **Resource Usage Items to Display per Page:** Number of resource usage records shown per page when viewing user or system resource statistics.
- **Resource Usage Items to Log per User:** Number of resource usage entries recorded and stored per user for historical analysis.
- **Domains per Page:** Number of domain entries displayed per page in domain management lists.
---
// File: admin/settings/api
# API Access
Use the API Access page to test API calls, view request/response examples, monitor API logs, and experiment with endpoints in a simple interface.
To begin:
1. **Enable API Access**
Toggle the Enable API Access option to activate the interface for testing API requests.
3. **Fill the Request Form**
Once enabled, you will see a form with the following fields:
- **Method** – Choose the HTTP method.
- **URL** – Enter the API endpoint you wish to call.
- **USERNAME** - Enter admin username.
- **PASSWORD** - Enter admin password.
- **TOKEN** – token that was generated with username and password combination.
- **DATA** – (Optional) Provide any data or parameters required by the endpoint.
5. **Send Request**
Click the Send Request button to execute the API call.
7. **View API Logs and Curl command**
After making a request, the response, curl command and log details will appear at the bottom. This includes request info, server response, status codes, and any error messages.
For full API reference and additional endpoints, please refer to [OpenAdmin API Specification](/docs/articles/dev-experience/openadmin-api).
---
// File: admin/settings/defaults
# Defaults
From **OpenAdmin > Settings > Defaults** Administrators can edit values for the `docker-compose.yml` and `.env` files used for new users.

These files determine services and limits for new users.
> [How to setup Apache, Nginx, OpenResty, OpenLiteSpeed, and Varnish as default webserver](/docs/articles/docker/how-to-set-nginx-apache-varnish-per-user-in-openpanel/)
> [How to setup MySQL, MariaDB or Percona for default database type](/docs/articles/docker/how-to-set-mysql-mariadb-per-user-in-openpanel/)
---
Using the 'Advanced' option you can directly edit the files.

In these files you can configure additional services (docker containers) and change defaults for existing services.
Keep in mind that this is intended for advanced users and misconfiguration can cause exposed system ports, user hogging resources or exceeding disk limits.
For more information refer to [How to add custom docker images](/docs/articles/docker/how-to-add-custom-docker-image-for-openpanel-user)
---
// File: admin/settings/modules
# Modules
Modules extend the OpenPanel UI by adding new features and pages. To make a feature available to a user or plan, it must first be activated as a module.
- Modules are **core features** that are already available on installation and are developed by OpenPanel.
- Plugins are custom features that need to be installed and are developed by third-party developers.
Available Modules:
## Notifications
The **`notifications`** module is required to send email notifications to users.
When enabled:
* Emails are sent according to each user’s notification preferences.
* Users can manage their preferences through the OpenPanel UI at: [**Accounts > Email Notifications**](/docs/panel/account/notifications/).
When disabled:
* No emails will be sent, regardless of user preferences.
Customize email notifications:
* To **set default preferences for new users** edit the [`/etc/openpanel/skeleton/notifications.yaml`](https://github.com/stefanpejcic/openpanel-configuration/blob/main/skeleton/notifications.yaml) file.
* To **customize email templates** refer to [Customizing OpenPanel Email Templates](https://community.openpanel.org/d/214-customizing-openpanel-email-templates).
* To **configure custom SMTP** use [OpenAdmin > Settings > Notifications page](/docs/admin/settings/notifications/).
## Account
The **`account`** module is required for users to change their email, password or username.
When enabled:
* Users can change their email, password and username through the OpenPanel UI at: [**Accounts > Settings**](/docs/panel/account/).
When disabled:
* Users can not change their passwords from OpenPanel UI, only from 'Password Reset' on login form, if this option is enabled.
Customize password and username changes:
* To **enable or disable password reset on login forms** edit 'Enable password reset on login' setting from [OpenAdmin > Settings > OpenPanel](/docs/admin/settings/openpanel/).
* To **prevent users from changing their username** edit 'Allow users to change username' setting from [OpenAdmin > Settings > OpenPanel](/docs/admin/settings/openpanel/).
## Sessions
The **`sessions`** module allows users to view and manage their active sessions.
When enabled:
* Users can view all their active sessions, logs and terminate any session through the OpenPanel UI at: [**Accounts > Active Sessions**](/docs/panel/account/active_sessions/).
When disabled:
* Users can not access the *Accounts > Active Sessions* page.
Customize sessions duration:
* To **control session duration** edit 'Session duration' setting from [OpenAdmin > Settings > OpenPanel](/docs/admin/settings/openpanel/#Statistics).
* To **control session lifetime** edit 'Session lifetime' setting from [OpenAdmin > Settings > OpenPanel](/docs/admin/settings/openpanel/#Statistics).
## Locale
The **`locale`** (Languages) module allows users to change panel language.
When enabled:
* Users can change their preferred language for OpenPanel UI from the login page and [**Accounts > Change Language** page](/docs/panel/account/language/).
When disabled:
* Users can not access the *Accounts > Change Language* page to change their locale.
* Users are forced to the Admin defined default locale.
Customize locales:
* To **set the default locale** use [OpenAdmin > Settings > Locales](/docs/articles/accounts/default-user-locales/).
* To **install new locales for users** use the [OpenAdmin > Settings > Locales](/docs/admin/settings/locales/#install-locale).
* To **create a new translation** please see [How to Create a New Locale](/docs/admin/settings/locales/#edit-locale)
## Favorites
The **`favorites`** module allows users to *pin* items in their sidebar menu for quick navigation.
When enabled:
* Users can add pages to favorites with **left-click** on ⭐ icon in top-right corner of the page.
* Users can remove pages from favorites with **right-click** on ⭐ icon in top-right corner of the page.
* Users can access favorites from sidebar menu.
* Users can access the [**Accounts > Favorites** page](/docs/panel/account/favorites/).
When disabled:
* Users can not access the *Accounts > Favorites* page to manage favorites.
* Users are not see favorites in the sidebar nor the ⭐ icon in top-right corner of pages.
Customize favorites:
* To **control the total number of favorites for user** (default is 10) use [`favorites-items` config](https://dev.openpanel.com/cli/config.html#favorites-items).
* To **edit user's favorites from terminal** edit their: `/etc/openpanel/openpanel/core/users/{current_username}/favorites.json` file.
## Varnish
The **`varnish`** module allows users to control varnish caching for their domains.
When enabled:
* Varnish server starts for user and proxies traffic back to their webserver.
* Users can access the [**Caching > Varnish** page](/docs/panel/caching/varnish/).
* Users can enable/disable Varnish service.
* Users can enable/disable Varnish caching per domain.
* Users can view logs for the Varnish service.
When disabled:
* Users do not have access to the *Caching > Varnish* page.
* Varnish is used only if Administrator enabled it for user when creating the account.
Customize options:
* To **enable/disable Varnish for all new users** use [*OpenAdmin > Settings > User Defaults* page and *Enable Varnish Proxy* option](/docs/admin/settings/defaults/).
* To **enable/disable Varnish for a single user** when creating their account use the [**Enable Varnish Cache** option](/docs/articles/docker/how-to-set-nginx-apache-varnish-per-user-in-openpanel/).
* To **change default CPU/RAM for service** use the [*OpenAdmin > Settings > User Defaults* page](/docs/admin/settings/defaults/).
* To **edit the default.vcl file for Varnish** use the [*OpenAdmin > Domains > Edit Domain Templates* page](/docs/admin/settings/defaults/) or edit file: [`/etc/openpanel/varnish/default.vcl`](https://github.com/stefanpejcic/openpanel-configuration/blob/main/varnish/default.vcl).
* To **purge Varnish cache** refer to [How-to Guides > Purging Varnish Cache](/docs/articles/websites/purge-varnish-cache-from-terminal/)
* To **check if Varnish is enabled for domain** refer to [How to check if Varnish Caching is enabled for a domain in OpenPanel?](https://community.openpanel.org/d/207-how-to-check-if-varnish-caching-is-enabled-for-a-domain-in-openpanel)
## Docker
The **`docker`** module allows users to manage and add new docker containers.
When enabled:
* Users can access [**Docker > Containers**](/docs/panel/containers/) page to view and manage services.
* Users can access [**Docker > Containers > New**](/docs/panel/containers/#adding-new-services) page to add new services.
* Users can access [**Docker > Terminal**](/docs/panel/containers/terminal/) page to run docker exec commands.
* Users can access [**Docker > Image Updates**](/docs/panel/containers/image/) page to check for available image updates.
* Users can access [**Docker > Logs**](/docs/panel/containers/logs/) page to view service logs.
* Users can access [**Docker > Change Image Tag**](/docs/panel/containers/change/) page to change images tag.
* Users can access [**Docker > Switch Web Server**](/docs/panel/containers/webserver/) page to switch webservers.
* Users can access [**Docker > Switch MySQL Type**](/docs/panel/containers/mysql/) page to switch mysql/mariadb.
When disabled:
* Users can not access any of the *Docker* pages.
Customize options:
* [Disable the Terminal](/docs/articles/dev-experience/disable-openpanel-web-terminal/)
## Fix Permissions
The **`fix_permissions`** module allows users to reset file/folder permissions.
When enabled:
* Users can access the [**Files > Fix Permissions** page](/docs/panel/files/fix_permissions/).
When disabled:
* Users can not access the *Files > Fix Permissions* page.
## FTP
The **`ftp`** module allows users to create and manage FTP sub-accounts.
When enabled:
* Users can access the [**Files > FTP** page](/docs/panel/files/FTP/) to manage FTP accounts.
When disabled:
* Users can not create and manage FTP accounts.
Customize options:
* To **configure FTP server** refer to [*How-to Guides > Setup FTP](/docs/articles/user-experience/how-to-setup-ftp-in-openpanel/).
* To **edit VSFTPD configuration** edit the [`/etc/openpanel/ftp/vsftpd.conf` file](https://github.com/stefanpejcic/openpanel-configuration/blob/main/ftp/vsftpd.conf).
* To **view all ftp accounts on a server** use the [*OpenAdmin > Services > FTP* page](/docs/admin/services/ftp/).
* To **limit number of ftp accounts per user** edit the ftp accounts limit when creating/editing hosting packages.
## Emails
The **`emails`** module allows users to create and manage Email accounts.
When enabled:
* Users can access the [**Emails** pages](/docs/panel/emails/) to manage Email accounts.
When disabled:
* Users can not create and manage Email accounts.
Customize options:
* To **configure email server** refer to [*How-to Guides > Configure Email Server*](/docs/articles/user-experience/how-to-setup-email-in-openpanel/).
* To **configure email client** refer to [*How-to Guides > How to setup your email client*](/docs/articles/email/how-to-setup-your-email-client/).
* To **view all email accounts on a server** use the [*OpenAdmin > Emails > Email Accounts* page](/docs/admin/emails/).
* To **set up fail2ban** refer to [*How-to Guides > Setup Fail2ban](/docs/articles/email/how-to-setup-fail2ban-mailserver-openpanel/).
* To **set up Rspamd** refer to [*How-to Guides > RSPAMD GUI](/docs/articles/email/rspamd-gui-port-11334/).
* To **set up DKIM for a domain** refer to [*How-to Guides > Setup DKIM](/docs/articles/email/how-to-setup-dkim-for-mailserver/).
* To **limit number of email accounts per user** edit the email accounts limit when creating/editing hosting packages.
## Webmail
The **`webmail`** module allows users to auto-login to Roundcube webmail for their Email accounts.
When enabled:
* Users can access the [**Webmail**](/docs/panel/emails/webmail/) button.
When disabled:
* Users can not auto-login to webmail.
Customize options:
* To **set webmail domain or relay hosts** use the [*OpenAdmin > Emails > Email Settings* page](/docs/admin/emails/settings/).
## Email Filters
The **`email_filters`** module allows users to configure filters and forwarders for their emails.
When enabled:
* Users can access the [**Email Filters** page](/docs/panel/emails/filters/)
When disabled:
* Users can not access the Email Filters page.
## Email Aliases
The **`email_import`** module allows users to forwards mail from a non-existing address to one or more destinations.
When enabled:
* Users can access the [**Email Aliases** page](/docs/panel/emails/aliases/)
When disabled:
* Users can not access the Email Aliases page.
## Address Importer
The **`email_import`** module allows users to import email addresses from a CSV file.
When enabled:
* Users can access the [**Address Importer** page](/docs/panel/emails/import/)
When disabled:
* Users can not access the Address Importer page.
## Address Exporter
The **`email_export`** module allows users to export to CSV file all their email addresses.
When enabled:
* Users can export email addresses by visiting: `/emails/export`
When disabled:
* Users can not access the Address Exporter page.
## Default Address
The **`email_default`** module allows users to create default (catch-all) email addresses.
When enabled:
* Users can access the [**Default Email Address** page](/docs/panel/emails/default_address/)
When disabled:
* Users can not access the Default Email Address page.
## Email Deliverability
The **`email_deliverability`** module allows users to check and validate SPF, DKIM and DMARC records for their domains.
When enabled:
* Users can access the [**Email Deliverability** page](/docs/panel/emails/email_deliverability/) to view DNS records.
When disabled:
* Users can not access the Email Deliverability page.
## MySQL
The **`mysql`** module allows users to create and manage mysql databases.
When enabled:
* MySQL/MariaDB auto-starts when user accesses Databases section, opens phpMyAdmin or installs WordPress.
* Users can access the [**MySQL > Databases** page](/docs/panel/mysql/databases/) to manage databases.
* Users can access the [**MySQL > New Database** page](/docs/panel/mysql/new_db/) to create databases.
* Users can access the [**MySQL > Database Wizard** page](/docs/panel/mysql/wizard/) to create database, user and assign privileges.
* Users can access the [**MySQL > Users** page](/docs/panel/mysql/users/) to manage users.
* Users can access the [**MySQL > New User** page](/docs/panel/mysql/new_user/) to create users.
* Users can access the [**MySQL > Change Password** page](#) to change password for a user.
* Users can access the [**MySQL > Assign User to DB** page](/docs/panel/mysql/assign/) to assign all privileges to user over a database.
* Users can access the [**MySQL > Remove User from DB** page](/docs/panel/mysql/remove/) to revoke all privileges to user over a database.
When disabled:
* Users do not have access to the *MySQL* section.
Customize options:
* To **set mysql or mariadb for all new users** use [*OpenAdmin > Settings > User Defaults* page and *MySQL type* option](/docs/admin/settings/defaults/).
* To **set mysql, percona or mariadb for a single user** when creating their account use the [**MySQL Type** option](/docs/articles/docker/how-to-set-mysql-mariadb-per-user-in-openpanel/).
