today i was helping my friend install a script called miniboard. well we needed to create a mysql database. i told her to go log into her control panel and create one...i figured phpmyadmin would be located there. well she told me she didnt know where her control panel was. so i told her to ask her host. well she did and this is what he said...i will give you the just of the reply...


------------------------

we do not offer control panels. any email additions or domain additions can be done by emailing *************. control panels are insecure. we also do script installs. im not sure why you would need a control panel to install a guestbook though what exactly are you trying to do? phpMyadmin is a very insecure this is one of the reasons we do not offer a control panel, they are way too insecure if we do everything ourselves via support for you it makes things much more secure and keeps things much more stable do you need a database setup you will find our support is second to none

-------------------------

i find it highly wierd for a host to have no control panel...is there any truth to his claim?

Wow, what crappy host is this?

Well. Alot of people don't need a control panel (Like Cpanel and Ensim)... But they do need something like qmailadmin and phpmyadmin.

Some people aren't intrested in having a control panel (Probley not any members of this forum though.) They simply don't want it. They are experianced users, and aslong as they can manage their email accounts and have access to phpmyadmin. They are happy.

Just because a host doesn't have a control panel doesn't mean they are *crappy*.

But they did make the insecure claim, which I'm not sure he has too much to back that up. Although it could create holes and/or open doors.

That does seem strange. :eek:

A few years ago not having a control panel was a bit more common but nowadays virtually everyone has them...

Originally posted by Keta
i find it highly wierd for a host to have no control panel...is there any truth to his claim? This statement is true for buggie or insecure control panel. But looks like that product like Plesk, Ensim, H-Sphere, CPanel and other popular control panel are well built and help make things easier. I've been using plesk and it is quite secure, and I'm sure that other companies have prepared some sort of security in mind as well. Otherwise, they will be out of business.

I would imagine if your friend's host have 1000 clients and 439 of them are asking 1 question in a day to install this script or that script, they will be quite busy. :)

Originally posted by phpjames
Wow, what crappy host is this?

well my host is nirmani.net. they are fast reliable and has the best support i seen in YEARS i am trying to get her to switch over...but she is going to stick it out with isprime.com.

isprime.com is using Russian song in the background. Even you can here russian speach. Hehe.
The band called PPK, track - Resurrection.
http://english.ppk.ru/

Listen here

http://www.mp3.com.au/PlayASX.ASP?id=13593&Stream=96&File=Test.asx

Wow, what crappy host is this? There are many, many, many webhosts that provide very good service and don't offer a control panel. Just one way in which the small sample of hosts that populate this forum isn't typical of the whole world of hosting.

Certainly, though, the percentage of hosts that don't offer control panels is decreasing. Keep in mind that the existence of readily available products like CPanel, Plesk, etc. is a relatively recent development. The rapid growth of small hosting companies like those operated by most of the web host members here coincided with the availability of those products. A lot of older, well-established hosting companies that existed before that have not seen the need to change their operations to the extent of installing control panels.

In short, not offering a control panel isn't automatically a sign of a "crappy host." I'd go as far as guessing that there are more crappy hosts that do use control panels than there are that do not.

I think phpMyAdmin has had a lot of issues security-wise with each of their versions they've released (I might be thinking of something else though). If a host allows you to log into a shell and run the commands yourself, or sets it up for you in a good time frame, I don't see the need for phpMyAdmin. In fact, I've never been a big fan of it. I can see that comment about it being insecure, if in fact I am correct in recalling. However, to say all control panel's are insecure, I just don't know. However, I can see the argument that every extra interface (especially one that allows high level access) and any additional program you provide, technically is adding more risk.. just like adding services, etc. But, I don't think it's impossible to have a secure control panel either.

