On August the 7th we released Vepp — a new control panel for managing websites and servers. Please check our big announcement regarding its opportunities and advantages for end-users. This article is for providers. I will tell about one of the main differences between Vepp and traditional panels — the way of interaction between a provider, the control panel and clients.
Control panels, a traditional approach
Most providers use a similar way for the ordering and managing a server with a control panel.
- The client selects the tariff, adds a control panel and pays for the service.
- Provider’s VPS provisioning software deploys the server and installs the panel using post-install of scripts.
- Provider’s billing system sends the API request to the vendor’s billing to order a license and activate the panel.
- A few minutes and here we go. The service is ready and the client receives the email with credentials for his server and the control panel.
It was an industry-standard scenario for years, however, it has some shortcomings.
Outdated panels and security issues
Most of the providers don’t know what is happening with the servers of their clients and can’t influence it anyhow. Clients handle their server by themselves. Some users update their panel on time to receive new functionality and patches. However, many clients forget about the updates for months or even years, preferring not to touch a service until it works fine.
Meanwhile, the world of cyber threats does not stand still. Every month a hosting community reports about new bugs in control panels and vulnerabilities in other popular software, like mail servers, databases, OS kernels. Software developers release patches for fixing these threats, but these patches still need to be installed.
A short survey among our current partners showed that the percentage of their clients using outdated software versions varies from 40 to 60%. It’s not a rare case to find a client who hasn’t updated his control panel for 3 years and more. It is a real pain for providers because once such panel is hacked, everybody may feel the damage.
Abusers can steal important data from the client’s server, send spam or install Trojans. The provider may be affected as well: IP addresses may get to spam lists, the infected server may join an attack on the White House as a part of a botnet, or begin to mine cryptocurrencies, making an excess load of network channels provider’s hardware.
Additional sales and lost profits
Many providers sell different extra products besides servers and control panels. The list of such services may be extensive: antiviruses, DDoS protection, CDN, SEO tools, domains and SSL, etc. However, many clients don’t know about it: products are taken out in the Other Services section Other which is hard to find and the client area is only used for making payments and communicating with provider’s support. Sometimes the mailings may help, but these emails may be filtered as spam as well as hundreds of other automatic emails.
Even if the customer gets aware of potentially useful product service, what is the chance that he will order it if it is not needed at the moment? What is the chance that when it is needed, the customer will remember that he may buy it from his hosting provider?
It will be great to built-in extra services into the major user scenarios. However, traditional control panels do not allow doing so.
Extra load on server resources
Classic control panels are regular programs. They consume resources of the server they are installed on. Therefore if a client wants to use the control panel, he should order the server with additional resources for it. Having the control panel is convenient, however, nobody likes to pay more. This problem is especially relevant for small websites hosted on budget servers.
Traditional approach. A control panel is installed on client server and consumes its resources. If the server goes down, both website and panel will be unreachable.
Here comes Vepp
In Vepp we use microservice architecture. In such model, separate services, wrapped in Docker containers are responsible for their own area of functionality. One day our dev team thought whether these services can work with a client’s server remotely? We tested this hypothesis and got a positive result, so we had a logical question: if services can work remotely, why do we run them on a client’s server? This is how the idea of the Platform was born.
Vepp Platform represents a private SaaS service deployed in provider’s infrastructure. It is a set of microservices: Vepp app itself, plugin service, monitoring, provider’s area, market place, etc.
Providers install Vepp Platform on their dedicated servers by the script provided by us. The next step is the integration between the Platform and provider’s billing system. We already made the integration modules for popular billing panels, like BILLmanager and WHMCS.
And this is it. It’s not required to install individual panels for clients. Everybody uses the Platform.
How does it work
- A client orders a VPS from a provider and chooses Vepp to manage his websites.
- Provider’s VPS provisioning software deploys the server. At the same time provider’s billing system send an API request to the Platform to create a user account for the new client.
- When the server is ready, the Platform receives SSH access to it from the billing system and starts installing the necessary packets along with the SSH access key.
- Vepp installs the Web server, mail server, databases, PHP — the necessary minimum of software to work with a website. Vepp itself is not installed on the server.
In the future, the client uses his user account in the Platform for managing his websites and servers. If ISPsystem discovers a vulnerability in Vepp or its service software, for example, in an email server, we will develop a special patch for fixing the vulnerability. Provider’s admins will install this patch and fix the issue for all their clients at once. Besides, the provider can control Vepp versioning for all his clients, because everybody uses the Platform installed on the provider’s server.