* To **change default CPU/RAM for service** use the [*OpenAdmin > Settings > User Defaults* page](/docs/admin/settings/defaults/).
* To **restrict access to system users** edit the [`mysql_restricted_usernames`](https://dev.openpanel.com/cli/config.html#mysql-restricted-usernames) setting.
* To **restrict access to system databases** edit the [`mysql_restricted_databases`](https://dev.openpanel.com/cli/config.html#mysql-restricted-databases) setting.
* To **increase the startup time allowed for waiting MySQL to initalize** increase [`mysql_startup_time`](https://dev.openpanel.com/cli/config.html#mysql-startup-time).
How-to guides:
* To **connect to a database** refer to [*How-to Guides > Connecting to MySQL Server from Applications in OpenPanel](/docs/articles/databases/how-to-connect-to-mysql-from-php-applications-in-openpanel/).
* To **troubleshoot errors** refer to [*How-to Guides > How to troubleshoot: Error establishing a database connection](/docs/articles/databases/how-to-troubleshoot-error-establishing-a-database-connection/).
## MySQL Root Password
The **`mysql_root_password`** module allows users to change password for their MySQL root user from the user panel.
When enabled:
* Users can access the [**MySQL > Root Password** page](#) to change root user password.
When disabled:
* Users do not have access to the *MySQL Root Password* page.
## MySQL Show Processes
The **`mysql`** module allows users to create and manage mysql databases.
When enabled:
* Users can access the [**MySQL > Process List** page](/docs/panel/mysql/processlist/) to view all active processes.
When disabled:
* Users do not have access to the *MySQL Process List* page.
## Remote MySQL
The **`remote_mysql`** module allows users to enable/disable remote access to mysql.
When enabled:
* Remote access is disabled by default.
* Random port is allocated per user for their mysql instances.
* Users can access the [**MySQL > Remote Access** page](/docs/panel/mysql/remote/) to enable/disable remote access.
* Users can connect to any database from remote location once the option is enabled.
When disabled:
* Remote access is disabled.
Customize options:
* None
## phpMyAdmin
The **`phpmyadmin`** module allows users to manage phpMyAdmin service.
When enabled:
* phpMyAdmin can be accessed by the user.
* phpMyAdmin is available on a `https://DOMAIN:2053` when domain is set, or `http://IP:8888` when IP is set for panel access.
When disabled:
* Users do not have access to the *phpMyAdmin* service.
Customize options:
* To **change CPU/RAM for phpMyAdmin service** or values: **php_max_execution_time, php_memory_limit, php_upload_limit** use [*OpenAdmin > Services > Service Limits](/docs/admin/services/limits/).
How-to guides:
* To **import tables into a database** refer to [**the Documentation**](/docs/panel/mysql/phpmyadmin/#import-sql-files).
## MySQL Import
The **`mysql_import`** module allows users to import files into their databases.
When enabled:
* Users can access the [**MySQL > Import Database** page](/docs/panel/mysql/import/) to import files into a database.
When disabled:
* Users can not access the *MySQL > Import Database* page.
Customize options:
* To **set the max file size allowed for import** increase [`mysql_import_max_size_gb`](https://dev.openpanel.com/cli/config.html#mysql-import-max-size-gb) value.
How-to guides:
* To **import into a database** refer to [*How-to Guides > Importing a Database](/docs/articles/docker/import-database/).
## MySQL Conf
The **`mysql_conf`** module allows users to edit mysql server configuration.
When enabled:
* Users can access the [**MySQL > Edit Configuration** page](#) to edit service .cnf file.
When disabled:
* Users can not access the *MySQL > Edit Configuration* page.
Customize options:
* To **set available options for configuration** edit file: [`/etc/openpanel/mysql/keys.txt`](https://github.com/stefanpejcic/openpanel-configuration/blob/main/mysql/keys.txt).
* To **edit the mysql.cnf file for a single user** edit file: `/home/${username}/custom.cnf`.
* To **edit the mysql.cnf file for all new users** edit file: [`/etc/openpanel/mysql/user.cnf`](https://github.com/stefanpejcic/openpanel-configuration/blob/main/mysql/user.cnf).
## Remote PostgreSQL
The **`remote_postgresql`** module allows users to enable/disable remote access to PostgreSQL.
When enabled:
* Remote access is disabled by default.
* Random port is allocated per user for their PostgreSQL instances.
* Users can access the [**PostgreSQL > Remote Access** page](#) to enable/disable remote access.
* Users can connect to any database from remote location once the option is enabled.
When disabled:
* Remote access is disabled.
Customize options:
* None
## pgAdmin
The **`pgadmin`** module allows users to manage pgAdmin service.
When enabled:
* pgAdmin can be managed by the user.
* Users have access to the *pgAdmin* section.
* pgAdmin is available on a custom per-user port.
When disabled:
* Users do not have access to the *pgAdmin* section.
Customize options:
* To **change default CPU/RAM for pgAdmin** use the 'manage' button in top-rgiht corner.
## PostgreSQL Import
The **`postgresql_import`** module allows users to import files into their databases.
When enabled:
* Users can access the [**PostgreSQL > Import Database** page](#) to import files into a database.
When disabled:
* Users can not access the *PostgreSQL > Import Database* page.
Customize options:
* None
## PostgreSQL Conf
The **`postgresql_conf`** module allows users to edit PostgreSQL server configuration.
When enabled:
* Users can access the [**PostgreSQL > Edit Configuration** page](#) to edit service .cnf file.
When disabled:
* Users can not access the *PostgreSQL > Edit Configuration* page.
## Crons
The **`crons`** module allows users to schedule [Ofelia](https://hub.docker.com/r/mcuadros/ofelia) cron jobs.
When enabled:
* Users can access the [**Advanced > Cron Jobs** page](/docs/panel/advanced/cronjobs/).
* Users can [add cronjobs](/docs/panel/advanced/cronjobs/#add)
* Users can [edit cronjobs](/docs/panel/advanced/cronjobs/#edit)
* Users can [view logs for cronjobs](/docs/panel/advanced/cronjobs/#logs)
* Users can [edit crons file](/docs/panel/advanced/cronjobs/#file-editor)
* Users can [import and export cronjobs](/docs/panel/advanced/cronjobs/#import--export)
When disabled:
* Users can not access the *Advanced > Cron Jobs* page nor modify crons.
Customize options:
* To **pre-set cronjobs for new users** edit the `/etc/openpanel/ofelia/users.ini` file.
* To **set max file size for the cron file to be editable via OpenPanel UI** set the [`cron_max_file_size_kb`](https://dev.openpanel.com/cli/config.html#cron-max-file-size-kb) value.
## Process Manager
The **`process_manager`** module allows users to view and terminate processes from all running services.
When enabled:
* Users can access the [**Advanced > Process Manager** page](/docs/panel/advanced/process_manager/).
When disabled:
* Users can not access the *Advanced > Process Manager* page.
Customize options:
* None
## Server Info
The **`info`** module allows users to view server information, hosting plan information and OpenPanel information.
When enabled:
* Users can access the [**Advanced > Server Information** page](/docs/panel/advanced/server_info/).
When disabled:
* Users can not access the *Advanced > Server Information* page.
Customize options:
* None
## Temporary Links
The **`temporary_links`** module allows users to test their websites using temporary subdomains (links are valid for 15 minutes).
When enabled:
* Users can access the [**Live Preview** button on the Site Manager](/docs/panel/applications/wordpress/#temporary-link).
When disabled:
* Users can not access the *Live Preview* button on the Site Manager page.
Customize options:
* To **self-host a proxy service** - refer to [How-to Guides > Temporary Links API](/docs/articles/dev-experience/selfhosted-temporary-links-api/).
* To **configure a custom domain** - update the [`temporary_links` option](https://dev.openpanel.com/cli/config.html#temporary-links).
## Login History
The **`login_history`** module allows users to view login history for their account.
When enabled:
* Users can access the [**Account > Login History** page](/docs/panel/account/login_history/).
When disabled:
* Users can not access the *Account > Login History* page.
Customize options:
* To **control number of logins stored per user** edit 'Login records to keep per user' setting from [OpenAdmin > Settings > OpenPanel](/docs/admin/settings/openpanel/#Statistics).
## 2FA
The **`twofa`** module allows users to enable 2 factor authentication for their account.
When enabled:
* Users can access the [**Account > Two-Factor Authentication** page](/docs/panel/account/2fa).
* 2FA is required on login page if account has enabled it.
When disabled:
* Users can not access the *Advanced > Two-Factor Authentication* page nor manage 2FA.
Customize options:
* To **enable 2FA widget** use [*OpenAdmin > Settings > OpenPanel* page and *Display 2FA widget* option](/docs/admin/settings/openpanel/).
* To **enforce 2FA for all users** use [*OpenAdmin > Settings > OpenPanel* page and *Enforce 2FA* option](/docs/admin/settings/openpanel/).
* To **check 2FA status for a user** refer to [How to check if 2FA is active for OpenPanel user account?](https://community.openpanel.org/d/220-how-to-check-if-2fa-is-active-for-openpanel-user-account).
## Passkeys
The **`passkeys`** module allows users to seup [Passkeys](https://safety.google/intl/en_in/safety/authentication/passkey/) for their account.
NOTE: Passkeys require that a domain name is used for panel access.
When enabled:
* Users can access the [**Account > Passkeys** page](/docs/panel/account/passkeys).
* 'Sign up with Passkey' is shown on login page.
When disabled:
* Users can not login using Passkeys.
## Activity
The **`activity`** module allows users to view their activity logs.
When enabled:
* Users can access the [**Account > Activity Log** page](/docs/panel/account/account_activity).
When disabled:
* Users can not access the *Account > Activity Log* page.
Customize options:
* To **edit activity log from terminal** open file: `/etc/openpanel/openpanel/core/users/{username}/activity.log`.
* To **set total number of lines per user** edit `activity_lines_retention` setting.
* To **set total size of log per user** edit `activity_max_size_bytes` setting.
* To **log actions from 3rd-party plugin** refer to: [*How to log actions from Custom Plugins in user Activity Log*](https://community.openpanel.org/d/218-how-to-log-actions-from-custom-plugins-in-user-activity-log)
## Backups
The **`backups`** module allows users to m=configure their own backups: what to backup, destination, retention, schedule, etc.
When enabled:
* Users can access the [**Files > Backups** page](/docs/panel/files/backups/).
* Users can configure backup schedule, encryption, retention and destination.
When disabled:
* Users do not have access to the *Files > Backups* page.
* [Administrators need to configure backups for the user](/docs/articles/backups/configuring-backups/#1-admin-configured).
## Services
The **`services`** module allows users to enable/disable services without the Docker module.
When enabled:
* Users can access the [**Advanced > Services** page](/docs/panel/advanced/services/).
* Users can enable/disable services.
* User view current service status, resource usage (CPU%, Memory%, Disk I/O, PIDs..), container name (to be used to connect to service from other containers).
* Users can view logs for services.
When disabled:
* Users do not have access to the *Advanced > Services* page.
## Memcached
The **`memcached`** module allows users to enable/disable Memcached service.
When enabled:
* Users can access the [**Caching > Memcached** page](/docs/panel/caching/memcached/).
* Users can enable/disable Memcached service.
* User can connect to the instance from other containers using: `elasticsearch:11211`
* Users can view logs for the Memcached service.
When disabled:
* Users do not have access to the *Caching > Memcached* page.
## Redis
The **`redis`** module allows users to enable/disable Redis service.
When enabled:
* Users can access the [**Caching > Redis** page](/docs/panel/caching/redis/).
* Users can enable/disable Redis service.
* User can connect to the instance from other containers using: `redis:6379`
* Users can view logs for the Redis service.
When disabled:
* Users do not have access to the *Caching > Redis* page.
## Valkey
The **`valkey`** module allows users to enable/disable Valkey service.
When enabled:
* Users can access the [**Caching > Valkey** page](/docs/panel/caching/valkey/).
* Users can enable/disable Valkey service.
* User can connect to the instance from other containers using: `valkey:6379`
* Users can view logs for the Valkey service.
When disabled:
* Users do not have access to the *Caching > Valkey* page.
## ElasticSearch
The **`elasticsearch`** module allows users to enable/disable ElasticSearch service.
When enabled:
* Users can access the [**Caching > ElasticSearch** page](/docs/panel/caching/elasticsearch/).
* Users can enable/disable ElasticSearch service.
* User can connect to the instance from other containers using: `elasticsearch:9200`
* Users can view logs for the ElasticSearch service.
When disabled:
* Users do not have access to the *Caching > ElasticSearch* page.
## OpenSearch
The **`opensearch`** module allows users to enable/disable OpenSearch service.
When enabled:
* Users can access the [**Caching > OpenSearch** page](/docs/panel/caching/opensearch/).
* Users can enable/disable OpenSearch service.
* User can connect to the instance from other containers using: `opensearch:9200`
* Users can view logs for the OpenSearch service.
When disabled:
* Users do not have access to the *Caching > OpenSearch* page.
## Disk Usage Explorer
The **`disk_usage`** module allows users to view disk usage per-directory.
When enabled:
* Users can access the [**Files > Disk Usage** page](/docs/panel/files/disk_usage/).
When disabled:
* Users do not have access to the *Files > Disk Usage* page.
## Inodes Explorer
The **`disk_usage`** module allows users to view disk usage per-directory.
When enabled:
* Users can access the [**Files > Inodes Explorer** page](/docs/panel/files/inodes/).
When disabled:
* Users do not have access to the *Files > Inodes Explorer* page.
## AutoInstaller
The **`autoinstaller`** module allows users to autoinstall WordPress, website Builder, Mautic, Python/NodeJS applications, etc.
When enabled:
* Users can access the [**Websites > Auto Installer** page](/docs/panel/applications/autoinstaller/).
When disabled:
* Users do not have access to the *Websites > Auto Installer* page.
## PHP.INI Editor
The **`php_ini`** module allows users to edit the PNP.INI files using a text editor.
When enabled:
* Users can access the [**PHP > PHP.INI Editor** page](/docs/panel/php/php_ini_editor/).
When disabled:
* Users do not have access to the *PHP > PHP.INI Editor* page.
## WordPress
The **`wordpress`** module allows users to install and manage WordPress websites.
When enabled:
* Users can access the [**Websites > WP Manager** page](/docs/panel/applications/wordpress/).
* Users can [manage WordPress websites using WP Manager](/docs/panel/applications/wordpress/#site-manager).
* WordPress is available on the Autoinstaller page.
