# FreeBSD vs other for web hosting



## question (Apr 13, 2020)

The owner of my data center said that FreeBSD has fallen behind other operating systems and is no longer the best for serving websites.  Is there any truth to that?  Which is the best nix for commercial web hosting?

My first priority would be security.  Then longevity.  Then ease of use.

I kind of like that most of the techs at the data center don't know how to use FreeBSD.


----------



## lostpacket (Apr 13, 2020)

FreeBSD is rock solid as a hosting platform, we use it extensively. 

Cpanel seems to be popular in the hosting world, don't need an IQ to use it.


----------



## question (Apr 13, 2020)

Cpanel charges a fee per domain, no thanks.


----------



## ralphbsz (Apr 13, 2020)

Why do you even need a computer for hosting? Instead of paying rent for a computer in a data center to run FreeBSD, Linux, OpenBSD, Windows, ... on, why don't you use that money to outsource the hosting itself, and leave the selection of OS and software stack to the hosting company?

If that's not an option ... the answer to your original question is: There is no best. It depends on your requirements. But given that FreeBSD is very similar to Linux in terms of the ability to meet the requirements of a xAMP stack, and Linux is roughly 100 times more commonly used as FreeBSD as a web server host (see the Netcraft surveys), there is a simple argument that can be made: it's easier to find trained and experienced staff when using Linux.


----------



## ShelLuser (Apr 13, 2020)

Then I guess that owner of said datacenter doesn't really know what they're talking about which also kinda makes me doubt the legitimacy of this story. I mean... how does one determine "best" within the context of website hosting anyway? Even a C64 can still be setup to serve webpages (I'm actually not kidding here).

Security isn't a product, it's an ongoing process. I can make FreeBSD as (un)safe as I can do to a Windows Server so "security" isn't strictly a valid concern. Also considering that we're talking website hosting so the webserver is the direct connection to the users which, on a Unix-based environment anyway, always boils down to Apache. So how safe is Apache?

Longevity? Who can predict the future?   But FreeBSD has come a long way.

Ease of use is also too vague of a requirement. Fact is that setting up a website on FreeBSD can take more time than doing the same on IIS; editing vs. clicking for example. But just as true is the issue that because you can customize and automate pretty much everything in FreeBSD that ease of use can easily be raised a few notches, if you know how things work of course.

What's easy for me can be a nightmare for you...  so how to qualify "easy"?

I use a hosting setup in which a Windows 2019 server is primary and it's backed up by a FreeBSD 12.1 server powered by Apache & mod Mono (to cater to ASP.NET requirements) and seriously... you'll hardly notice any differences between them on the outside. 

Bottom line... if you want to use FreeBSD and you can use FreeBSD why bother with what other people might think? It's not about us, but about you.


----------



## rootbert (Apr 13, 2020)

unfortunately I have experienced the same ... two of my favourite datacenters don't offer FreeBSD images for their VMs and also no FreeBSD Installation for their hardware server any more. The only option is having a phone call with the engineer in the datacenter and install FreeBSD with him or her, but of course you have to pay the time, which is quite expensive.


----------



## question (Apr 13, 2020)

Man, the quality of replies on this forum has gone down.  Ask a question get a bunch of other stuff about C64.  Yes I know all about C64s and that era of computers I was programming them back then, but that's not what I wanted to know and I already knew that.

Is there some specific reason that more people use Linux?  My FreeBSD server has been up for something like 1300 days and still going.  I use Linux for my desktop but I wouldn't say it's as reliable as FreeBSD.  I like that most of the people at the data center can't use FreeBSD very well...  security in obscurity.  But man I'm getting tired of wasting my time with offtopic replies.  I'm a professional I don't come on here for idle chat.  I just want the answer.  If you don't have the answer then why waste your time?  Do they give rewards for extra characters typed?  I see that my control panel recommends cloudlinux but I don't know exactly why, that's what I'm looking for.  Exactly why, not to know about C64's.  I have at least 1 C64 and software and magazines and cartridges etc.  in my attic alone with a whole lot of early PC stuff, apple, atari, ti, and more.  But that doesn't help me get the answer to my question.