In fact, it can make it more secure, in some ways -- simply by better controlling what can be passed and by doing checks and whatnot. There's no reason to assume a host is poor for not offering a control panel though. In fact, if I ran my own host, I would probably create some simple and effective interfaces for things like MySQL DB's, Sub domains, password changing, POP email accounts.. and, I'm not sure what else. And just show the basic stuff like disk usage and bandwidth usage. I don't see a need for much else, personally -- and I can see why they'd be confused to think you need a control panel to set up a script (CGI or PHP), when technically you just upload it and maybe set permissions and change the variables to be correct. I'd have worded that email reply differently though.

"think phpMyAdmin has had a lot of issues security-wise with each of their versions they've released (I might be thinking of something else though). If a host allows you to log into a shell and run the commands yourself, or sets it up for you in a good time frame, I don't see the need for phpMyAdmin."

I'd rather give the client phpMyAdmin access than shell access. :)

Just my 2 cents.

Originally posted by jayjay
"think phpMyAdmin has had a lot of issues security-wise with each of their versions they've released (I might be thinking of something else though). If a host allows you to log into a shell and run the commands yourself, or sets it up for you in a good time frame, I don't see the need for phpMyAdmin."

I'd rather give the client phpMyAdmin access than shell access. :)

Just my 2 cents.

Well, I know some control panels do have some security issues, and I know that free one's like Webmin has had quite a few too. If phpMyAdmin is prone to security issues, it should be solid on the next release, or I'd not try and use something that continually has security issues. Shell or not, you can configure a server to be secure or not. Granted, any additional access poses another risk. Granted also, that any CGI or PHP or other type of interface can usually provide users with the same access they would have in shell anyway. You can do things via shell to make it more secure, than you can via CGI or PHP. However, you can limit what people can do in CGI or PHP, as well as shell too. I'm not prepared to get into a detailed discussion about the aspects I mean, but I do agree that it can open another risk.

I think that it would then be best to use something secure (which say phpMyAdmin perhaps isn't), and not go for a full control panel either, if you don't wish to, but still provide some interface specifically, and simply, to accomplish any tasks an end-user would need. After all, assuming phpMyAdmin is insecure and has been, you're talking a high potential. With shell, it's up to you to control what they can do and make it more secure and not at least have that definite issue/potential. Granted, that's a lot more work to do too, but I'd not settle for the other just because of that. So, I think that this just goes to support my comment about providing an interface for things, especially to remove the need for shell access for a lot of things, that you can better control what and how user's can pass values and commands -- and make it more secure that way (which can be seen as a control panel-ish feature/interface). Really, the comparison between a shell wrapper to control and check, or an interface/panel to do the same thing -- either way, shell or panel, that must be done for whatever one you offer. So, it's not a bad idea, is all, but it just really depends too.

Hmm, checked out their (isprime) site and I found this is the left portion of the mid-content section:

CUSTOMER LOGIN-
ENTER YOUR USER NAME AND PASSWORD IN THE FIELDS BELOW TO ACCESS YOUR PERSONAL WEB HOSTING CONTROL PANEL.

Any idea what panel this is they're using or is it a proprietary account details type interface?

Originally posted by rey
This statement is true for buggie or insecure control panel. But looks like that product like Plesk, Ensim, H-Sphere, CPanel and other popular control panel are well built and help make things easier. I've been using plesk and it is quite secure, and I'm sure that other companies have prepared some sort of security in mind as well. Otherwise, they will be out of business.

I would imagine if your friend's host have 1000 clients and 439 of them are asking 1 question in a day to install this script or that script, they will be quite busy. :)

Heh, well, some might dispute that Cpanel is well built. The advantage to having no control panel is the admin has to do everything, so he can be sure the control panel doesn't do something weird or something he doesn't want. Control panel software like Plesk and Ensim take over the server and convert it into a web hosting appliance. Many people do not like that. Also, most control panel software installs their own version of Apache, ProFTPd, Perl, PHP, etc. The disadvantage is the admin has to do everything because nothing is automated, making administration more time consuming and possibly more error prone.