* Users can [install WordPress using Auto Installer](/docs/panel/applications/wordpress/#install-wordpress).
* Users can [scan and import existing installations](/docs/panel/applications/wordpress/#scanning-importing-installations).
* Users can [set themes and plugins to auto-install](/docs/panel/applications/wordpress/#themes-and-plugins-sets).
When disabled:
* Users can not access the *Websites > WP Manager* page.
* WordPress is not available in Autoinstaller.
* WordPress websites can not be managed via Openpanel.
Customize options:
* To **auto install themes or plugins on new installations** refer to: [*WordPress Themes and Plugins Sets*](/docs/articles/websites/wordpress-plugins-themes-sets-in-openpanel/)
* To **add a custom Google PageSpeed Insights API Key** refer to: [*How-to Guides > Google PageSpeed Insights API Key*](/docs/articles/websites/google-pagespeed-insights-api-key/)
* To **setup a mu-plugin on all new websites** edit `/etc/openpanel/wordpress/mu-plugin.php` file.
* To **set a custom WP-CLI for all websites** replace the `/etc/openpanel/wordpress/wp-cli.phar` file.
* To **customize .htaccess files used for new websites** edit files in `/etc/openpanel/wordpress/htaccess/` folder.
## Website Builder
The **`website_builder`** module allows users to create simple websites using the HTML Drag & Drop Website Builder.
When enabled:
* Users can access the [**Websites > Website Builder** page](/docs/panel/applications/builder/).
* Users can [manage static websites using Site Manager](/docs/panel/applications/builder/#edit-website).
* Website Builder is available on the Autoinstaller page.
* Users can [create static websites using Auto Installer](/docs/panel/applications/builder/#create-a-website).
When disabled:
* Users can not access the *Websites > Website Builder* page.
* Website Builder is not available in Autoinstaller.
* Static websites can not be managed via Openpanel.
## Mautic
The **`mautic`** module allows users to install and manage Mautic from OpenPanel.
> **NOTE:** This module is no longer actively maintained and should not be used in production (*BETA* tag).
When enabled:
* Users can [manage Mautic websites using Site Manager](/docs/panel/applications/).
* Mautic is available on the AutoInstaller page.
* Users can [install Mautic using the AutoInstaller](/docs/articles/websites/how-to-install-mautic-with-openpanel/).
When disabled:
* Mautic is not available in Autoinstaller.
## ClamAV
The **`malware_scanner`** module starts a ClamAV service and allows users to scan files.
> **NOTE:** This module is no longer actively maintained and should not be used in production (*DEPRECATED* tag).
When enabled:
* Users can access the [**Files > Malware Scanner** page](/docs/panel/files/malware-scanner/).
* ClamAV service is started on the server.
When disabled:
* Users can not access the *Files > Malware Scanner* page.
* ClamAV service is not started on the server.
Customize options:
* To **customize the cpu/memory limits for the ClamAV service** refer to: [*OpenAdmin > Services > Service Limits*](/docs/admin/services/limits/).
## Files
The **`filemanager`** module allows users to manage files and folders using the File Manager.
When enabled:
* Users can access the [**Files > File Manager** page](/docs/panel/files/).
* File Manager links are available on other pages: Domains, WP Manager, etc.
When disabled:
* Users can not access the *Files > File Manager* page.
* No links to manage files are shown on other pages.
## Trash
The **`trash`** module allows users to manage their Trash folder.
When enabled:
* Users can access the [**Files > Trash** page](/docs/panel/files/).
* User can delete to trash instead of permanently deleting files.
When disabled:
* Users can not access the *Files > Trash* page.
## Domains
The **`domains`** module allows users to add and manage domains.
When enabled:
* Users can access the [**Domains** page](/docs/panel/domains/).
* Users can manage domains.
* Users can access the 'Domains' sub-pages in the menu.
When disabled:
* Users can not access the *Domains* page.
* Users can not manage domains.
Customize options:
* To **enable HSTS for a domain** refer to: [*How-to Guides > How to Enable HSTS on a Domain in OpenPanel*](/docs/articles/domains/how-to-enable-hsts-on-a-domain-in-openpanel/)
* To **customize default pages** refer to: [*OpenAdmin > Domains > Edit Domain Templates*](/docs/admin/domains/file_templates/)
## Suspend Domains
The **`domain_suspend`** module allows users to suspend/unsuspend website access.
When enabled:
* Users can access the [**Suspend a Domain** page](/docs/panel/domains/suspend/).
* Users can access the [**Unsuspend a Domain** page](/docs/panel/domains/unsuspend/).
When disabled:
* Users can not suspend/unsuspend domains.
Customize options:
* To **customize the suspended domain template** use: [*OpenAdmin > Domains > Edit Domain Templates*](/docs/admin/domains/file_templates/#suspended-website)
## Raw Access Logs
The **`domain_logs`** module allows users to view the raw access log for their domains.
When enabled:
* Users can access the [**Domains > Raw Access Logs** page](/docs/panel/domains/docroot/).
When disabled:
* Users can not access the *Domains > Raw Access Logs* page.
## GoAccess
The **`goaccess`** module runs the GoAccess service on a scheduled basis to process raw domain logs and produce HTML reports accessible through the OpenPanel UI.
When enabled:
* GoAccess service is run on the server.
* Users can access the [**Domains > GoAccess** page](/docs/panel/domains/goaccess/).
When disabled:
* Users can not access the *Domains > GoAccess* page.
Customize options:
* To **disable GoACcess report generation** update the: [*`goaccess_enable` value*](https://dev.openpanel.com/cli/config.html#goaccess-enable)
* To **change how often the reports are generated (default = @daily)** edit the schedule for `domains-stats` cron and the [`goaccess_schedule` value](https://dev.openpanel.com/cli/config.html#goaccess-schedule).
* To **generate the data manually** execute `domains-stats` cron.
* To **force regeneration of the reports* refer to: [*OpenCLI Documentation > Parse domain access logs*](https://dev.openpanel.com/cli/domains.html#Parse-domain-access-logs).
## Docroot
The **`docroot`** module allows users to set a custom docroot (folder) when adding domains, and later change the path.
When enabled:
* Users can access the [**Domains > Change Docroot** page](/docs/panel/domains/docroot/).
* Users can set a custom docroot when adding a domain.
When disabled:
* Users can not set a custom docroot when adding a domaina, and can not later change the docroot.
## Redirects
The **`redirects`** module allows users to create redirects for domains.
When enabled:
* Users can access the [**Domains > Redirects** page](/docs/panel/domains/redirects/).
When disabled:
* Users can not access the *Domains > Redirects* page.
## Capitalize Domains
The **`capitalize_domains`** module allows users to set a capitalized version fo the domain for dispaly in the OpenPanel.
When enabled:
* Users can access the [**Domains > Capitalize Domains** page](/docs/panel/domains/capitalize/).
When disabled:
* Users can not access the *Domains > Capitalize Domains* page.
## Edit VirtualHosts
The **`edit_vhost`** module allows users to edit the VirtualHosts files for their domains.
When enabled:
* Users can access the [**Domains > Edit VHosts File** page](/docs/panel/domains/vhosts/).
When disabled:
* Users can not access the *Domains > Edit VHosts File* page.
Customize options:
* To **customize the vhost files for Apache/Nginx/OpenLiteSpeed** refer to: [*OpenAdmin > Domains > Edit Domain Templates*](/docs/admin/domains/file_templates/#apache-virtualhost)
## Webserver
The **`webserver_conf`** module allows users to edit the main configuration files for their webservers.
When enabled:
* Users can access the [**Advanced > WebServer Settings** page](/docs/panel/advanced/webserver_settings/).
* Users can edit the `httpd.conf` file for Apache.
* Users can edit the `nginx.conf` file for Nginx/OpenResty.
* Users can edit the `openlitespeed.conf` file for OpenLiteSpeed.
When disabled:
* Users can not access the *Advanced > WebServer Settings* page.
Customize options:
* To **customize the default `httpd.conf` file for Apache** edit `/etc/openpanel/apache/httpd.conf` file.
* To **customize the default `nginx.conf` file for Nginx** edit `/etc/openpanel/nginx/nginx.conf` file.
* To **customize the default `openlitespeed.conf` file for OpenLiteSpeed** edit `/etc/openpanel/openlitespeed/httpd_config.conf` file.
* To **customize the default `nginx.conf` file for OpenResty** edit `/etc/openpanel/openresty/nginx.conf` file.
## DNS
The **`dns`** module runs a local BIND9 service, creates zone files for domains and allows users to manage DNS records.
When enabled:
* BIND9 service is run on the server.
* Users can access the [**Domains > DNS Zone Editor** page](/docs/panel/domains/dns/).
* DNS zone files are created for new domains.
* Users can manage DNS records.
* 'Edit Zone' links are available for domains under the *OpenPanel > Domains* page.
* Administrators can access the [**OpenAdmin > Domains > DNS Cluster** page](/docs/admin/domains/dns-cluster/).
* Administrators can access the [**OpenAdmin > Domains > Edit Zone Templates** page](/docs/admin/domains/dns_templates/).
* Administrators can access the [**OpenAdmin > Domains > DNS Zone Editor** page](/docs/admin/domains/dns/).
When disabled:
* Users can not access the *Domains > DNS Zone Editor* page.
* Administrators can not access the *DNS Zone Editor*, *Edit Zone Templates*, and *DNS Cluster* pages in OpenAdmin.
Customize options:
* To **configure nameservers** refer to: [*How-to Guides > Configure Nameservers*](/docs/articles/domains/how-to-configure-nameservers-in-openpanel/)
* To **customize DNS zone templates** refer to: [OpenAdmin > Domains > Edit Zone Templates](/docs/admin/domains/dns_templates/)
* To **configure a DNS cluster** refer to: [*How-to Guides > DNS Clustering*](/docs/articles/domains/how-to-setup-dns-cluster-in-openpanel/)
## Dynamic DNS
The **`dynamic_dns`** module allows users to create subdomains that will be updated via webhooks.
When enabled:
* Users can access the [**Domains > Dynamic DNS** page](/docs/panel/domains/dynamic-dns/).
When disabled:
* Users can not access the *Domains > Dynamic DNS* page.
## IP Blocker
The **`ip_blocker`** module allows users to block IP addresses from accessing their websites.
When enabled:
* Users can access the [**Advanced > IP Blocker** page](/docs/panel/advanced/ip-blocker/).
When disabled:
* Users can not access the *Advanced > IP Blocker* page.
## WAF
The **`waf`** module runs a custom Caddy image with CorazaWAF and allows users to manage WAF rules and on/off protection per domain.
When enabled:
* `SecRuleEngine On` is set for new domains.
* Users can access the [**Advanced > WAF** page](/docs/panel/advanced/waf/).
* [OWASP CRS](https://github.com/coreruleset/coreruleset) is setup on installation.
* Users can edit WAF rules and enable/disable protection per domain.
* ['Firewall' widget is displayed in Site Manager](/docs/panel/applications/wordpress/#firewall).
When disabled:
* `SecRuleEngine Off` is set for new domains.
* `SecRuleEngine On` is replaced with `SecRuleEngine Off` for all existing domains.
* Users can not access the *Advanced > WAF* page.
* 'Firewall' widget is not displayed in Site Manager.
Customize options:
* [**WAF commmands**](https://dev.openpanel.com/cli/waf.html#CorazaWAF)
## PHP
The **`php`** module allows users to manage PHP versions and settings.
When enabled:
* Users can access the [**PHP > Select PHP Version** page](/docs/panel/php/domains/).
* Users can access the [**PHP > Default Version** page](/docs/panel/php/default/).
* Users can access the [**PHP > Extensions** page](/docs/panel/php/extensions/).
* Users can set PHP version per domain, set default version for new domains, edit options and view installed extensions.
When disabled:
* Users can not access the *Select PHP Version*, *Default Version*, *Options*, *Extensions* pages.
* Users can not set PHP version per domain, set default version for new domains, edit options and view installed extensions.
Customize options:
* To **set the default PHP version to be used for new users** refer to: [*OpenAdmin > Settings > Edit User Defaults > Default PHP version*](/docs/panel/php/options/#available-options)
* To **set default cpu/memory limits for PHP versions and additional PHP options** refer to: [*OpenAdmin > Settings > Edit User Defaults > Services*](/docs/panel/php/options/#available-options)
* To **install a PHP extension** refer to: [*How-to Guides > How to install a PHP extension in OpenPanel*](/docs/articles/websites/how-to-install-php-extensions-in-openpanel/).
* To **increase PHP INI memory_limit** refer to: [*How-to Guides > How to set or increase PHP INI memory_limit or other values?*](/docs/articles/websites/how-to-set-or-increase-PHP-INI-memory-limit-or-other-values/).
* To **set PHP settings per website** refer to: [*How-to Guides > PHP settings per website (folder)*](/docs/articles/websites/php-user-ini-files/).
* To **edit default .INI files** refer to: **OpenAdmin > Settings > PHP Settings > Default PHP.INI Files** or edit files in `/etc/openpanel/php/ini` folder.
## PHP Options
The **`php_options`** module allows users to manage options (limits) for their PHP versions.
When enabled:
* Users can access the [**PHP > Options** page](/docs/panel/php/options/).
When disabled:
* Users can not access the *PHP Options* page.
Customize options:
* To **customize PHP options available to users** refer to: **OpenAdmin > Settings > PHP Settings > Available Options** or edit */etc/openpanel/php/options.txt* file.
## Applications
The **`pm2`** module allows users to setup and manage containerized Python and NodeJS applications.
When enabled:
* Users can access the [**Websites > WP Manager** page](/docs/panel/applications/wordpress/).
* Users can [manage Python and NodeJS applications using Site Manager](/docs/panel/applications/pm2/#manage-applications).
* NodeJS and Python are available on the Autoinstaller page.
* Users can [setup NodeJS and Python applications using Auto Installer](/docs/panel/applications/pm2/#create-an-application).
When disabled:
* NodeJS and Python are not available on the Autoinstaller page.
* NodeJS and Python applications can not be managed via Openpanel.
Customize options:
* To **customize docker service template for new Python applications** edit `/etc/openpanel/docker/compose/python.yml` file.
* To **customize docker service template for new Node.JS applications** edit `/etc/openpanel/docker/compose/nodejs.yml` file.
* To **customize headers for Nginx proxy of new python/node application** edit `/etc/openpanel/nginx/vhosts/1.1/nginx_proxy_headers.txt` file.
