1Panel: a modern, open-source web control panel to manage Linux servers, websites, containers, databases & LLMs from one console

1Panel is a modern, web-based, open-source (GPLv3) control panel for Linux server administration. It brings together host monitoring, file and database management, container orchestration, one-click WordPress + SSL, backup/restore, and even LLM management behind a clean, multilingual UI. For teams juggling SSH, ad-hoc scripts, and a handful of utilities, 1Panel provides a single point of operation with sane security defaults (containerized apps, built-in firewall, log auditing) and fast time-to-value.

---

What 1Panel is (and who it’s for)

1Panel targets day-to-day ops on Linux VPS, bare-metal, or cloud instances: create and maintain websites, bind domains, issue SSL in one click, manage databases (e.g., MySQL/MariaDB, PostgreSQL), files/volumes, containers (images, networks), scheduled tasks, and backups. The App Store curates popular open-source stacks—WordPress included—to cut “zero-to-production” friction.

Typical use cases

• SMBs running 1–5 VPSs that want a lightweight panel with reliable backup/restore.
• Agencies/webmasters deploying WordPress frequently, managing SSL, and juggling multiple sites.
• DevOps/SRE teams consolidating containerized apps (sites, APIs) into a maintainable GUI.
• Education/labs that benefit from a visual admin layer without giving up SSH control.

---

Key features you’ll actually use

• Web UI, multilingual (including English and Spanish), with host monitoring (CPU/RAM/disk/processes/services).
• File management with permissions, quick edits, and transfers.
• Databases: create DBs/users, run backups, and handle routine admin.
• Containers: image and container management, networks, volumes; simple stack deployments.
• Websites: site provisioning, domain binding, one-click SSL (Let’s Encrypt), basic hardening.
• LLMs: management module to explore local inference and models (Pro adds GPU monitoring).
• Backup & restore in one click: to local or cloud storage with retention controls.
• Firewall and log auditing: reduce surface area and keep change trails.
• App Store: install and update popular OSS applications in minutes.
• Internationalization: UI available in 15+ languages (EN, ES, ZH, JP, PT-BR, AR, DE, FR, KO, ID, ZH-TW, TR, RU, etc.).
• GPLv3 licensed OSS, plus an optional Pro edition (WAF enhancement, web tamper protection, website monitoring, GPU monitoring, custom branding, and vendor support).

---

Quick start (curl installer)

Prereqs: Linux server (Ubuntu/Debian/CentOS/Alma/Rocky, etc.), shell access, and a basic firewall. Take a snapshot/backup first.

curl -sSL https://resource.1panel.pro/quick_start.sh -o quick_start.sh && bash quick_start.sh
Code language: JavaScript (javascript)

• Follow the guided prompts.
• On completion, open the URL provided and log in with the initial credentials.
• Recommended hardening: change default ports, enforce HTTPS, and—if placed behind an IdP—enable MFA via your proxy (OIDC/SAML).

China users: a regional install script is available with additional applications (see the official docs).

---

Security & hardening best practices

1. Isolate the panel

• Place 1Panel behind a reverse proxy (Nginx/Traefik/HAProxy) with modern TLS.
• Limit access by IP allowlist (corporate office/VPN) where feasible.
• If using Pro, enable WAF and web tamper protection for front-facing sites.

2. Accounts & privileges

• Use non-root SSH accounts with sudo + MFA outside the panel.
• In 1Panel, segment roles and avoid shared admin sessions.

3. Backups & recovery

• Configure regular backups (local + cloud).
• Test partial and full restores at least quarterly to verify RTO/RPO.

4. Auditing & updates

• Review admin logs after sensitive operations.
• Update 1Panel and App Store packages during maintenance windows.

5. Containers

• Prefer official images, verify checksums.
• Segment container networks; set resource limits (CPU/mem) to avoid noisy neighbors.

6. LLMs & GPU (Pro)

• Keep drivers current; lock down permissions.
• Never expose inference endpoints without auth and rate limiting.

---

WordPress with 1Panel: zero-to-live in minutes

Typical flow

1. Create a website (vhost) from the Websites module.
2. Bind the domain and issue one-click SSL (Let’s Encrypt).
3. Install WordPress via the App Store (optionally containerized).
4. Provision a database and user with proper least-privilege grants.
5. Configure backups (DB + wp-content) and basic monitoring.
6. Harden: hide server headers, disable XML-RPC if unused, restrict /wp-admin by IP if appropriate.