----------



## Hakaba (Apr 13, 2020)

rootbert said:


> The only option is having a phone call with the engineer in the datacenter and install FreeBSD with him or her, but of course you have to pay the time, which is quite expensive.


I know 10 years ago I install OpenBSD on a server that running linux (with a linux boot option for the rescue, as the peovider only support linux).
After few year, I migrate to FreeBSD with the same technics.
As I remember, I adapt a script named «depinguinator».

For the main question, I can list all the thing I have learn in «linux» (starting with YellowDog, a PowerPC distro) that stopped to be true or that is not same in other distro (apt vs yum vs...).
That a good reason to chose FreeBSD. I learn how jails works one time. Even if I try tools to manage jails (ezjail, iocage, bastille...) I understood what this tools makes.
All change are smooth as possible and with argumentation. In Linux world, modernity is ofen the main reason to change (eg. Wayland or SystemD).


----------



## wolffnx (Apr 13, 2020)

So..let analise this...."Question"



```
The owner of my data center said that FreeBSD has fallen behind other operating systems and is no longer the best for serving websites. Is there any truth to that? Which is the best nix for commercial web hosting?

My first priority would be security. Then longevity. Then ease of use.
```

Ok, you want something good but easy to use.
do you research in FreeBSD mail list?
or google for example?


```
Man, the quality of replies on this forum has gone down. Ask a question get a bunch of other stuff about C64
```

just look, only 20 messages and know this forums along decades..


```
But man I'm getting tired of wasting my time with offtopic replies. I'm a professional I don't come on here for idle chat. I just want the answer. If you don't have the answer then why waste your time?
```

If you are a professional,why do not own your datacenter?

and the term "easy to use"
sounds like "I'dont want lo learn anything,just gime the solution!"

your need money  but for web hosting any basement do the job..
and that tone of speaking...mmm...dont sounds too good for asking a question
First Iearn some respect and the ask
my 2 cents


----------



## saeedpersa (Apr 13, 2020)

I Used FreeBSD as a Web Hosting service and its good


----------



## jailed (Apr 13, 2020)

Hello,

I have a datacenter and running web hosting business for more than 2 decades. We have Linux, FreeBSD and Windows in our servers. My comparison of these two operating systems for hosting purposes are below.

Linux:
- Dominant virtualization platforms change over time. We were first using openvz, then moved to XEN, and finally moved to KVM.
- Driver support for HP, IBM and DELL branded rack servers are very good.

FreeBSD:
- I like jail virtualization system very much. You can guess that from my nickname  It's very easy to manage. Performance and stability is way better when I compare it with all three of openvz, XEN and KVM. But this is just my experience. Others may have different thoughts. Also the jail system is same for years. You don't need to learn new stuff.
- Driver support for major brands is not enough from my experiences. New FreeBSD versions are better of course. But sometimes we have to move from FreeBSD to Linux just for lack of driver compatibility on some models.

I think key points for Linux and FreeBSD in web hosting industry is driver support and virtualization methods. Both of them have their own advantages and disadvantages. But besides of these 2 factors, I think they are all okay for web hosting. Because nowadays, most of the hosting software work on both platforms.

We almost stopped selling FreeBSD servers because of Metin 2 players. We had to increase our FreeBSD server prices to get rid of them. The players of this game are renting servers for gaming and DDoS'ing each other. We were getting DDoS attacks everyday while we were selling FreeBSD. So we firstly increased the prices. We sell Linux servers without any restriction. But when someone order a FreeBSD server, our sales team is calling them by phone, trying to be sure about their usage purposes and even ask for corporate documents. This decisions made our network way stable. 3-4 years ago while we were selling FreeBSD without any restriction, we were getting DDoS attacks almost every day. Today, we have only 1-2 attacks in whole year. We started selling FreeBSD to only professsionals. When someone just calls us and if their first sentences is "Do you have FreeBSD servers?", we are trying to be very sure that he/she never played any game in lifetime  This is our case.

With my best regards.


----------



## rootbert (Apr 13, 2020)

I just wonder why they don't use Linux or whatever to DDOS the other party ... the OS simply does not matter. Sad to hear that kind of misuse forced you to implement a restrictive way concerning the offer to host FreeBSD for your customers.


----------



## drhowarddrfine (Apr 13, 2020)

question said:


> Is there some specific reason that more people use Linux?