* To **add a custom Google PageSpeed Insights API Key** refer to: [*How-to Guides > Google PageSpeed Insights API Key*](/docs/articles/websites/google-pagespeed-insights-api-key/)
## Resources Usage
The **`usage`** module allows users to view resource usage for their services.
When enabled:
* Users can access the [**Advanced > Resource Usage** page](/docs/panel/advanced/resource_usage/).
* Users can [manage Python and NodeJS applications using Site Manager](/docs/panel/applications/pm2/#manage-applications).
* NodeJS and Python are available on the Autoinstaller page.
* Users can [setup NodeJS and Python applications using Auto Installer](/docs/panel/applications/pm2/#create-an-application).
When disabled:
* Users can not access the *Advanced > Resource Usage* page.
Customize options:
* To **edit page settings** refer to: [**OpenAdmin > Settings > OpenPanel > Statistics** page](/docs/admin/settings/openpanel/#statistics).
* To **change how often the stats are collected (default = @hourly)** edit the schedule for `docker-collect_stats --all` cron.
* To **display one combined or separate charts for cpu/ram** edit [`resource_usage_charts_mode` value](https://dev.openpanel.com/cli/config.html#resource-usage-charts-mode).
* To **change the number of items per page** edit [`resource_usage_items_per_page` value](https://dev.openpanel.com/cli/config.html#resource-usage-items-per-page).
* To **rotate the** edit [`resource_usage_retention` value](https://dev.openpanel.com/cli/config.html#resource-usage-retention).
## API
The **`api`** module allows users to access the OpenPanel API using JWT tokens.
When enabled:
* Users can access the [*Account > API Reference* page](/docs/panel/account/api/).
* Users can use the [OpenPanel API](/docs/panel/api/).
When disabled:
* Users can not use the OpenPanel API.
---
// File: admin/settings/updates
# Update Preferences
The Update Preferences page in OpenPanel allows you to manage and control how updates are applied. It is organized into three sections: Current Version, Auto Updates, and Update Logs.
## Current Version
This section displays information about the version of OpenPanel currently installed on your system, as well as the latest available version.
- **Installed Version:** Shows the version of OpenPanel currently running.
- **Latest Version:** Shows the most recent version available for update.
If the installed version matches the latest version, OpenPanel is fully up to date. If not, you can initiate a manual update via a button to upgrade to the latest version.
## Auto Updates
The Auto Updates section lets you configure how OpenPanel should handle updates automatically.
You can select the update policy that best fits your needs:
- **Minor Versions Only:** Automatically apply updates that include only bug fixes and security patches. Major feature updates must be installed manually.
- **Both Minor and Major Versions:** Automatically apply all updates, including new features, bug fixes, and security enhancements.
- **Major Versions Only:** Automatically apply updates that introduce major new features. Bug fixes and security patches will require manual updates.
- **Never:** Disable automatic updates. You will need to manually check for and install all updates.
Choosing the appropriate auto-update setting ensures that OpenPanel remains as stable, secure, and feature-rich as you need it to be.
## Update Logs
The Update Logs section provides a record of all updates that have been applied to OpenPanel.
## Control Updates
For more information about updates, check:
- [How to Enable Automatic Updates for OpenPanel](/docs/articles/install-update/how-to-enable-auto-update-openpanel/)
- [How to Disable Automatic Updates for OpenPanel](/docs/articles/install-update/how-to-disable-auto-update-openpanel/)
- [How to Manually Update OpenPanel](/docs/articles/install-update/how-to-enable-auto-update-openpanel/)
- [How to Skip a Specific OpenPanel Version Update](/docs/articles/install-update/skip-specific-openpanel-version-update)
- [How to Check OpenPanel Version from Terminal](/docs/articles/install-update/how-to-check-openpanel-version)
---
// File: admin/settings/locales
# Locales (Languages)
Manage the languages available to OpenPanel users.

## Install Locale
By default, only the **EN** locale is installed. To enable other locales, they must be installed first.
To install a locale, go to **OpenAdmin > Settings > Locales** and click the **Install** button next to the desired locale.
To install a locale from the terminal, use its locale prefix from [Github](https://github.com/stefanpejcic/openpanel-translations/tree/main) and run:
```bash
opencli locale
```
Example: Install Turkish locale:
```bash
opencli locale tr-tr
```
Example: Install multiple locales:
```bash
opencli locale sr-sr tr-tr zh-cn
```
Example: Install all available locales:
```bash
opencli locale $(curl -s "https://api.github.com/repos/stefanpejcic/openpanel-translations/contents" | jq -r '.[] | select(.type=="dir") | .name' | tr '\n' ' ')
```
## Default Locale
To make a specific locale the default, go to **OpenAdmin > Settings > Locales** and click the **Set Default** button next to the desired locale.
To set a default locale from the terminal:
```bash
echo > /etc/openpanel/openpanel/default_locale
```
Example: Set Turkish as the default:
```bash
echo tr > /etc/openpanel/openpanel/default_locale
```
:::info
Changing the default will **not** automatically update existing users’ settings; their browser preferences and account configurations will take precedence.
For more details, see [How-to Guides > Setting the Default Locale](/docs/articles/accounts/default-user-locales/#setting-the-default-locale).
:::
## Edit Locale
To edit a locale, click the GitHub icon next to it in the table. This opens the source on GitHub, where you can fork the repository and edit the translation file.
## Create a Locale
To create a new locale:
1. Fork [the translations repository](https://github.com/stefanpejcic/openpanel-translations/).
2. Copy the `en_us` folder to a new locale folder, e.g., `es_es`.
3. Translate the `messages.pot` file.
4. Submit a pull request.
---
// File: admin/settings/custom_code
# Custom Code
The Custom Code section, accessible via OpenAdmin > Settings > Custom Code, allows you to inject and manage custom code that extends or modifies the behavior and appearance of the OpenPanel UI.
## Custom CSS
Inject your own CSS styles that will be applied across all pages of the OpenPanel UI.
Stored in `/etc/openpanel/openpanel/custom_code/custom.css` file.
## Custom JS
Add custom JavaScript to all pages. This is ideal for extending UI functionality, adding widgets, or integrating third-party tools.
Stored in `/etc/openpanel/openpanel/custom_code/custom.js` file.
## Code in Header
Insert custom code directly into the head tag of every page. Useful for meta tags, analytics scripts, and global settings.
Stored in `/etc/openpanel/openpanel/custom_code/in_header.html` file.
## Code in Footer
Insert custom code directly into the footer section of all pages. This is commonly used for tracking scripts, analytics, or deferred JavaScript.
Stored in `/etc/openpanel/openpanel/custom_code/in_footer.html` file.
## How-to Articles
Edit Knowledge Base articles displayed in *OpenPanel > Dashboard* page.
Default:
```json
{
"how_to_topics": [
{"title": "How to install WordPress", "link": "https://openpanel.com/docs/panel/applications/wordpress#install-wordpress"},
{"title": "How to enable REDIS Caching", "link": "https://openpanel.com/docs/panel/caching/Redis/#connect-to-redis"},
{"title": "How to create DNS records", "link": "https://openpanel.com/docs/panel/domains/dns/#create-record"},
{"title": "How to create a new MySQL database", "link": "https://openpanel.com/docs/panel/databases/#create-a-mysql-database"},
{"title": "How to add a Cron Job", "link": "https://openpanel.com/docs/panel/advanced/cronjobs#add-a-cronjob"},
{"title": "How to add a custom SSL Certificate", "link": "https://openpanel.com/docs/panel/domains/ssl/#custom-ssl"}
],
"knowledge_base_link": "https://openpanel.com/docs/panel/intro/?source=openpanel_server"
}
```
## Custom Section
You can add a **custom section** with icon-based items to the *Dashboard* in **OpenPanel**.
custom section supports the following fields:
* **`section_title`** *(string)*:
The title displayed at the top of your custom section.
* **`section_position`** *(string)*:
Determines where your section appears relative to other built-in sections.
Acceptable values:
* `before_files`
* `before_domains`
* `before_mysql`
* `before_postgresql`
* `before_applications`
* `before_emails`
* `before_cache`
* `before_php`
* `before_docker`
* `before_advanced`
* `before_account`
* **`items`** *(array of objects)*:
A list of clickable items shown as cards with icons. Each item has:
* **`label`** *(string)* – The text shown on the card.
* **`icon`** *(string)* – The icon class from [Bootstrap Icons](https://icons.getbootstrap.com/). Example: `bi bi-person-fill-gear`.
* **`url`** *(string)* – The link to navigate to when the item is clicked.
Example:
```json
{
"section_title": "Billing Account",
"section_position": "before_domains",
"items": [
{
"label": "Manage Profile",
"icon": "bi bi-person-fill-gear",
"url": "https://panel.hostio.rs/clientarea.php?action=details"
},
{
"label": "Manage Billing Information",
"icon": "bi bi-credit-card",
"url": "https://panel.unlimited.rs/clientarea.php?action=details"
},
{
"label": "View Email History",
"icon": "bi bi-envelope-open",
"url": "https://panel.unlimited.rs/clientarea.php?action=emails"
},
{
"label": "News & Announcements",
"icon": "bi bi-megaphone-fill",
"url": "https://panel.unlimited.rs/index.php?rp=/announcements"
},
{
"label": "Knowledgebase",
"icon": "bi bi-book-half",
"url": "https://panel.unlimited.rs/index.php?rp=/knowledgebase"
},
{
"label": "Server Status",
"icon": "bi bi-hdd-network",
"url": "https://panel.unlimited.rs/serverstatus.php"
},
{
"label": "Invoices",
"icon": "bi bi-receipt",
"url": "https://panel.unlimited.rs/clientarea.php?action=invoices"
},
{
"label": "Support Tickets",
"icon": "bi bi-life-preserver",
"url": "https://panel.unlimited.rs/supporttickets.php"
},
{
"label": "Open Ticket",
"icon": "bi bi-journal-plus",
"url": "https://panel.unlimited.rs/submitticket.php"
},
{
"label": "Register New Domain",
"icon": "bi bi-globe",
"url": "https://panel.unlimited.rs/cart.php?a=add&domain=register"
},
{
"label": "Transfer Domain",
"icon": "bi bi-arrow-repeat",
"url": "https://panel.unlimited.rs/cart.php?a=add&domain=transfer"
}
]
}
```
## PageSpeed API Key
If set, this API key will be used to fetch data from Google PageSpeed Insights.
---
## WordPress Plugins Set
List the WordPress plugins you want to automatically install on all new WordPress sites.
Enter one item per row. Supported formats:
* **wp\_org\_slug** — the plugin slug from the WordPress.org plugin page
* **URL** — a direct link to a `.zip` plugin file hosted online
## WordPress Themes Set
List the WordPress themes to automatically install for all new WordPress sites.
Enter one item per row. Supported formats:
* **wp\_org\_slug** — the theme slug from the WordPress.org themes page
* **URL** — a direct link to a `.zip` theme file hosted online
## Forbidden Usernames
List of usernames that can not be used.
## Restricted Domains
Administrators can restrict the usage of specific domains by adding one domain per line.
Example:
```bash
facebook.com
openpanel.com
pejcic.rs
openpanel.org
demo.openpanel.org
```
Stored in `/etc/openpanel/openpanel/conf/domain_restriction.txt` file.
## After Update
Define custom bash commands that will automatically run after each OpenPanel update. Ideal for restoring customizations or triggering automation scripts.

This powerful customization layer helps ensure OpenPanel fits seamlessly into your environment.
Examples:
- [Custom email templates](https://community.openpanel.org/d/214-customizing-openpanel-email-templates)
- [Custom OpenAdmin color scheme](https://community.openpanel.org/d/216-customizing-openadmin-color-scheme)
Stored in `/root/openpanel_run_after_update` file.
## Before Startup
Add custom bash code to be executed before starting OpenPanel.
Stored in `/root/openpanel_run_on_startup` file.
---
// File: admin/settings/php
# PHP Settings
Manage the default PHP version and configuration files for new user accounts.
### Available Options
These options determine which PHP settings users can modify from their **OpenPanel > PHP Options** page.
The default editable options include:
```
allow_url_fopen
date.timezone
disable_functions
display_errors
error_reporting
file_uploads
log_errors
max_execution_time
max_input_time
max_input_vars
memory_limit
open_basedir
output_buffering
post_max_size
short_open_tag
upload_max_filesize
zlib.output_compression
```
### Default PHP.INI Files
Here you can edit the PHP.INI configuration files that will be applied to new user accounts.
Select a PHP version to open its php.ini file for editing. After making changes, click **Save** to apply them.
To revert to the original PHP.INI settings, click **Restore Default**, then click **Save**.
---
// File: admin/settings/notifications
# Notifications
Configure OpenAdmin notifications and Email alerts settings.
To view or edit current notification settings, go to **OpenAdmin > Settings > Notifications** or click the 'Edit Settings' button on the Notification page.

To view notification settings, run:
```bash
opencli admin notifications get
---
## Email
Configure email address to be used for receiving system notifications and alerts.
Enter your email address in the **Email for notifications** field. Leave it empty to disable email alerts.
If email address is set, daily usage report will be sent to the address, schedule is configurable from 'Advanced > System Cron Jobs'.

---
## Webhook
Send notifications to a webhook URL (discord or any other).
---
## Services
Receive notifications when services are down or unresponsive. Services are checked every 5 minutes.
- **OpenPanel:** Notification if OpenPanel UI fails.
- **OpenAdmin:** Notification if OpenAdmin UI fails.
- **Caddy:** Notification if webserver is not responding.
- **MySQL:** Notification if database is unreachable.
- **Docker:** Notification if Docker service is down.
- **BIND9:** Notification if DNS service is down or unresponsive.
- **Sentinel Firewall:** Notification if Sentinel (CSF) is disabled.
---
## Resource Usage
Get alerts when resource usage exceeds thresholds (checked every 5 minutes):
* Load Average
* CPU %
* RAM %
* Disk Usage %
* SWAP %
---
## Server actions
Receive notifications when specific server-level actions are detected:
* Server rebooted
* Website under attack
* User reaches plan limit
* OpenAdmin accessed from a new IP address
* New OpenPanel update available
---
## User Actions
Get notified whenever an action occurs in the admin or user panels.
- OpenAdmin enabled/disabled
- API access enabled/disabled
- Admin account created
- Reseller account created
- Admin password changed
- Admin/Reseller renamed
- Admin/Reseller suspended
- Admin/Reseller unsuspended
- WAF enabled/disabled for a domain
- WAF enabled/disabled on the server
- User added
- User deleted
- User suspended/unsuspended
- User email changed
- User IP changed
- User password changed
- User renamed
- FTP account created
- FTP account deleted
- FTP account password change
- Domain added
- Domain deleted
- Domain suspended/unsuspended
- SSL type changed
- HSTS enabled/disabled
---
## SSH Allowlist
Specify IP addresses (or CIDRs) that will be exempt from SSH login checks.