Tip: For multisite or higher traffic, layer caching (Nginx FastCGI/Redis), CDN, and pool-tuned PHP-FPM.

---

Backups: one click ≠ a full strategy

Use the one-click backup/restore as a safety net, but also define a real policy:

• Local + remote (S3/Backblaze/Wasabi/Azure Blob, etc.) with time-based retention and versioning where supported.
• Periodic restore tests: spin up a staging clone to validate data integrity and elapsed time to recover.
• Encryption: encrypt at source or rely on the cloud provider’s SSE + KMS.

---

App Store & ecosystem

The App Store provides curated OSS stacks with guided installs (dependencies, containers, networks). That shrinks install time and centralizes updates. Typical entries (may vary by distro/version):

• Web stacks: Nginx/Apache, Node.js, PHP, Python, Go.
• Databases: MySQL/MariaDB, PostgreSQL, Redis.
• CMS & apps: WordPress, Ghost, etc.
• Dev/Ops tools: Portainer, diagnostics, and assorted helpers.

Pro adds WAF, tamper protection, website monitoring, GPU monitoring, branding, and support.

---

Day-to-day ops (checklist)

• Host health (CPU/RAM/IO) and service alerts.
• Audit logs (who changed what and when).
• Updates pending for 1Panel and App Store apps.
• Backups (last job OK) and available storage.
• Certificates (auto-renew working, expiry dates tracked).
• Firewall status and exposed ports (close anything unnecessary).
• Containers (health checks, unexpected restarts, resource usage).
• Domains & DNS (confirm resolution after changes).

---

Security & vulnerability disclosure

The project maintains a responsible disclosure policy (see SECURITY.md in the repo). General advice:

• Do not expose the panel without TLS or access controls.
• Track changelogs and update promptly.
• Apply host hardening (SSH, sudoers, fail2ban if desired, kernel hardening).
• Consider forwarding 1Panel events to your SIEM for enterprise environments.

---

1Panel OSS vs 1Panel Pro (choosing the right fit)

Need	OSS (free, GPLv3)	Pro (commercial, self-hosted)
Personal server / micro-business	✅	—
Agency with 10–20 sites	✅	✅ (support/branding/monitoring)
Critical e-commerce	✅ (with extra hardening)	✅ (WAF/tamper + support)
AI/LLMs with GPU	✅ basics	✅ (GPU monitoring, vendor support)
Compliance & SLAs	⚠️	✅ (features + support & guidance)

---

Pros & caveats

Pros

• Short learning curve and single pane of glass (fewer SSH hops for routine tasks).
• Solid balance of usability and control (logs, firewall, backup, containers).
• WordPress to production fast with auto-SSL.
• Open source (GPLv3) with an optional Pro tier if you need WAF/tamper/monitoring/support.

Caveats

• Not a replacement for an enterprise WAF or SIEM/EDR.
• HA/clustered L4/L7 load balancing and advanced networking still require external infra.
• Security ultimately depends on how you deploy, update, and audit the panel (as with any admin software).

---

FAQs

Does 1Panel run on any Linux distro?
It supports major families (Ubuntu/Debian/CentOS/Alma/Rocky, etc.). Check the docs for supported versions and prerequisites.

Can it manage Docker/Podman and custom networks?
Yes. 1Panel covers container image/volume/network management and streamlined app deployments. For complex orchestration (Kubernetes), 1Panel does not replace a cluster manager.

How does 1Panel help secure WordPress?
With fast SSL, surface reduction (disable XML-RPC if unused), audit logs, and backup/restore. The Pro edition adds WAF and tamper protection. Pair with good practices (updates, vetted plugins, strong passwords/MFA).

Is Pro worth it if I already have a firewall and external backups?
For critical sites or services under SLA, the extra guardrails (WAF, tamper, website monitoring, GPU monitoring) and vendor support can save time and mitigate risk. For small sites, the OSS edition is a strong baseline.

---

Project links

• Repo: github.com/1Panel-dev/1Panel
• License: GPLv3
• Install: quick-start shell script (see above)
• Pro edition: vendor page with WAF/tamper/monitoring/branding and support

Bottom line. 1Panel consolidates what most Linux server admins need—sites, containers, databases, LLMs, backups, and basic hardening—into a coherent, fast, open-source control panel. If your goal is to simplify operations, reduce the “plugin salad,” and standardize deployments without surrendering flexibility, 1Panel is a mature, pragmatic choice that delivers value from day one.