Read about the history of FreeBSD for the historical answer to this question. It's well known.

Instead of looking at the use of script kiddie popularity in the gaming community and reddit, look at the actual usage by companies that matter. They chose FreeBSD for technical reasons, not popularity of high school kids. Most of the internet runs through a FreeBSD controlled system via Juniper networks and Netflix. Ignore anyone who poohs that fact.

In addition, over the last 10 years, I see more hosting companies offering FreeBSD--not less. Digital Ocean, Vultr, (I just woke up so I can't think of the other known names you know), all announced the availability of FreeBSD on their networks and systems. None of them would do that if their wasn't a demand.

You might be interested in this.


----------



## wolffnx (Apr 13, 2020)

drhowarddrfine said:


> You might be interested in this.



If you dont use FreeBSD after read that you need a exorcism


----------



## jailed (Apr 13, 2020)

rootbert said:


> I just wonder why they don't use Linux or whatever to DDOS the other party ... the OS simply does not matter. Sad to hear that kind of misuse forced you to implement a restrictive way concerning the offer to host FreeBSD for your customers.



Hello,

Forgive me, if I was not clear enough. I didn't mean they are using FreeBSD to DDoS others. FreeBSD customers were attack targets. And this is not about the operating system itself, but it's users (gamer kids).

Metin 2 is a very popular game of the kids in my country. I'm not sure about it's global popularity. The popularity of this game increased the attention to rent FreeBSD servers for several years. This sticky thread on FreeBSD forums may show that. Once we were selling both FreeBSD virtual and dedicated servers. At the very beginning we were unaware of this illegal leaked game. There was so many attention to our FreeBSD servers. Most of the customers was not having enough technical information and they were always opening support tickets for installing old versions of FreeBSD or MySQL server with some libraries. We were surprised for this behaviour of using old software, and asked them for their purposes. Then we learned that they are renting the servers for Metin 2 game hosting. After some time we see that all of these FreeBSD customers were getting heavy DDoS attacks from outside networks. This game server users are competing with other game server owners and because of this competition they are attacking each others servers. They are just script kiddies and trying to destroy each other. Every new day was hell for us. When we saw that abusive usage, we first changed our ToS. We've started to terminate servers of DDoS targets. At the very first, everyone can order a FreeBSD server from our website and it was being installed automatically without our action. After the attacks, we disabled automatic installations for FreeBSD products, and started to call each customer to confirm that they won't be using the server for game hosting. We started to cancel orders of gamers. But after a while, new customers started to lie about their purposes. They started to say that they will just host a website for their business. But after starting to use servers we see that they are hosting Metin 2 illegal server and soon after they get DDoS attacks. To fight against this problem we increased FreeBSD prices very high, so that kids won't afford that.


----------



## rootbert (Apr 13, 2020)

wow, thanks for clarification. what a crazy world we live in ...


----------



## question (Mar 23, 2022)

I found this post doing another search for the same thing.  A good commercial hosting control panel for FreeBSD.  I just like how FreeBSD feels.  It feels more solid.  I recently ran GhostBSD on my desktop from a live DVD and it ran great, soooo solid.  I have been running 18.04 LTS Gnome Ubuntu on my desktop for many years now but then I went to upgrade and then the 20x LTS Ubuntu wouldn't install on the same hardware.  As an experienced computer person of many decades I can just tell when an OS is better and I can tell Linux is pretty good but it's just not really tight and seems like it has a few screws loose in there.

Having read all the off-comment replies, I still don't know why they pick FreeBSD for the DDos game instead of another operating system.  Does the game only run on FreeBSD?  Why not pick a Linux flavor to do the DDos?

So, I'm going to take, from my own Google searches and from the lack of a clear reply in this posting, that there is no off the shelve commercial and enterprise ready hosting control panel (cPanel alternative) for FreeBSD?

I've been running DirectAdmin but got shut out recently.  Totally locked out of my own server control panel.  Because they stopped supporting FreeBSD at all.  DirectAdmin locked out a lot of people from their servers who didn't do a software update in time.

So I'll ask again...

_Is there an off the shelve commercial and enterprise ready hosting control panel (cPanel alternative) for FreeBSD?_

I love to tinker but if I run a business I just want it to work.