---
## SMTP Settings
By default, email alerts are sent from `noreply@openpanel.com`.
To use your own SMTP server for email delivery, configure the following:
Set server port, TLS or SSL, Username and Password to use for authentication.
Configure each value via `opencli config update` commands, for example:
```bash
opencli config update mail_server example.net
```
```bash
opencli config update mail_port 465
```
```bash
opencli config update mail_use_tls False
```
```bash
opencli config update mail_use_ssl True
```
```bash
opencli config update mail_username user@example.net
```
```bash
opencli config update mail_password strongpassword123
```
```bash
opencli config update mail_default_sender user@example.net
```
---
// File: articles/000_intro
# Start Here
- [Test OpenPanel Demo](/docs/articles/support/how-to-access-openpanel-demo/)
- [How to access OpenAdmin](/docs/articles/dev-experience/how-to-access-openadmin/)
- [How to access Openpanel](/docs/articles/dev-experience/how-to-access-openpanel/)
- [How to Reset a OpenPanel Account Password](/docs/articles/accounts/how-to-reset-openpanel-account-password)
# Billing Integrations
- [FOSSBilling](/docs/articles/extensions/openpanel-and-fossbilling/)
- [WHMCS](/docs/articles/extensions/openpanel-and-whmcs/)
- [Blesta](/docs/articles/extensions/openpanel-and-blesta/)
# Transfers
- [Import account from cPanel backup](/docs/articles/transfers/import-cpanel-backup-to-openpanel/)
- [Transfer OpenPanel accounts to another server](/docs/articles/transfers/transfer-openpanel-account-to-another-server/)
- [Migrate all data to another server](/docs/articles/transfers/migrate-openadmin-to-new-server/)
# Websites
- [Hosting a Static Website with OpenPanel](/docs/articles/websites/hosting-a-static-website-with-openpanel/)
- [How to Install WordPress® With OpenPanel](/docs/articles/websites/how-to-install-wordpress-with-openpanel/)
- [Hosting a PHP Website with OpenPanel](/docs/articles/websites/hosting-a-php-website-with-openpanel/)
- [How to Migrate a WordPress® Installation to OpenPanel](/docs/articles/websites/how-to-upload-wordpress-website-to-openpanel)
- [How to install a PHP extension in OpenPanel](/docs/articles/websites/how-to-install-php-extensions-in-openpanel)
- [Connecting to MySQL Server from Applications in OpenPanel](/docs/articles/databases/how-to-connect-to-mysql-from-php-applications-in-openpanel/)
- [How to set or increase PHP INI memory_limit or other values?](/docs/articles/websites/how-to-set-or-increase-PHP-INI-memory-limit-or-other-values/)
- [403 Error Troubleshooting Guide](/docs/articles/domains/error-on-website-disable-coraza-waf/)
- [404 Error Troubleshooting Guide](/docs/articles/domains/not-found-404-error-troubleshooting)
- [502 Error Troubleshooting Guide](/docs/articles/domains/bad-gateway-502-error-troubleshooting)
- [504 Error Troubleshooting Guide](/docs/articles/domains/gateway-timeout-504-error-troubleshooting)
- [WordPress Themes and Plugins Sets](/docs/articles/websites/wordpress-plugins-themes-sets-in-openpanel)
- [Configure Apache, Nginx, OpenLitespeed per user](/docs/articles/docker/how-to-set-nginx-apache-varnish-per-user-in-openpanel/)
- [Purging Varnish Cache for a Website](/docs/articles/websites/purge-varnish-cache-from-terminal/)
- [WordPress HTTPS behind Varnish Cache](/docs/articles/docker/https-wordpress-behind-varnish-proxy/)
# Databases
- [Configure MySQL, MariaDB or Percona per user](/docs/articles/docker/how-to-set-mysql-mariadb-per-user-in-openpanel/)
- [Set Custom Domain for phpMyAdmin](/docs/articles/databases/phpmyadmin-domain/)
- [Import MySQL Database](/docs/articles/docker/import-database)
- [Use `mysql` or `mariadb` as DB_HOST instead of *localhost*](/docs/articles/databases/how-to-connect-to-mysql-from-php-applications-in-openpanel/)
- [Troubleshooting: Error establishing a database connection](/docs/articles/databases/how-to-troubleshoot-error-establishing-a-database-connection/)
# Configuration
- [Branding and White-Label](/docs/articles/dev-experience/customizing-openpanel-user-interface/)
- [Add a Custom Message for OpenPanel User](/docs/articles/accounts/how-to-add-custom-message-in-openpanel/)
- [Add Custom section with icons in Dashboard](/docs/articles/dev-experience/add-custom-icons-in-openpanel-dashboard/)
- [Troubleshooting OpenPanel UI Errors](/docs/articles/support/how-to-troubleshoot-openpanel-error)
- [Troubleshooting OpenAdmin UI Errors](/docs/articles/support/how-to-troubleshoot-openadmin-error)
# Enterprise
- [Pricing](/docs/articles/license/pricing/)
- [Upgrading license](/docs/articles/license/upgrade_to_openpanel_enterprise_and-activate_license/)
- [Downgrading license](/docs/articles/license/how_to_downgrade_openpanel_license/)
- [How license expiration affects OpenPanel](/docs/articles/license/what_happens_when_openpanel_enterprise_license_expires/)
- [How to cancel a license](/docs/articles/license/hot_to_cancel_openpanel_license/)
- [Refund Policy](/docs/articles/license/openpanel-refund-policy/)
- [Licenses for educational or non-profit organizations](/docs/articles/license/openpanel_enterprise_for_nonprofits/)
# Domains
- [Domain Shows Default Page](/docs/articles/domains/domain-shows-default-page/)
- [How to configure Nameservers](/docs/articles/domains/how-to-configure-nameservers-in-openpanel)
- [How to configure a DNS Cluster](/docs/articles/domains/how-to-setup-dns-cluster-in-openpanel)
- [How to Enable HSTS on a Domain in OpenPanel](/docs/articles/domains/how-to-enable-hsts-on-a-domain-in-openpanel)
- [Troubleshooting DNS](/docs/articles/domains/troubleshooting-dns)
- [Troubleshooting Caddy Webserver](/docs/articles/docker/troubleshooting-caddy-webserver)
# Files
- [How to configure FTP server](/docs/articles/user-experience/how-to-setup-ftp-in-openpanel/)
- [How to configure TLS for the FTP server](/docs/articles/user-experience/how-to-setup-tls-ftp-in-openpanel/)
# Security
- [Configuring ImunifyAV](/docs/articles/security/setup-imunifyav/)
- [Rate-limiting access to OpenPanel or OpenAdmin](/docs/articles/dev-experience/rate_limiting_for_openpanel/)
- [Restrict access to OpenAdmin](/docs/articles/dev-experience/limit_access_to_openadmin/)
- [Disable the Terminal feature in OpenPanel](/docs/articles/dev-experience/disable-openpanel-web-terminal/)
- [Disable the Terminal feature in OpenAdmin](/docs/articles/dev-experience/disable-openadmin-web-terminal/)
- [Disable the Server Reboot feature in OpenAdmin](/docs/articles/dev-experience/disable-openadmin-server-reboot/)
- [Limiting Connections with CSF](/docs/articles/security/how-to-limit-connections-csf)
- [CSF Blocklists](/docs/articles/security/csf-blocklists/)
# Emails
- [How to setup email on iPhone](/docs/articles/email/how-to-setup-email-on-iphone)
- [How to setup email on Android](/docs/articles/email/how-to-setup-email-on-android)
- [How to setup email on Apple Mail app](/docs/articles/email/how-to-setup-email-on-apple-mail-app)
- [How to setup email on Thunderbird](/docs/articles/email/how-to-setup-email-on-thunderbird)
- [How to setup email on Outlook 365 desktop app](/docs/articles/email/how-to-setup-email-on-outlook-365-desktop-app)
- [How to setup email on Gmail using desktop / browser](/docs/articles/email/how-to-setup-email-in-gmail)
- [IMAP vs POP3 - which to use?](/docs/articles/email/imap-vs-pop)
- [How to configure Email server](/docs/articles/user-experience/how-to-setup-email-in-openpanel/)
- [How to enable and access RSPAMD GUI](/docs/articles/email/rspamd-gui-port-11334/)
- [Setup DKIM for Mailserver](/docs/articles/email/how-to-setup-dkim-for-mailserver/)
- [Setup Fail2ban for Mailserver](/docs/articles/email/how-to-setup-fail2ban-mailserver-openpanel/)
- [Offload Email Storage to a Remote NFS Server](/docs/articles/email/how-to-use-remote-server-for-emails-in-openpanel/)
- [Troubleshooting Email Errors](/docs/articles/email/troubleshooting-email-errors/)
# Updates
- [Check Installed Version](/docs/articles/install-update/how-to-check-openpanel-version/)
- [Enable Automatic Updates](/docs/articles/install-update/how-to-enable-auto-update-openpanel/)
- [Disable Automatic Updates](/docs/articles/install-update/how-to-disable-auto-update-openpanel/)
- [Update Manually](/docs/articles/install-update/how-to-manually-update-openpanel/)
- [Skip a specific version](/docs/articles/install-update/skip-specific-openpanel-version-update/)
# Advanced
- [Set Default User Locale](/docs/articles/accounts/default-user-locales/)
- [Configure unlimited CPU and Memory for user](/docs/articles/docker/how-to-remove-resource-limits-for-user-service-containers/)
- [Auto-start Services](/docs/articles/dev-experience/autostart-services/)
- [Restricted Usernames for services](/docs/articles/accounts/forbidden-usernames/)
- [Create a custom plugin](/docs/articles/dev-experience/custom-plugins/)
- [Network Isolation in OpenPanel](/docs/articles/docker/network-isolation-openpanel/)
- [Volume Management in OpenPanel](/docs/articles/docker/volume-management-openpanel/)
- [Keyboard Shortcuts for OpenAdmin UI](/docs/articles/dev-experience/openadmin-keyboard-shortcuts/)
- [Uninstall OpenPanel](/docs/articles/support/how-to-unlinstall-openpanel/)
---
// File: articles/accounts/default-user-locales
# Default Locale
**OpenPanel** is fully localization-ready, but currently ships only with English (`en`) as the default language.
Additional languages can be installed by the System Administrator from ***OpenAdmin → Settings → Locales***, and they will become immediately available in the user interface.
If your preferred locale isn’t available yet, you can help by contributing a translation: 👉 [OpenPanel Translations on GitHub](https://github.com/stefanpejcic/openPanel-translations)
---
## Setting the Default Locale
In OpenPanel, there are **five** different sources that determine which locale is applied to a user.
They are checked in the following priority order:
| Priority | Source | Example Path / Data |
| -------- | ----------------------------- | ----------------------------------------------------- |
| 1️⃣ | Session (`session['locale']`) | `'fr'` |
| 2️⃣ | User-specific file | `/home//locale` |
| 3️⃣ | Browser best match | `Accept-Language: es-ES,es;q=0.9` |
| 4️⃣ | Default locale file | `/etc/openpanel/openpanel/default_locale` → e.g. `de` |
| 5️⃣ | Hardcoded final fallback | `'en'` |
---
### 1. Session Locale
When a user visits OpenPanel, the system first checks the session for a stored locale.
A session locale is created when the user logs in.
For example, if the user selects `'de'` (German) on the login page, that locale is set for the current session.
> **Note:** This setting overrides all other locale sources.
---
### 2. User-Specific File
After logging in, users can change their preferred language — if the `locale` module and feature are enabled for them.
Navigate to: ***OpenPanel → Account → Change Language*** ([Docs link](/docs/panel/account/language/)) - this view lists all languages installed by the Administrator.
The user’s chosen locale overrides their browser settings and the system default.
The user’s preference is stored in a per-user file:
```
/home//locale
```
---
### 3. Browser Best Match
If the user hasn’t set a locale yet, OpenPanel checks the browser’s [`Accept-Language` header](https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Accept-Language).
If the preferred language is installed on the server, it will be temporarily applied for that session.
> **NOTE**: This only affects the **current session** and does not persist as a user preference.
> It overrides the Administrator’s default locale for that session only.
Example header:
```
Accept-Language: es-ES,es;q=0.9
```
---
### 4. Default Locale
The Administrator can set a global default locale by creating a configuration file at:
```
/etc/openpanel/openpanel/default_locale
```
For example, to set Spanish (`es`) as the default:
```bash
echo 'es' > /etc/openpanel/openpanel/default_locale
```
---
### 5. Fallback Locale
If no other locale setting is found, OpenPanel defaults to English (`en`), which is included by default.
---
## Checking Which Locale Is Active
To verify which locale is being used for a user, you can temporarily enable developer mode and check the logs.
1. Enable `dev_mode`:
```bash
opencli config update dev_mode on
```
2. Repeat the user action in the browser.
3. Tail the logs:
```bash
docker logs -f openpanel
```
Look for log lines similar to:
```
APP - Using locale..
```
---
// File: articles/accounts/forbidden-usernames
# Reserved Usernames
## Basic restrictions
### OpenPanel
OpenPanel applies the following rules when you create or modify a OpenPanel username:
Usernames may **only** use lowercase letters (`a–z`) and digits (`0–9`).
- Usernames cannot contain less than **3** characters.
- Usernames cannot contain more than **20** characters.
### OpenAdmin
OpenAdmin applies the following rules when you create or modify an admin username:
Usernames may **only** use lowercase letters (`a–z`) and digits (`0–9`).
- Usernames cannot contain less than **5** characters.
- Usernames cannot contain more than **30** characters.
Passwords may **only** use lowercase letters (`a–z`) and digits (`0–9`).
- Passwords cannot contain less than **6** characters.
- Passwords cannot contain more than **30** characters.
:::info
If admin or reseller accounts are created via OpenAdmin, passwords can contain all characters except space.
:::
### SSH
OpenAdmin applies the following rules when you modify an SSH password:
Passwords may **only** use lowercase letters (`a–z`) and digits (`0–9`).
- Passwords cannot contain less than **8** characters.
- Passwords cannot contain more than **20** characters.
### MySQL / MariaDB
OpenPanel applies the following rules when you create databases and users:
Database names may **only** use lowercase letters (`a–z`) and digits (`0–9`).
- Database name cannot contain less than **1** character.
- Database name cannot contain more than **64** characters.
