On this page
Core security model
- PAM authentication: panel login uses Linux system credentials.
- Privilege separation: the agent performs privileged actions explicitly.
- User isolation: site PHP-FPM pools run as owning Linux users with ACL-enforced boundaries.
- Encrypted secrets: sensitive credentials are protected in storage.
Compromise containment with ACLs
FastCP is designed for multi-tenant isolation. If one user’s WordPress plugin, theme, or app code is compromised, ACL-based filesystem boundaries prevent that malware process from reading or modifying other users’ website files.
This limits blast radius to the affected user account and helps protect neighboring websites on the same server.
Network and access controls
- Panel served securely on port
2050. - Websites served via Caddy on ports 80/443 with TLS automation.
- UFW integration supports explicit allow/deny policy management from UI.
- SSH/SFTP controls allow port and password-auth configuration.
SSL and HTTPS strategy
FastCP exposes SSL readiness status and reasons per site. This supports safe transitions during migrations before strict HTTPS redirects are enabled.
Keep manual HTTPS force toggle available for admins. Auto-enable logic can complement this once certificates are confirmed valid.
Admin operational checklist
- Disable unused accounts and rotate credentials periodically.
- Use SSH keys; disable password auth when policy allows.
- Review firewall policy after any port or service change.
- Validate backup restore paths and retention policy monthly.
- Keep system and FastCP versions up to date.
Incident response basics
journalctl -u fastcp -f
journalctl -u fastcp-agent -f
journalctl -u fastcp-caddy -f
For website-specific behavior, inspect logs under each user’s app directory and audit recent configuration changes through the control panel.