Advantages of the approach
The Platform solves many of the provider’s problems, both mentioned above and a number of smaller ones.
Versioning and Security
With the Platform, the provider deals with one application installed on his server. This means that his experienced and qualified administrators can support hundreds of client servers and websites with relatively small efforts. Outdated control panels are no longer a problem. All customers use the panel of the same panel, the latest one.
If any vulnerability is found in the Platform itself or with the service software it uses, provider’s admins just need to patch only one application to protect the Platform and all client websites managing by it
One of the services within the Platform is a fully customizable provider’s marketplace. It is possible to upsell clients with a number of additional services like antiviruses, CDN, as well as different plugins and extensions. All the purchases made in the marketplace of Vepp will go through the provider’s billing thanks to the deep integration via API. Such approach allows providers to boost an average check and raise the loyalty of customers.
According to our idea, Vepp will become a control center for working with websites and include: web analytics, search optimization tools, anti-virus, availability monitoring. Some existing control panels also have these features, but they are often difficult to find in a complicated interface designed for experienced admins.
When we designed Vepp we tried to offer an additional functionality exactly when it was needed. They say, «A spoon is dear when lunchtime is near.» As a result, Vepp will offer to buy a domain when a user creates his first website while an antivirus will pop up when the free virus scanner reports a threat.
The economy of server resources
Users don’t install Vepp on their servers. The application and all of its services work with the client server remotely, consuming the resources of only the server where the Platform is installed (see below).
It means that the customers no longer need to pay extra money for the resources required for using a control panel. With Vepp the customer will only pay for the resources required by his website.
One day we even made an experiment: create two virtual servers having the same amount of resources and hosted two identical websites there. The idea was to use Vepp for managing the website on one of the servers, and one of the popular traditional panels for another. We studied the service provisioning time and website performance. The website managed by Vepp was installed much faster because the panel wasn’t installed on the server. The performance of this website was also higher since Vepp didn’t consume server resources.
Improvement of user experience
One of the common problems with traditional control panels is that the panel may be installed not properly, causing problems with websites. Some clients may even blame the provider for this.
However, there is no such problem with Vepp, because the platform is hosted on the provider server and supported by his specialists. This reduces the chances that something goes wrong.
In Vepp Platform we only charge for user accounts that we call subscriptions. It is a classic pay-as-you-go model. Everything is very transparent: providers pay only for real customers that bought Vepp subscription from them already. Our licensing model accounts inflows and outflows of the clients and bills only for the minimal amount of active subscriptions.
A recommended price for end user subscription is 8-10 EUR per month. The cost of the subscription for providers is 8 EUR, this price may be lower with the certain volumes. The more users provider has in his Platform — the lower the price per subscription.
We understand that it is not easy to generate these volumes at the start, so we’ll try to make a special offer for every provider. Send us your request to firstname.lastname@example.org and we will contact you soon.
How to test Vepp
Send us the testing request from your personal area at eu.ispsystem.com or drop us the email to email@example.com if you want to test Vepp platform yourself.
Vepp Platform may be installed on a dedicated or virtual server with the following parameters:
— Clean CentOS 7 server without any other software installed;
— At least 8 Gb RAM, 128 Gb SSD hard drive, 4 CPU cores;
— hardware virtualization (for VPS).
We recommend installing the Platform on dedicated server, however if you have qualified admins familiar with a maintenance of virtual systems — VPS will also work.
The most important parameter for Vepp is RAM. According to our tests, one active user session requires at least 10 Mb RAM. It means that a server with 64 Gb RAM may hold up to 60 thousand of active client sessions. The total number of user subscriptions may be higher, however, the number of the active user session at one certain moment of time shouldn’t exceed the mentioned numbers.
If one client is hacked, will everyone be hacked?
No. Having access to one client account does not mean that it is possible to affect other users of the Platform in any way. All accounts are highly isolated.
What if the admin account will be hacked?
This is a bit more serious. In case if abusers breach the admin account they can delete or stop client accounts in the Platform. However, the sites will continue to work normally. The client data cannot be accessed from the admin level.
The panel doesn’t consume client resources, but it consumes my resources!
Yes, but quite a bit and only when the client session is active. The amount of your resources consumed by a client is significantly less than the Platform saves for the customer. According to our calculations, the cost of servicing one client account in Vepp is just a few cents per month.
I need to support the Platform myself. I will raise my costs!
It’s true, but only at very small volumes. Indeed, supporting the Platform is more difficult than a regular control panel. However, supporting ten customers with traditional panels will require more human resources than supporting a Platform with ten or even a hundred customers.