Database users may **only** use lowercase letters (`a–z`) and digits (`0–9`).
- Usernames cannot contain less than **1** characters.
- Usernames cannot contain more than **32** characters.
Database User's Passwords may contain **any** characters.
- Passwords cannot contain less than **8** characters.
- Passwords cannot contain more than **32** characters.
### FTP
OpenPanel applies the following rules when you create FTP sub-accounts:
FTP sub-users **must end** with dot (`.`) followed by the OpenPanel username - example: `ftpuser.openpaneluser`.
- Usernames cannot contain less than **3** characters.
- Usernames cannot contain more than **32** characters.
FTP User's Passwords must contain **at least one** uppercase letters (`A-Z`), lowercase letters (`a–z`), digits (`0–9`) and special symbols (`!`, `.`, `,`, `@`, `#`, `_`, `-`).
- Passwords cannot contain less than **8** characters.
- Passwords cannot contain more than **32** characters.
### Emails
OpenPanel applies the following rules when you create email accounts:
Email accounts may **only** use lowercase letters (`a–z`), dashes (`-`), underscores (`_`) and digits (`0–9`).
Email accounts **must contain** `@` symbol followed by the domain name - example: `account@example.net`.
- Usernames cannot contain less than **1** character.
- Usernames cannot contain more than **32** characters.
Email accounts passwords can contain **only** uppercase letters (`A-Z`), lowercase letters (`a–z`), underscores (`_`) and digits (`0–9`).
- Passwords cannot contain less than **8** characters.
- Passwords cannot contain more than **32** characters.
## Reserved usernames
OpenPanel reserves some usernames for the system’s use, and you cannot use them for OpenPanel accounts. This list of reserved usernames can grow over time, and new versions of OpenPanel may add to this list.
OpenPanel checks the following file to determine whether to reserve or restrict a username:
```bash
/etc/openpanel/openadmin/config/forbidden_usernames.txt
```
Currently reserved usernames:
- 1000
- admin
- apache
- apache2
- backup
- busybox
- cron
- docker
- elasticsearch
- exec
- filebrowser
- ftp
- httpd
- litespeed
- openlitespeed
- lsws
- mariadb
- memcached
- minecraft
- mssql
- mysql
- mysqld
- nginx
- openadmin
- openpanel
- openresty
- opensearch
- pgadmin
- php
- php-fpm-5.6
- php-fpm-7.0
- php-fpm-7.1
- php-fpm-7.2
- php-fpm-7.3
- php-fpm-7.4
- php-fpm-8.0
- php-fpm-8.1
- php-fpm-8.2
- php-fpm-8.3
- php-fpm-8.4
- php-fpm-8.5
- phpmyadmin
- podman
- postgres
- reboot
- redis
- restart
- root
- shutdown
- test
- user_service
- varnish
- vsftpd
- www-data
To reserve a certain username, simply add it to the forbidden_usernames.txt file.
---
// File: articles/accounts/how-to-add-custom-message-in-openpanel
# How to display a custom message
OpenPanel supports both **per-user** and **global** custom messages that can be displayed in your users’ OpenPanel interfaces.

## Custom Message for a Specific User
To display a custom message in **OpenPanel > Dashboard** for a specific user:
1. Navigate to **OpenAdmin > Users > *username* > Overview**.

2. Enter the message — either plain text or HTML — in the **'Custom message for user'** area.
3. Click **Save**.
The message will appear immediately in the user’s Dashboard.
### Adding a Message via Terminal
You can also add a custom message by creating a file:
```bash
/etc/openpanel/openpanel/core/users/USERNAME/custom_message.html
```
Replace `USERNAME` with the actual user’s username.
---
## Global Message for All Users
To display a message for **all users**, copy or create a symbolic link of the custom message file in each user’s directory: `/etc/openpanel/openpanel/core/users/USERNAME/custom_message.html`.
---
// File: articles/accounts/how-to-delete-accounts
# Delete Multiple Accounts
The `opencli user-delete` command lets you delete OpenPanel user accounts in bulk. **Use caution**-it's easy to accidentally delete the wrong users.
### Delete a Single User
```bash
opencli user-delete USERNAME
```
You’ll be prompted for confirmation. To skip confirmation, use the `-y` flag:
```bash
opencli user-delete USERNAME -y
```
### Delete All Users
To delete **all** users on the server:
```bash
opencli user-delete -all
```
By default, you'll be prompted to confirm each deletion. To skip all confirmations, use the `-y` flag:
```bash
opencli user-delete -all -y
```
---
// File: articles/accounts/how-to-reset-openpanel-account-password
# How to Reset a OpenPanel Account Password
If you forget your Openpanel account password, follow these steps:
1. Click the **Forgot password?** link on the login page.

> **NOTE:** If the **Forgot Password?** link does not appear on the login form, email-based password reset is disabled by your hosting provider. In this case, you must either:
>
> 1. Auto-login to OpenPanel through their billing panel and reset your password via [Account > Settings](/docs/panel/account/#changing-password), or
> 2. Contact your hosting provider to reset the password for you.
2. Enter your **email address** and click **Send Reset Link**.

3. If your email is associated with an account, you will receive a password reset email (link valid for 15 minutes).

4. Open the email and click the reset link.

5. Enter your **new password**, confirm it, and click **Change Password**.

You can now log in using your newly set password.
---
// File: articles/accounts/set-dedicated-ip-address-for-user
# Assigning a Dedicated IP Address to a User
A dedicated IP address can then be assigned to a user through **OpenAdmin** or **OpenCLI**.
Changing IP updates all related configuration files — including DNS zones and Caddy VirtualHosts — ensuring that the user’s all current and newly added domains are bound to the new IP address.
The updated IP address will also be reflected immediately in the user’s OpenPanel interface.
## Using OpenAdmin
The OpenAdmin interface lists all IP addresses currently assigned to the server — these can also be viewed using the `hostname -I` command.
If you need to add additional IP addresses to the server, **follow the official network configuration documentation for your operating system distribution**.
No special configuration is required from the OpenPanel side — newly added IPs will appear automatically in the interface.
To change IP address for a user from OpenAdmin:
1. Navigate to **OpenAdmin → Users → *username* → Edit**.
2. Update the **IP Address** field with the desired dedicated IP.

3. Click **Save** to apply the changes.
## Using OpenCLI
To change a user’s IP address from the command line, use the [`opencli user-ip`](https://dev.openpanel.com/cli/users.html#Assign-Remove-IP-to-User) command:
```bash
opencli user-ip
```
If the specified IP address is already assigned to another user, the command will abort with a warning.
To override this behavior and force the reassignment, include the `-y` flag:
```bash
opencli user-ip -y
```
To remove a dedicated IP from a user and restore them to the [main (shared) IP](/docs/articles/install-update/openpanel-main-ip-address), use:
```bash
opencli user-ip delete
```
---
// File: articles/accounts/troubleshooting-openpanel-login-errors
# Login Errors
The following error messages may appear on the OpenPanel login page. Here's what each one means and how to resolve it:
### `Username and password are required.`
This error indicates that one or both of the login fields were left empty.
**Solution:** Please enter both your username and password.
---
### `Unable to connect to database.`
This suggests that the MySQL service is not running, or the `users` table may be corrupted.
**Solution:** Check the database service status in **OpenAdmin > Services** and ensure MySQL is running correctly.
---
### `Your account is suspended. Please contact support.`
Your OpenPanel user account has been suspended, and login is currently disabled.
**Solution:** Contact your hosting provider to reactivate your account.
---
### `Unrecognized account. Please check username.`
The username you entered does not exist on the server.
**Solution:** Verify that you're using the correct login link and username. If the issue persists, contact your hosting provider’s support team.
---
### `Invalid password. Please try again.`
The password entered is incorrect.
**Solution:** If you’ve forgotten your password or continue to have issues, contact your hosting provider to request a password reset.
---
### `Invalid 2FA code. Please try again.`
The Two-Factor Authentication (2FA) code provided is not valid.
**Solution:** Generate a new 2FA code using your authentication app and try again.
---
### `Too many failed login attempts. Please try again later.`
Too many incorrect login attempts have been made from your IP address.
**Solution:** Contact your server administrator to review the log file at `/var/log/openpanel/user/failed_login.log`. They can unblock your IP or adjust the failed login attempt limits.
---
// File: articles/backups/configuring-backups
# Configuring OpenPanel Backups
OpenPanel has a unique feature where end-users can configure their remote backups. This provides users with more freedom and control over the schedule, what to backup and finally more privacy as Admin does not have access to their destination.
Backups can be configured either by the system administrator (admin-configured) or by end users (user-configured). Each mode has distinct setup and restore procedures.
---
## Configuration Options
| Feature | Admin-Configured Backups | User-Configured Backups |
| -------------------------- | ------------------------------ | ------------------------------------- |
| Backup configuration | Admin edits `backups.env` | Users configure via Backups page |
| Backup module status | Must be disabled for users | Must be enabled for users |
| Who sets backup schedule | Admin | User |
| Backup destination control | Admin | User |
| Restore performed by | Admin | User |
| Admin access to backups | Full | None |
### 1. Admin-Configured
In this mode, the **admin has full control** over backup scheduling, retention, and destination settings. End users are **not allowed** to modify any backup configurations.
---
#### 1: Disable Backups Module
To prevent users from changing backup settings, disable the **Backups** module from the admin interface.
**Path:**
`OpenAdmin > Settings > Modules`
**Action:** Deactivate the **Backups** module.
---
#### 2: Edit Template
Modify the backup configuration template that applies to new accounts. This file defines default backup settings, such as remote storage destinations.
**File path:**
`/etc/openpanel/backups/backups.env`
To enable and configure a remote SSH destination, uncomment and update the following variables:
```env
########### SSH/SFTP STORAGE
# SSH_HOST_NAME=""
# SSH_PORT="22"
# SSH_REMOTE_PATH=""
# SSH_USER=""
# SSH_PASSWORD=""
# SSH_IDENTITY_FILE="/var/www/html/id_rsa"
# SSH_IDENTITY_PASSPHRASE=""
```
**Example:**
```env
########### SSH/SFTP STORAGE
SSH_HOST_NAME="185.119.22.54"
SSH_PORT="22"
SSH_REMOTE_PATH="/backups/"
SSH_USER="root"
SSH_PASSWORD="NotSoStrongP@ssword"
# SSH_IDENTITY_FILE="/var/www/html/id_rsa"
# SSH_IDENTITY_PASSPHRASE=""
```
> 🔗 For more destination types and examples, see [Backups Documentation](/docs/panel/files/backups/#destinations)
---
#### 3: Edit Schedule
To set the backup frequency, go to:
**Path:**
`OpenAdmin > Advanced > System Cron Jobs`
Locate the cron job for the command:
```bash
opencli docker-backup
```
Adjust the schedule as needed. This command will trigger backups according to your defined schedule for **all active users** on the server.
---
### 2. User-Configured
In this mode, the **Backups module is enabled** to allow users to configure their own backups based on their needs.
**Setup:**
* The admin must **enable the Backups module** in OpenPanel.
* Backups feature must be enabled on all relevant feature sets tied to hosting plans to allow user access.
* End users can set:
* Backup destination (e.g., remote storage, custom paths)
* Backup schedule (when backups run)
* What data to back up (files, databases, or both)
* Resource limits (e.g., bandwidth or CPU used during backup)
> 🔗 For end-user configuration, see [Backups Documentation](/docs/panel/files/backups/)
**Notes:**
* Users are responsible for managing their backups.
* Users can manually trigger backup process at any time if *Docker* feature is enabled.
* Admins do **not** have access to users' backup destinations or configurations.
---
## Restore Procedures
### Restore in Admin-Configured Backup Mode
* The admin performs restores manually, either via terminal commands or through the OpenPanel UI terminal.
* Common restore steps include:
* For databases: dropping the relevant tables and importing the database dump from backup files.
* For files: using FileManager or command line to delete corrupted files and re-upload backup copies.
---
### Restore in User-Configured Backup Mode
* End users are responsible for restoring their own backups, as backups are stored in user-defined destinations inaccessible to admins.
* Users follow similar restore steps as in the admin mode but must perform actions themselves using provided tools or instructions.
* Admins cannot restore or access backups on behalf of users in this mode.
---
---
// File: articles/databases/error-establishing-a-database-connection
# Error Establishing a Database Connection
If you see the error **“Error establishing a database connection”** in the OpenAdmin interface, it indicates that the database connection has failed.

---
## MySQL Service
OpenPanel and OpenAdmin use a MySQL Docker service defined in `/root/docker-compose.yml`.
First, ensure that the service is running:
**From OpenAdmin:**
1. Go to **Services > Services Status**.
2. Check the status of the MySQL service.
3. Restart it from this page if necessary.
**From the terminal:**
```bash
docker ps -a
```
Look for the `openpanel_mysql` service in the output.
---
## MySQL Fails to Start
If the MySQL service fails to start, Docker will keep restarting it. You can observe this from the `docker ps -a` output.
Example:
```bash
root@openpanel:~# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6d9885164cba mysql/mysql-server "/entrypoint.sh mysql…" 30 minutes ago Restarting (1) 22 seconds ago openpanel_mysql
```
* If the uptime is only a few seconds and the status shows **not running** or **unhealthy**, check the service logs:
```bash
docker logs -f openpanel_mysql
```
Example:
```bash
root@openpanel:~# docker logs -f openpanel_mysql
[Entrypoint] MySQL Docker Image 8.0.32-1.2.11-server
[Entrypoint] Starting MySQL 8.0.32-1.2.11-server
2025-10-17T15:36:55.291441Z 0 [Warning] [MY-011068] [Server] The syntax '--skip-host-cache' is deprecated and will be removed in a future release. Please use SET GLOBAL host_cache_size=0 instead.
2025-10-17T15:36:55.293565Z 0 [System] [MY-010116] [Server] /usr/sbin/mysqld (mysqld 8.0.32) starting as process 1
2025-10-17T15:36:55.304336Z 1 [System] [MY-013576] [InnoDB] InnoDB initialization has started.
2025-10-17T15:36:55.546466Z 1 [System] [MY-013577] [InnoDB] InnoDB initialization has ended.
2025-10-17T15:36:55.852133Z 0 [Warning] [MY-010068] [Server] CA certificate ca.pem is self signed.
2025-10-17T15:36:55.852166Z 0 [System] [MY-013602] [Server] Channel mysql_main configured to support TLS. Encrypted connections are now supported for this channel.
2025-10-17T15:36:55.852534Z 0 [ERROR] [MY-010259] [Server] Another process with pid 60 is using unix socket file.