----------



## question (Mar 23, 2022)

saeedpersa said:


> I Used FreeBSD as a Web Hosting service and its good



What hosting control panel/billing do you use?


----------



## question (Mar 23, 2022)

drhowarddrfine said:


> Read about the history of FreeBSD for the historical answer to this question. It's well known.
> 
> Instead of looking at the use of script kiddie popularity in the gaming community and reddit, look at the actual usage by companies that matter. They chose FreeBSD for technical reasons, not popularity of high school kids. Most of the internet runs through a FreeBSD controlled system via Juniper networks and Netflix. Ignore anyone who poohs that fact.
> 
> ...



I'm talking about shared hosting.  Shared hosting companies don't offer an OS.  They offer a shared hosting account and the customer usually doesn't know or care which OS it runs on, just so it runs Wordpress or whatever they need for their website.  I can't find cPanel alternative that is enterprise level for FreeBSD.  There used to be DirectAdmin but they have turned evil.


----------



## drhowarddrfine (Mar 24, 2022)

question said:


> I can't find cPanel alternative that is enterprise level for FreeBSD.


That wasn't your original question (from two years ago). You should start a new thread.


----------



## CyberCr33p (Mar 25, 2022)

I run one of the biggest webhosts in my country offering shared hosting and managed dedicated servers using FreeBSD but I wrote a custom control panel.


----------



## question (Jun 22, 2022)

CyberCr33p said:


> I run one of the biggest webhosts in my country offering shared hosting and managed dedicated servers using FreeBSD but I wrote a custom control panel.



This is what I'm thinking of...  did you personally write it?  How many developers and ballpark cost and time to do it?  Is FreeBSD as secure and CloudLinux for shared web hosting?  I was told by a contact who is a CloudLinux contributor that on normal Linux and perhapds FreeBSD that a malicious user can "pivot" from one user account to the others and maybe to the system directories and that CloudLinux solves this in some way... I'm too busy to get into the details...

So now I'm thinking of writing a simple FreeBSD panel for selling and single domain hosting shared web hosting services...  There is an open source one but there is no support and I'm not sure if all the features work 100%...

I just want the minimum required:

simple paypal billing
account creation
web mail
install SSL certs
stats
works with installatron
email accounts
spamcontrol (not sure what is the best option now, my current server uses spamassasin)
imunify or something free for malware
DNS
log files
reset services
file manager/editor
domain name change
show all users/suspend/reallow
change password
email forwarder
www forwarding
(all setup for the user level and the admin level where appropriate)

everything else like firewall and installation and upgrades can be done and should be from the terminal window

What other features do I need for single domain shared web hosting?  I looked over the features provided by a popular commercial control panel.  I'm not trying to let users do everything like cpanel does, that's above most people who use shared hosting anyway...  if they are doing that they should get a more powerful hosting account or a VPS or dedicated server.

But the question is can FreeBSD be as secure as CloudLinux?

Any tips for a good FreeBSD development company that won't disappear and writes documentation?


----------



## CyberCr33p (Jun 22, 2022)

Yes I personally wrote 95% of it, and 5% with help from a web developer. As the development was a continuous progress for more than 15+ years I have no idea how much time it took me.

"pivot" from one user account to the others is not true if you have the right permissions on home directories. For example I have:


```
drwx------+   8 creta     creta      14 Jun 21 23:45 user1
drwx------+   6 cretadev  cretadev   10 May 19 03:40 user2
```

The + at the end is for giving access to Nginx with command:
`setfacl -m u:www:x:allow /home/www/${username}`

So each user can not access other user files.

Also to run different version of PHP I use FreeBSD jails.


----------



## drhowarddrfine (Jun 22, 2022)

question said:


> I was told by a contact who is a CloudLinux contributor that on normal Linux and perhapds FreeBSD that a malicious user can "pivot" from one user account to the others and maybe to the system directories and that CloudLinux solves this in some way





question said:


> But the question is can FreeBSD be as secure as CloudLinux?



CloudLinux cannot be trusted and is far less secure because that contributor fed you a line of BS. One should never use any product that uses lies as sales techniques.


