Why we hate Plesk and CPanel
There are a few things that we really don't like, in fact it would be more accurate to say that we hate them:
These two programs have significantly reduced the technical barriers to entry into the web hosting and dedicated servers game. So low in fact that we believe they largely responsible for a lot of bad web hosting experiences inflicted upon the poor website and application developers whose clients end up using them. To be fair, Plesk perhaps doesn't do quite such a bad job as CPanel.
Don't get me wrong, Plesk and CPanel do do a wonderful job at making otherwise complex tasks much much easier. They provide some very useful and easy to use web based interfaces for many of the common server systems administration tasks that are required to operate a web hosting server. For all those people that simply aren't interested in developing systems administration skills but do need to host web facing applications they really are quite useful.
From a systems administration perspective they make a horrible mess and in turn make the systems administrators very unhappy. Why does this matter? Because unhappy sys admins are not particularly helpful when they inevitably need to speak to customers. In more detail, many of the problems that CPanel and Plesk introduce are obscured from the customers, what the customers see is simply poor support from their web hosting or dedicated server company.
Among the evils of these two applications we have the direct and indirect problems that they cause. We'll start with the direct problems.
- Cpanel compiles its own versions of software, the work required to apply patches to all of these custom compiled versions is immense and is usually performed by the operating system vendor (Microsoft, Red Hat etc). One of the results is a particularly poor security track record because the applications simply aren't patched as quickly or as methodically as they could/should be.
- Both store configuration and log files in non standard locations. When you're dealing with very complex operating systems which administrators spend years learning how to use, this means, staring a Linux server upon which plesk/cpanel have been installed their years of experience is not worth nearly as much as it should be. This means problems are harder to find, harder fix, slower and more costly to resolve. Which of course makes diagnostics and support very difficult and outages are longer.
Software versions are either terribly old, or so cutting edge that they breaks things. In the case of CPanel it takes an innovative approach to patch application. Normally, when an application is released, as bugs are found patches are released. Concurrently new versions of the same application are released. When a new version is released at first it wont have any bugs but over time they are found and patches are subsequently released. The cycle goes on. Normally, application vendors continue to release patches for both the new and the old versions of the applications they have released for the supported life (variable in length, but often up to 7 years) of the application. CPanel takes a different approach, rather than applying the patches to the existing versions of the applications, it simply upgrades them to the newest version in which bugs have not yet been found.
Why is this a problem? Take a hosting server which contains potentially hundreds of different websites all built by different website developers. A hosting company can't (and won't) test version upgrades on every site because it's simply not possible. They apply the updates and every time risk (or simply do) breaking many of the websites they hosting due incompatibilities in client code between application versions.
- Plesk relies on everything the client sites rely on to keep the front end running, ie a problem in the client sites can remove your ability to manage/use the Plesk application and interfaces which you would normally use to fix the problems.
There are many more technical gripes that we have and it seems we're not alone. To move on to the indirect problems which are caused by these two programs:
- It enables people who would otherwise not be capable of running a web hosting service to do just that. Why is this a problem? Whilst these people are no doubt quite capable of operating the browser based interfaces to do most of the common tasks, when something goes wrong they've managed to get themselves in a situation without the level of technical ability that is required to get them out of it. The barriers to entry that have been removed are now a real source of problems. To provide a non-technical analogy it would be like putting a learner driver behind the wheel of an F1 car. It still has a steering wheel, an accelerator and a brake pedal like a normal car. They could probably get the car driving around the track. But when it comes to making the car perform that way it was designed or more importantly, getting themselves out of trouble when the car starts to slide off the track they'd find themselves well and truly out of their depth.
- For the unsuspecting customer of a web hosting company that is entirely reliant on cpanel/plesk to provide services, what results is what becomes a fairly standard answer to complex problems.
- Q. My application is slow/broken/not working/doing strange things? A. It must be your application. The real answer way well lie in the configuration of the server which the cpanel/plesk host is unable to perform or understand.
- Recurrent server outages. Why? Updates were applied that broke the server which in turn took far longer than they should have to rectify.
- Custom or complex configurations. They simply often aren't possible because it wasn't factored into the design of cpanel/plesk.
In summary - plesk & cpanel are unarguably functional tools that have their place. If you're a business that wants your site hosted in a shared web hosting environment, a host that doesn't operate on plesk/cpanel should be able to serve you better. If you're a business that needs a dedicated server but doesn't have a large number of domains or require frequent changes, a dedicated server without plesk/cpanel but supported by a qualified hosting provider will look after you a lot better. If you want to run your own hosting service but you're not a systems administrator then by all means go down the plesk/cpanel road but best do it with your eyes open for what you're getting yourself into.
As an appendix, I'm well aware of the general level of dislike for plesk and cpanel at Anchor simply by being witness to the day to day conversation and hair pulling by our systems administrators when they have to work with it. When I started this article I posed the question on our internal jabber chat to make sure I hadn't missed anything, as you can see by the response and the time stamps it didn't take very long to get a few reasons:
A list of reasons to hate plesk/cpanel is a very personal thing. Each admin builds their own as they experience the love. paul: 4:14: cpanel compiles its own versions of software, poor track record for security oliver: 4:15: no configuration management paul: 4:15: loves to auto update things. their releases sometimes break servers egalanos: 4:15: given software versions are often old, stores config/logs in hard to find places oliver: 4:15: software versions are either terribly old, or so cutting edge it breaks things egalanos: 4:15: Makes diagnostics/support very difficult paul: 4:15: the people who use it typically make me want to stab them in the eye. egalanos: 4:15: They make no commitment to match the support provided by the OS vendor barney: 4:16: stuff' much harder" is a great irony of it all... keiran: 4:16: to prevent the server from being hacked you need to keep it up to date, keeping it up to date means the machine is going to go through major version upgrades which is likely to result in broken webpages oliver: 4:16: after stabbing them in the eye fails, you feel like stabbing yourself in the eye matt: 4:16: High level of obscurity with regards to configuration options, much more difficult to troubleshoot simple problems paul: 4:16: incoherent / dumb gui interfaces to do things egalanos: 4:17: Custom configuration can often be impossible as control panel overrides what you have done oliver: 4:17: many specialised configurations are not possible with plesk/cpanel, however often if you do it manually through ssh, cpanel/plesk will clobber the work you did anyway paul: 4:17: or you clobber cpanel/plesk matt: 4:17: Generally half our customers that use it tend to ask us to do shit for them anyway, defeating the purpose of it in the first place keiran: 4:20: cpanel does have it's place though. If you are one man band trying to run a hosting company out of a box without a clue of system administration, then it can fill that void. matt: 4:21: not REALLY a reason.. but cpanel's ordering system requires a ridiculous mouse drawn signature., which while it did give me a chance to be creative is generally a pita matt: 4:24: yeah plesk on Windows is even dumber, their implementation of bind on windows for example.. paul: 4:24: 2 versions of mysql, v4 for plesk db, v5 for clients.. win egalanos: 4:32: It takes the most surprises route. It totally ignores all the conventions of the host operating system and does it's own thing.