2025-10-17T15:36:55.852547Z 0 [ERROR] [MY-010268] [Server] Unable to setup unix socket lock file.
2025-10-17T15:36:55.852555Z 0 [ERROR] [MY-010119] [Server] Aborting
2025-10-17T15:36:57.431776Z 0 [System] [MY-010910] [Server] /usr/sbin/mysqld: Shutdown complete (mysqld 8.0.32) MySQL Community Server - GPL.
```
In this example, error is: *Another process with pid 60 is using unix socket file.*
[Googling the error](https://stackoverflow.com/questions/36103721/docker-db-container-running-another-process-with-pid-id-is-using-unix-socket) we get the solution: `cd /root && docker compose down --volumes` **NOTE: this will remove all existing mysql data including users, plans, domains.. only run it on a fresh installation, ie. if this mysql error occurs after installing openpanel**.
* Copy any error messages and search online. Common issues include:
* Problem with the latest mysql docker image tag
* MySQL not running properly on ARM CPUs
---
## MySQL command not working
You can test the connection directly from the terminal using the `mysql` command.
Example error:
```bash
root@openpanel:~# mysql
ERROR 2026 (HY000): TLS/SSL error: SSL is required, but the server does not support it
```
To resolve this error *TLS/SSL error: SSL is required, but the server does not support it* run: `echo "skip-ssl = true" >> /etc/my.cnf` [SOURCE](https://stackoverflow.com/questions/78677369/mariadb-11-also-mysql-cli-error-2026-hy000-tls-ssl-error-ssl-is-required)
---
Example error:
```bash
root@openpanel:~# mysql
ERROR 2003 (HY000): Can't connect to MySQL server on '127.0.0.1:3306' (111)
```
If this is a fresh installation and there are no users or plans yet, MySQL may fail to initialize during setup. To fix this:
```
cd /root
docker compose down
docker volume rm root_mysql # DANGER: this will delete all users and plans, only run it on a fresh install!
docker compose up -d openpanel_mysql openpanel
```
Otherwise, check if credentials stored in `/etc/my.cnf` are correct:
```bash
root@demo:~# cat /etc/my.cnf
[client]
user = panel
database = panel
password = e391ac94321d110c
host = 127.0.0.1
protocol = tcp
```
---
## Firewall
Outgoing connections on **port 3306** must be allowed. Ensure this port is open in the Sentinel Firewall (CSF).
Check `/etc/csf/csf.conf` for the `TCP_OUT=` setting and confirm that port `3306` is included. If not, add it and restart CSF:
```bash
csf -r
```
---
If none of these steps resolve the issue, contact us via the forums or open a support ticket, and we will help troubleshoot the problem.
---
// File: articles/databases/how-to-connect-to-mysql-from-php-applications-in-openpanel
# Connecting to MySQL Server from Applications in OpenPanel
OpenPanel runs each user service inside its own container and uses local networks to isolate them. This means that applications do not connect to the database via `localhost` or `127.0.0.1`, but instead through container hostnames.
For more information about networks: [Network Isolation in OpenPanel](/docs/articles/docker/network-isolation-openpanel/)
To connect from your **PHP**, **Node.js**, or **Python** application to a MySQL/MariaDB database, you must use:
* **Hostname:** `mysql` (for MySQL) or `mariadb` (for MariaDB)
* **Port:** `3306` (default)
* **Username/Password:** created for the database from OpenPanel UI
⚠️ **Important:** Never use `localhost` or `127.0.0.1` as the database host. These will not work because containers are isolated.
---
## Example: WordPress
When setting up WordPress inside OpenPanel, use the following database configuration:
```ini
DB_HOST=mysql
```
Here, `DB_HOST` is set to `mysql`, so WordPress can reach the MySQL container. If you are using MariaDB, then replace `mysql` with `mariadb`.
---
## Example: Custom PHP Application
In a custom PHP app, you can connect like this:
```php
getMessage();
}
```
---
## Example: Node.js Application
For Node.js using `mysql2` or `sequelize`:
```js
const mysql = require('mysql2');
const connection = mysql.createConnection({
host: 'mysql', // or "mariadb"
user: 'my_user',
password: 'my_password',
database: 'my_database'
});
connection.connect(err => {
if (err) {
console.error('Connection error:', err);
return;
}
console.log('Connected successfully!');
});
```
---
## Example: Python Application
Using `mysql-connector-python`:
```python
import mysql.connector
conn = mysql.connector.connect(
host="mysql", # or "mariadb"
user="my_user",
password="my_password",
database="my_database"
)
cursor = conn.cursor()
cursor.execute("SELECT DATABASE();")
print("Connected to:", cursor.fetchone())
```
---
✅ **Summary:**
* Use `mysql` or `mariadb` as the hostname.
* Never use `localhost` or `127.0.0.1`.
* Works across PHP, WordPress, Node.js, Python, and any other app in [the `db` network](/docs/articles/docker/network-isolation-openpanel/).
---
// File: articles/databases/how-to-troubleshoot-error-establishing-a-database-connection
# How to troubleshoot: Error establishing a database connection
If your website/application is alerting you that there was an error establishing database connection you should take the following steps in order to troubleshoot the issue:

## Check the configuration file for errors
OpenPanel runs each user service inside its own container and uses local networks to isolate them. This means that applications do not connect to the database via `localhost` or `127.0.0.1`, but instead through container hostnames.
You can check the database connection parameters such as hostname and port on OpenPanel > MySQL/Databases by hovering the container name at the top of the page:

Now compare these parameters with those inside the websites configuration file, in this example we are editing the wp-config.php file of a WordPress installation using File Manager:

Since localhost was set inside the file the connection is failing, to fix the issue we replace localhost with the correct hostname (mariadb in our case) and click save at the top right corner of the editor:

After saving this change the new configuration is applied and our WordPress instalation connects to the database successfully:

## Make sure the database service (container) is running
The easiest way to make sure the database service is running is by accessing the Openpanel > MySQL/Databases page, if your databases are listed on that page that means the container is healthy and running.
If you get a blank page or an empty table instead it means that the database container is inactive, simply accessing this page will send a trigger to start the container automatically.
However if data doesn't appear on the page in a couple of minutes there's an issue with the database container.
If the Docker feature is enabled for your plan you can check the database container's logs on OpenPanel > Docker/Logs , you can also stop and start the container on OpenPanel > Docker/Containers .

If the Docker feature is not enabled for your plan and data doesn't appear on the Openpanel > MySQL/Databases page contact your server administrator so that they can check further.
## Make sure that the website's database user is properly assigned to the database
You can reassign a user to a database at any time on OpenPanel > MySQL/Assign User to DB:

Simply select your user and database from the dropdown menus and click the "Assign User to Database" button.
## Try Resetting the password of your database user
You can change your database user's password on OpenPanel > MySQL/Users:

Click on the "Change Password" button next to your database user, you will be taken to the password reset page.
On this page make sure to copy the new password before clicking the "Change Password" button to confirm the change.

Edit your website's configuration file using File Manager and switch the existing password with the new one that you've just set, click save at the top right corner of the editor when you're done.

## Test the connection manually
In order to connect to your database from a remote location you'll first need to open the following page: OpenPanel > MySQL/Remote MySQL .

To enable remote database access click on the "Click to Enable" button and wait for confirmation that the remote access feature has been enabled.
Next open your database client, in our example we'll be using DBeaver for Windows.
Create a new remote connection within your client, copy the server and port parameters from the "Remote" section of the Remote MySQL page on OpenPanel and paste them inside your client.

Fill the database, user and password with your db parameters and attempt the connection via the client for this test.
---
// File: articles/databases/phpmyadmin-domain
# Domain for phpMyAdmin
UPDATE: panel domain set for OpenPanel interface is now used for phpMyAdmin as well.
- `https://`DOMAIN:`2053` is used for phpmyadmin access when panel domain is set and has an SSL
- `http://`IP:`8888` is used for phpmyadmin access when IP is set for panel access
---
// File: articles/dev-experience/add-custom-icons-in-openpanel-dashboard
# Custom Section
To add custom section in *OpenPanel > Dashboard* page, navigate to **OpenAdmin > Settings > Custom Code** and edit the 'Custom Section'.
Example code:
```json
{
"section_title": "my.openpanel.com",
"section_position": "before_domains",
"items": [
{
"label": "Manage Profile",
"icon": "bi bi-person-fill-gear",
"url": "https://panel.hostio.rs/clientarea.php?action=details"
},
{
"label": "Manage Billing Information",
"icon": "bi bi-credit-card",
"url": "https://panel.hostio.rs/clientarea.php?action=details"
},
{
"label": "View Email History",
"icon": "bi bi-envelope-open",
"url": "https://panel.hostio.rs/clientarea.php?action=emails"
},
{
"label": "News & Announcements",
"icon": "bi bi-megaphone-fill",
"url": "https://panel.hostio.rs/index.php?rp=/announcements"
},
{
"label": "Knowledgebase",
"icon": "bi bi-book-half",
"url": "https://panel.hostio.rs/index.php?rp=/knowledgebase"
},
{
"label": "Server Status",
"icon": "bi bi-hdd-network",
"url": "https://panel.hostio.rs/serverstatus.php"
},
{
"label": "Invoices",
"icon": "bi bi-receipt",
"url": "https://panel.hostio.rs/clientarea.php?action=invoices"
},
{
"label": "Support Tickets",
"icon": "bi bi-life-preserver",
"url": "https://panel.hostio.rs/supporttickets.php"
},
{
"label": "Open Ticket",
"icon": "bi bi-journal-plus",
"url": "https://panel.hostio.rs/submitticket.php"
},
{
"label": "Register New Domain",
"icon": "bi bi-globe",
"url": "https://panel.hostio.rs/cart.php?a=add&domain=register"
},
{
"label": "Transfer Domain",
"icon": "bi bi-arrow-repeat",
"url": "https://panel.hostio.rs/cart.php?a=add&domain=transfer"
}
]
}
```
---
// File: articles/dev-experience/add-custom-services-to-openadmin
# Custom Services
Custom services can be added to OpenAdmin to be run and monitored from the admin panel.
In this example, We will add [netdata](https://learn.netdata.cloud/docs/netdata-agent/installation/docker) docker image.
## Add service
```
cd /root
nano docker-compose.yml
```
and add the netdata section:
```
netdata:
image: netdata/netdata
container_name: netdata
pid: host
network_mode: host
restart: unless-stopped
cap_add:
- SYS_PTRACE
- SYS_ADMIN
security_opt:
- apparmor:unconfined
environment:
- DO_NOT_TRACK=1
- NETDATA_CLOUD_ENABLE=no
volumes:
- ./netdata/config:/etc/netdata
- ./netdata/lib:/var/lib/netdata
- ./netdata/cache:/var/cache/netdata
- /:/host/root:ro,rslave
- /etc/passwd:/host/etc/passwd:ro
- /etc/group:/host/etc/group:ro
- /etc/localtime:/etc/localtime:ro
- /proc:/host/proc:ro
- /sys:/host/sys:ro
- /etc/os-release:/host/etc/os-release:ro
- /var/log:/host/var/log:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- /run/dbus:/run/dbus:ro
```
save and exit the file. then start the service:
```
docker --context=default compose up -d netdata
```
now, I suggest just whitelisting your IP on the firewall instead of opening the port to the internet.
Then open the IP:19999 in your browser:

## Monitor service
Next step is to make the netdata service available from **OpenAdmin > Services** page so we can view its status, start/stop or restart it.
For this, we need to add the netdata service in `/etc/openpanel/openadmin/config/services.json` file:
```
{
"name": "Netdata",
"type": "docker",
"on_dashboard": false,
"real_name": "netdata"
},
```
`real_name` is the service/container name, and `name` is the human-readable name displayed in OpenAdmin services.
Save the file and refresh the page in OpenAdmin - service is immediately visible and we can start/stop it from the panel.

We can also receive notifications when the service is not running. For this edit the file: `/etc/openpanel/openadmin/config/notifications.ini` and add service name (`netdata`) under services:
```
services=panel,admin,caddy,mysql,docker,csf,netdata
```
save the file and exit. Sentinel service will now also check if the netdata container is running and if not, send alerts to **OpenAdmin > Notifications** and if emails are enabled then to email as well.
---
// File: articles/dev-experience/autostart-services
# Auto-start Services
Services in OpenPanel start only when they are actually needed, to avoid wasting resources.
## Auto-start Services in OpenAdmin
Upon installing OpenPanel, only the following services are started:
- **OpenAdmin** – For managing the entire server and users.
- **Docker** – Needed for all other containerized services and user accounts.
- **Database** – MySQL database is created and initialized. This database holds Plans, Websites, Domains, and Users.
- **Firewall** – [Sentinel Firewall](https://sentinelfirewall.org/) is installed and started.
Other services are installed and started only when required.
| Service | Installed | Auto-start |
|------------------------|-----------|---------------------------|
| OpenAdmin | ✔ | On installation |
| Docker | ✔ | On installation |
| Database | ✔ | On installation |
| Sentinel Firewall | ✔ | On installation |
| OpenPanel | ✘ | After adding first user account |
| BIND9 | ✘ | After adding first domain name |
| Caddy | ✘ | After adding first domain name |
| ImunifyAV | ✘ | When enabled by Administrator |
| Dovecot & Postfix | ✘ | When enabled by Administrator |
| FTP | ✘ | When enabled by Administrator, after first FTP account is created |
| phpMyAdmin | ✘ | When enabled by Administrator, after first MySQL database is created by a user |
## Auto-start Services in OpenPanel
Similar to OpenAdmin, services in OpenPanel also start only when they are needed. This allows for better resource management.
Services that auto-start for each user:
| Service | Installed | Auto-start |
|--------------------|-----------|---------------------------------------------------|
| Apache / Nginx / OpenLitespeed | ✔ | After the user adds the first domain | |
| REDIS | ✘ | After the user activates it |
| Memcached | ✘ | After the user activates it |
| Elasticsearch | ✘ | After the user activates it |
| MySQL / MariaDB | ✔ | After the user adds at least 1 database |
| Cron | ✔ | After the user adds at least 1 cron job |
| PHP versions | ✘ | After the user sets it for at least 1 domain |
---
// File: articles/dev-experience/create-custom-openpanel-template
# Custom OpenPanel Templates
Templates offer a flexible way to customize the appearance of your control panel interface. Whether you're looking to align the panel's look with your brand identity or simply want to refresh its appearance, our template system provides the tools necessary to achieve your desired aesthetics.