----------



## hardworkingnewbie (Jun 22, 2022)

question said:


> This is what I'm thinking of...  did you personally write it?  How many developers and ballpark cost and time to do it?  Is FreeBSD as secure and CloudLinux for shared web hosting?  I was told by a contact who is a CloudLinux contributor that on normal Linux and perhapds FreeBSD that a malicious user can "pivot" from one user account to the others and maybe to the system directories and that CloudLinux solves this in some way... I'm too busy to get into the details...
> 
> So now I'm thinking of writing a simple FreeBSD panel for selling and single domain hosting shared web hosting services...  There is an open source one but there is no support and I'm not sure if all the features work 100%...
> 
> ...


This is not simple, but the whole package. And probably way too ambitious for just one person. 

And there are also projects for this purpose around, like this: 



			Sentora - The open-source web hosting control panel.


----------



## SKull (Jun 23, 2022)

question said:


> My first priority would be security. Then longevity. Then ease of use.


So... FreeBSD?

Security - jails - check
Longevity - use RELEASE and don't upgrade just for the sake of it - check 
Ease of use - Unless you consider dealing with systemd and whatever firewall your chosen Linux distro uses to be 'ease of use.
The owner of said datacenter probably assumes:
 "number of people using it" == "is good"


----------



## question (Jul 22, 2022)

So I was advised by a major CTO of a top 5 web hosting company that CloudLinux is the way to go, I assume due to the CageFS... because in regular Linux he said he could pivot into other user directories...  I don't really know the entire list of CloudLinux Pro's security features but I know it does some "light virtualization"  and limits how much RAM and CPU and such that a user can use.

Let's say I create my own FreeBSD version of cPanel (web hosting control panel, ) are FreeBSD's jails as secure and applicable for shared web hosting as CloudLinux Pro's security measures?  Or are they even better?

Does FreeBSD use ZFS by default now?  I heard it's slower than other file systems but more stable/reliable less prone to write errors.

I don't really need all the fancy features of cPanel and really don't like all the options and configuration possibilities, this just creates more work for a web hosting company or system admin.  I'd rather just create more of a web hosting appliance that just does most things perfectly and easily than something trying to please everyone with tons and tons of features.  

I've found that nobody knows all of DirectAdmin (cPanel's 2nd best alternative) except for DirectAdmin's own chief programmer.  Even their tech support is faking their tech support requests and don't really know much

I've used DirectAdmin for 18 years now but the new version combined with CloudLinux is just too much with too loose of integration between DirectAdmin and CloudLinux, way too many moving parts and options.  I haven't looked for experts in cPanel but there are more people using it, but I doubt they really know what they are doing.  

I've found that over the past 18 years the number of USA based system admins has dwindled down to almost zero and virtually all hosting companies now use overseas indian or eastern european or south american system admins to run their hosting companies and I've found that these companies aren't really senior level system admins.  The world is in a weird place right now regarding tech.

So tell me about FreeBSD vs CloudLinux Pro in relation to user security in a shared web hosting environment, if you know... 

I love it when people know more than me.


----------



## question (Jul 22, 2022)

CyberCr33p said:


> Yes I personally wrote 95% of it, and 5% with help from a web developer. As the development was a continuous progress for more than 15+ years I have no idea how much time it took me.
> 
> "pivot" from one user account to the others is not true if you have the right permissions on home directories. For example I have:
> 
> ...



I don't know the specifics since I am more of a user than a hacker...

from 









						CloudLinux OS Shared components
					

Reseller limits LVE-Stats 2 CageFS MySQL Governor PHP Selector Python Selector Ruby Selector Node.js Selector Apache mod_lsapi PRO Additional integration components Apache suexec module




					docs.cloudlinux.com
				







> The benefits of CageFS are:
> 
> 
> Only safe binaries are available to user
> ...



The person who told me to use CloudLinux is a CTO from a top 5 web hosting company, so I trust him since he's in charge of tech for a company worth hundreds of millions of dollars.

How does using jails help with different versions of PHP?


From online










						CloudLinux vs BetterLinux vs Jailshell?
					

