Every hosting module, in depth.
PanelConfig ships the full module set hosting customers expect and the operational layer providers need — security, billing, automation, and an installer that protects existing data.
Web server and websites
Serve production sites the way operators expect.
Virtual hosts per domain
Each domain gets its own document root under the hosting account home.
Per-site PHP versions
Pin PHP 8.1–8.4 per website without touching other sites on the box.
Web server choice
Nginx by default with Apache supported for .htaccess-dependent apps.
Access and error logs
Per-site logs surfaced in PCUser with safe, read-only viewing.
Domains and DNS
Domain lifecycle from add to resolve.
Addon domains and subdomains
Validated creation with automatic document roots and provisioning jobs.
Redirects
301/302/307/308 redirects with full-URL targets and ownership checks.
DNS zone editing
A, AAAA, CNAME, MX, TXT, and SRV records per zone.
SSL status per domain
Each domain shows its certificate state at a glance.
Email hosting
Customer mailboxes without a second control panel.
Mailboxes with quotas
Per-account mailboxes with size limits and status control.
Aliases and forwarders
Route addresses without creating full mailboxes.
Deliverability records
SPF, DKIM, and DMARC guidance per domain in the DNS editor.
Email usage visibility
Mailbox storage counted in account usage snapshots.
Databases
MySQL and MariaDB, scoped to the account.
Databases and users
Create databases and grant users from PCUser or PCCLI.
Per-account isolation
Customers only ever see their own databases.
Size tracking
Database bytes feed into account usage snapshots.
Backup coverage
Databases ride along in scheduled and on-demand backups.
PHP and runtime
Modern PHP without breaking older apps.
PHP 8.1 through 8.4
Current supported PHP lines available side by side.
Per-site selection
Switch a single website without a server-wide change.
Setting overrides
Memory limit, upload size, and execution time per site.
Safe service reloads
Runtime changes apply through allowlisted jobs, never raw shell calls from the web.
Security, WAF, and firewall
A security center, not a settings page.
Firewall rules
Inbound/outbound rules with protocol, port, and source validation.
WAF rules
Named, keyed rules with block, challenge, or log-only actions.
IP blocking
Manual and expiring blocks with one-click release.
Malware scans and login history
Queued scans with results, plus every login attempt recorded.
Backups
Recovery you can actually rehearse.
Scheduled backups
Full, files-only, or database-only on cron schedules.
On-demand runs
Trigger a backup before risky changes from the panel or pc backups:run.
Restore records
Every restore is a tracked, audited operation.
Off-box friendly
Backup artifacts organized for rsync to external storage.
API and CLI
Two automation surfaces, one audit trail.
Scoped bearer tokens
SHA-256 hashed tokens with per-scope permissions and expiry.
Rate-limited endpoints
Per-token windows with predictable 429 responses.
PCCLI
One pc command for accounts, SSL, backups, jobs, and health.
Job queue
Panel and CLI writes queue auditable jobs a worker drains.
Billing and resellers
The business layer most panels outsource.
Plans and subscriptions
Monthly and yearly cycles tied to hosting packages.
Invoices and payments
Generated, recorded, and visible to the customer in PCUser.
Reseller roles
Scoped administration with package and limit controls.
License records
Installation and license state tracked in PCAdmin.
Installer and updates
From bare server to locked installation.
One-command install
A single bash command on fresh Ubuntu LTS or Debian.
Requirement checks first
The installer verifies PHP, extensions, and storage before changing anything.
Installation lock
A dual-signal lock refuses accidental reinstalls over live data.
Release audits
Each build can be audited from PCAdmin or pc release:audit.
Where each capability lives.
Panel, terminal, and API access for the full module set.
| Capability | PCAdmin | PCUser | PCCLI | API |
|---|---|---|---|---|
| Users, roles, and resellers | — | |||
| Hosting accounts and packages | — | |||
| Domains, subdomains, redirects | ||||
| DNS zones and records | ||||
| Websites and PHP versions | ||||
| File manager and FTP accounts | — | — | ||
| MySQL databases and users | ||||
| Email accounts, aliases, forwarders | ||||
| SSL orders, certificates, renewals | ||||
| Backups, schedules, restores | ||||
| Cron jobs | ||||
| Firewall, WAF, IP blocking | — | — | ||
| Malware scan records | — | — | ||
| Resource usage and metrics | ||||
| Audit logs and login history | ||||
| Plans, subscriptions, invoices | — | — | ||
| Branding and notifications | — | — | — | |
| API tokens and scopes | — |
One workflow from action to audit.
Panel and CLI actions write the same records, queue the same jobs, and land in the same append-only audit log — so an SSL request from a customer, a suspension from PCAdmin, and a scripted backup all leave the same trail.
See it on your own server.
The full module set installs with one command on a fresh Ubuntu LTS or Debian server.
bash <(curl -sSL https://install.panelconfig.com/latest.sh)