## Using Templates
OpenPanel templates are designed to be easily interchangeable, allowing users to swiftly change the look and feel of their control panel without affecting the underlying functionality. This ensures that you can update the appearance of your control panel as often as you like, without any downtime or disruption to your operations.
To change theme for OpenPanel, run command:
```opencli config update template PATH_HERE```
instead of *PATH_HERE* set either just the folder name or a full path, example:
```opencli config update template "/home/custom_template/"```
and restart service to apply: `docker restart openpanel`.
---
To change theme for OpenAdmin, run command:
```opencli config update admin_template PATH_HERE```
instead of *PATH_HERE* set either just the folder name or a full path, example:
```opencli config update admin_template "/home/custom_admin_template/"```
and restart service to apply: `service admin restart`.
---
## Creating Custom Templates
For those who require a more personalized touch, OpenPanel allows the creation of custom templates. This option is perfect for users who want to integrate their brand colors, logos, and other design elements into their control panel.
To create new templates copy the default templates folders:
For OpenPanel:
`docker cp openpanel:/templates/ /home/custom_template/`
For OpenAdmin:
`cp /user/local/admin/templates/ /home/custom_admin_template/`
and then make the changes in html/css files.
---
// File: articles/dev-experience/custom-plugins
# Custom Plugins
OpenPanel version 1.5.0 and newer support custom plugins.
## Requirements
Currently, plugins have a few requirements and limitations:
* A readme.txt file must be present for the plugin to be loaded by OpenPanel.
* The Python (.py) file name must match the plugin's folder name.
* Installing additional pip modules is not supported.
## Example: Traceroute
[Traceroute](https://github.com/stefanpejcic/traceroute) is a sample OpenPanel plugin that serves as a starter template for integrating third-party products and services into OpenPanel as plugins.
[](/img/docs-content/X7cTZdzx-2025-07-21-14-34.png)
### readme.txt
| **Key** | **Example Value** | **Explanation** |
|------------------|--------------------------------------------------------|------------------------------------------------------------------|
| `name` | `traceroute` | Folder and plugin name. |
| `title` | `Traceroute` | Display title shown on Dashboard, sidebar and search. |
| `description` | `Run traceroute to IP or hostname.` | Short description of what the plugin does. |
| `link` | `/advanced/traceroute` | URL route to access the plugin from UI. |
| `version` | `1.0.0` | Version number of the plugin. |
| `author` | `Stefan Pejcic` | Author or developer of the plugin. |
| `category` | `advanced` | Section in Dashboard and sidebar menu under which to display. |
| `icon` | `bi bi-person` | Bootstrap Icon class name to use for Dashboard icons. |
| `show_in_search` | `1` | Whether the plugin should appear in search results (1=yes, 0=no).|
| `help_link` | `https://github.com/stefanpejcic/traceroute/` | Link to help or documentation for the plugin. |
****
### Python
```py
# traceroute.py
'''
.py file needs to have the same name as the folder, so f folder is 'traceroute' file needs to be named 'traceroute.py' in order to be imported.
'''
# import flask app
from flask import Flask, render_template, render_template_string, request
# import what is needed for this plugin
import socket
import struct
import time
import os
import requests
# For translations
# https://python-babel.github.io/flask-babel/
from flask_babel import Babel, _
# Import stuff from OpenPanel core
from app import app, inject_data, get_openpanel_ip, login_required_route
# custom function example
def get_client_ip():
if request.headers.getlist("X-Forwarded-For"):
client_ip = request.headers.getlist("X-Forwarded-For")[0].split(',')[0].strip()
else:
client_ip = request.remote_addr
return client_ip
# you can not run pip install for additional tools, and since mtr is not available in OpenPanel UI container, we need to use vanilla python to simulate traceroute output
def simple_traceroute(dest_name, max_hops=30, timeout=1):
try:
dest_addr = socket.gethostbyname(dest_name)
except socket.gaierror:
return f"Error: Invalid hostname or IP address '{dest_name}'"
port = 33434
result = []
for ttl in range(1, max_hops + 1):
try:
recv_socket = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_ICMP)
recv_socket.settimeout(timeout)
recv_socket.bind(("", port))
send_socket = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)
send_socket.setsockopt(socket.SOL_IP, socket.IP_TTL, ttl)
start_time = time.time()
send_socket.sendto(b"", (dest_addr, port))
try:
data, curr_addr = recv_socket.recvfrom(512)
end_time = time.time()
curr_addr = curr_addr[0]
try:
curr_name = socket.gethostbyaddr(curr_addr)[0]
except socket.error:
curr_name = curr_addr
elapsed = (end_time - start_time) * 1000 # ms
line = f"{ttl}\t{curr_addr}\t{elapsed:.2f} ms"
except socket.timeout:
line = f"{ttl}\t*\tTimeout"
send_socket.close()
recv_socket.close()
result.append(line)
if curr_addr == dest_addr:
break
except PermissionError:
return "Error: Root privileges required to run traceroute."
except Exception as e:
return f"Error: {str(e)}"
return "\n".join(result)
# Route should be same as 'link' in readme.txt
@app.route('/advanced/traceroute', methods=['GET', 'POST'])
# remove login_required_route decorator if page should be accessed without login (NOT RECOMMENDED)
@login_required_route
def traceroute():
result = ""
if request.method == 'POST':
target = request.form.get('target')
if target:
try:
result = simple_traceroute(target)
except Exception as e:
result = f"Error: {str(e)}"
else:
# use _( ) to allow localization of the text
result = _("Please enter a valid IP address or hostname.")
# this is needed for templates to overwrite global templates folder
#exit the html file name accordingly
template_path = os.path.join(os.path.dirname(__file__), 'traceroute.html')
with open(template_path) as f:
template = f.read()
# return ip address for openpanel account
current_username = inject_data().get('current_username') # returns username of the current openpanel account
server_ip = get_openpanel_ip(current_username) # returns IP for the current openpanel account
client_ip = get_client_ip() # returns ip form our custom function
return render_template_string(
template,
title=_('Traceroute'), # title is shown in breadcrumbs and browser tab
server_ip=server_ip,
client_ip=client_ip,
result=result
)
```
### template
Flask templates documentation: https://flask.palletsprojects.com/en/stable/tutorial/templates/
```html
{% extends 'base.html' %}
{% block content %}
{{_('Traceroute')}}
{{_('Trace network traffic from the server to diagnose network congestion.
')}}
{% endblock %}
```
---
## Installing
Plugins must be placed inside the `/etc/openpanel/modules/` directory. Each plugin should reside in its own folder. For example, the `traceroute` plugin should be installed in `/etc/openpanel/modules/traceroute/`.
Inside the plugin folder, include the following files:
* `readme.txt`
* `traceroute.py`
* `traceroute.html`
It is recommended to install plugins via Git for easy updating. To install the `traceroute` plugin, run:
```bash
cd /etc/openpanel/modules/ && git clone https://github.com/stefanpejcic/traceroute
```
After installation, use the OpenAdmin UI to add the plugin’s features to the desired Feature Sets.
[](/img/docs-content/g2r5JQFq-2025-07-21-14-59.png)
And finally, restart the OpenPanel UI to load the new plugin.
---
// File: articles/dev-experience/customizing-openpanel-user-interface
# Branding & White-Label
Everything in OpenPanel is modular and can easily be modified or disabled without breaking the rest of the functionalities.
To customize OpenPanel, you have the following options:
- [Display personalized message per user](#personalized-messages)
- [Enable/disable features and pages from the OpenPanel interface](#enabledisable-features)
- [Add custom icons in Dashboard page](/docs/articles/dev-experience/add-custom-icons-in-openpanel-dashboard)
- [Customize Default, Suspended User and Suspended Domain pages](@customize-templates)
- [Localize the interface](#localize-the-interface)
- [Set custom branding](#set-custom-branding)
- [Set a custom color scheme](#set-a-custom-color-scheme)
- [Replace How-to articles with your knowledge base](#replace-how-to-articles-with-your-knowledge-base)
- [Customize any page](#edit-any-page-template)
- [Customize login page](#customize-login-page)
- [Add custom CSS or JS code to the interface](#create-custom-pages)
- [Create a custom module for OpenPanel](#create-custom-module)
- [Self-hosted temporary links for SiteManager](/docs/articles/dev-experience/selfhosted-temporary-links-api/)
- [Self-hosted screenshots for SiteManager](/docs/articles/dev-experience/selfhosted-screenshots-api/)
## Personalized messages
Administrators can set a custom message to be displayed for any OpenPanel uer from their **OpenAdmin > Users** page.

## Enable/disable features
Administrators have the ability to enable or disable each feature (page) in the OpenPanel interface per plan or per-user base.
Once enabled, the feature becomes instantly available to all users, appearing in the OpenPanel interface sidebar, search results, and dashboard icons.
## Set pre-installed services
OpenPanel uses docker compose files as the base for each user. Based on the docker images in that compose files, different services can be set per plan/user.
## Localize the interface
OpenPanel is localization ready and can easily be translated into any language.
OpenPanel is shipped with the EN locale, [additional locales can be installed by the Administrator](https://dev.openpanel.com/localization.html#How-to-translate).
## Set custom branding
Custom brand name and logo can be set from [OpenAdmin > Settings > OpenPanel](/docs/admin/settings/openpanel/#branding) page.
To set a custom name visible in the OpenPanel sidebar and on login pages, enter the desired name in the "Brand name" option. Alternatively, to display a logo instead, provide the URL in the "Logo image" field and save the changes.
## Customize Templates
You can customize all templates that are displayed to users:
- [Domain VHost Template](/docs/admin/services/nginx/#domain-vhost-template)
- [Default Landing Page](/docs/admin/services/nginx/#default-landing-page)
- [Suspended User Template](/docs/admin/services/nginx/#suspended-user-template)
- [Suspended Domain Template](/docs/admin/services/nginx/#suspended-domain-template)
- [Error Pages](/docs/admin/services/nginx/#error-pages)
## Create OpenPanel Module
To create a custom module (plugin) for OpenPanel follow this guide: [Example Module](https://dev.openpanel.com/modules/#Example-Module)
## Set a custom color scheme
To set a custom color-scheme for OpenPanel interface, edit the `/etc/openpanel/openpanel/custom_code/custom.css` file and in it set your preferred color scheme.
```bash
nano /etc/openpanel/openpanel/custom_code/custom.css
```
Set the custom css code, save and restart openpanel to apply changes:
```bash
cd /root && docker compose up -d openpanel
```
Example:

## Replace How-to articles with your knowledge base
[OpenPanel Dashboard page](/docs/panel/dashboard) displays [How-to articles](/docs/panel/dashboard/#how-to-guides) from the OpenPanel Docs, however these can be changed to display your knowledgebase articles instead.
Edit the file `/etc/openpanel/openpanel/conf/knowledge_base_articles.json` and in it set your links:
```json
{
"how_to_topics": [
{"title": "How to install WordPress", "link": "https://openpanel.com/docs/panel/applications/wordpress#install-wordpress"},
{"title": "Publishing a Python Application", "link": "https://openpanel.com/docs/panel/applications/pm2#python-applications"},
{"title": "How to edit Nginx / Apache configuration", "link": "https://openpanel.com/docs/panel/advanced/server_settings#nginx--apache-settings"},
{"title": "How to create a new MySQL database", "link": "https://openpanel.com/docs/panel/databases/#create-a-mysql-database"},
{"title": "How to add a Cronjob", "link": "https://openpanel.com/docs/panel/advanced/cronjobs#add-a-cronjob"},
{"title": "How to change server TimeZone", "link": "https://openpanel.com/docs/panel/advanced/server_settings#server-time"}
],
"knowledge_base_link": "https://openpanel.com/docs/panel/intro/?source=openpanel_server"
}
```
## Edit any page template
Each OpenPanel template code is open and can easily be edited by just editing the HTML code.
Templates are located inside a Docker container named `openpanel`, so you first need to find the template that has the code that you want to edit.
For example, to edit the sidebar and hide the OpenPanel logo, follow these steps:
1. Create a new folder/file locally for your modified code.
```bash
mkdir /root/custom_template/
```
2. Copy the existing template code.
```bash
docker cp openpanel:/usr/local/panel/templates/partials/sidebar.html /root/custom_template/sidebar.html
```
3. Edit the code.
4. Configure OpenPanel to use your template.
Edit the `/root/docker-compose.yml` file and in it set your file to overwrite the original template:
```bash
nano /root/docker-compose.yml
```
and in the file under [openpanel > volumes](https://github.com/stefanpejcic/openpanel-configuration/blob/180c781bfb7122c354fd339fbee43c1ce6ec017f/docker/compose/new-docker-compose.yml#L31) set local path and original:
```bash
- /root/custom_theme/sidebar.html:/usr/local/panel/templates/partials/sidebar.html
```
6. Restart OpenPanel to apply the new template.
```bash
cd /root && docker compose up -d openpanel
```
## Customize login page
OpenPanel login page template code is located at `/usr/local/panel/templates/user/login.html` inside the docker container.
To edit the login page:
1. Create a new folder/file locally for your modified code.
```bash
mkdir /root/custom_template/
```
2. Copy the existing template code.
```bash
docker cp openpanel:/usr/local/panel/templates/user/login.html /root/custom_template/login.html
```
3. Edit the code.
4. Configure OpenPanel to use your template.
Edit the `/root/docker-compose.yml` file and in it set your file to overwrite the original template:
```bash
nano /root/docker-compose.yml
```
and in the file under [openpanel > volumes](https://github.com/stefanpejcic/openpanel-configuration/blob/180c781bfb7122c354fd339fbee43c1ce6ec017f/docker/compose/new-docker-compose.yml#L31) set local path and original:
```bash
- /root/custom_theme/login.html:/usr/local/panel/templates/user/login.html
```
6. Restart OpenPanel to apply the new login template.
```bash
cd /root && docker compose up -d openpanel
```
## Add custom CSS or JS code
To add custom CSS code to the OpenPanel interface, edit the file `/etc/openpanel/openpanel/custom_code/custom.css`:
```bash
nano /etc/openpanel/openpanel/custom_code/custom.css
```
To add custom JavaScript code to the OpenPanel interface, edit the file `/etc/openpanel/openpanel/custom_code/custom.js`:
```bash
nano /etc/openpanel/openpanel/custom_code/custom.js
```
To insert custom code within the `` tag of the OpenPanel interface, modify the content of the file located at `/etc/openpanel/openpanel/custom_code/in_header.html` and include your custom code within it:
```bash
nano /etc/openpanel/openpanel/custom_code/in_header.html
```
To insert custom code within the `