Hi all :)   I've found the comparison of CloudLinux & BetterLinux (default settings) at Rack911's blog an interesting read.  https://blog.rack911.com/hosting-control-panels/cloudlinux-vs-betterlinux-security-default-settings/  While the intent seems to be to quickly compare the two out of...




					forums.cpanel.net
				







> Jul 5, 2013
> 
> #1
> Hi all
> ...





> Let me explain the differences, and what drew us to do it in a particular way.
> 1. VirtFS & Web -- Unlike CageFS, VirtFS will not work for cgi/php unless you are using mod_ruid2. mod_ruid2 (IMHO) is a problem in itself, as bug in something like imagemagick extension would allow hacker to gain root on a server -- given mod_ruid2.
> Anyway -- web is unprotected by VirtFS. And you can do everything through CGI, that you can do through cron/ssh
> 2. VirtFS is a chroot. It is possible to break out of chroot.
> 3. SUID is a problem. It doens't matter much which one, as quite often it is not the bug in SUID itself that is being exploited, but a bug in one of the libraries that it uses. Like glibc library Two glibc vulnerabilities [LWN.net]. It all usually circles around using LD_PRELOAD and suid binary. It is quite easy/classic way to exploit bugs to escalate priveledges. Once SUID programs removed - same bugs are no longer dangerous.









Can FreeBSD do this?  Cloudlinux includes a type of user resource throttling.  Not sure how this actually works in real life, however.  Toward the end of life of my last FreeBSD server mysql was maxing out the CPU from user accounts that were probably hacked or insecure or being hit by DOS to try to crash the server or wear out the hard drives.



> CloudLinux is a linux based operating system designed to give shared hosting providers a more stable and secure OS. Essentially a set of kernel modifications to the Linux distribution, CloudLinux implements features to enable system administrators to take fine-grained control of their server’s resource usage. By isolating users, CloudLinux helps ensure that problems with one account don’t degrade the service for others.
> 
> 
> 
> ...


----------



## question (Jul 22, 2022)

drhowarddrfine said:


> CloudLinux cannot be trusted and is far less secure because that contributor fed you a line of BS. One should never use any product that uses lies as sales techniques.



What do you mean about lies?  Can you be specific about that?  I'm just trying to get info.  I prefer FreeBSD because after 30 years using computers I can feel a system, just by feel, FreeBSD is the best OS, but not sure about the features that apply to shared web hosting.


----------



## question (Jul 22, 2022)

hardworkingnewbie said:


> This is not simple, but the whole package. And probably way too ambitious for just one person.
> 
> And there are also projects for this purpose around, like this:
> 
> ...



There are a few of these, but they aren't as good as cPanel or DirectAdmin and not ready for prime-time.  I've used DirectAdmin for 18 years now and the new version just has too many options for me that I'd just prefer be not optional and the integration performance and reliability with CloudLinux Pro LVM is unknown to me.
DirectAdmin 18 years ago was really good because it didn't include the firewall and brute force and virtualization throttling and so many more options...  I'm unable to find a single system admin who actually knows everything about DirectAdmin, only John at DirectAdmin knows about DirectAdmin and this includes their own outsourced tech support who seem to be just faking some tech support answers.  If I want a firewall I'd rather just manually configure it rather than use a web GUI, same with brute force monitor, anti-malware/virus, backups,  I don't want a million versions of PHP and 5 webserver options, and 3-4 database options... I just want the most basic and most reliable LAMP to host mom and pop Worpdress sites with Installatron and now DirectAdmin doesn't support FreeBSD so I have to move to CloudLinux Pro, which is OK since I use a linux flavor as my prefered desktop, but the integration between DirectAdmin and CloudLinux Pro LVM and throttling isn't seamless from what I've seen...  as I've said I'm unable to find USA based system admins and even the overseas system admins are not what I'd call senior level... there has been a huge drop in the knowledge pool over the last 15 years across the board in IT, I think it's just about people retiring and a new generation coming in and more and more system admin is being outsourced remotely... I've hosted with a minor but pretty good data  center that doesn't seem to have a really hot shot system administrator and just moved to a bigger data center and they outsource all of their complicated managed services and complex system admin to india...  so I think that the American system admin is a dying breed.  I remember when a good domestic system admin could make $120/hour, not sure if that's a thing anymore.


----------



## Crivens (Jul 22, 2022)

Sales show is over.


----------

