InfinityFree

As for the PHP versions, I wouldn't mind if the old PHP versions were removed. However, it's important to note that there are still plenty of sites and scripts which don't work properly on new PHP versions. These are often crappy, unmaintained scripts, likely with plenty of security problems, but there are still people using it.

As for MySQL, I don't agree with you. MariaDB is not a drop-in replacement from MySQL. I've had problems in the past with some software refusing to run on MariaDB, because of backward version compatibility checks (e.g. only supporting versions 5.5, 5.6 and 5.7, but not 10.x). Also, note that iFastNet doesn't use Oracle's MySQL, but Percona Server. Percona Server, unlike MariaDB, does intend to maintain full compatibility with MySQL.

Also, I've seen issues in the past where MariaDB has bugs causing severe performance issues in certain use cases, which were fixed by both MySQL and Percona.

So I personally think choosing Percona instead of MariaDB was a good choice. Or at least, good enough that it's not worth the effort to switch now.

InfinityFree has offered MonstaFTP as an alternative to the net2ftp file manager offered by iFastNet for a long time. MonstaFTP was chosen because it's is one of the most solid FTP file managers I could find, having a modern looking and easy to use interface with a great code editor.

A month or so ago, iFastNet replaced their own installation of net2ftp with MonstaFTP. That's a decision fully made by iFastNet, and not something I have control over.

However, this file manager being "crappy" and "lots of people has been asking to change [it]" is completely new to me. I have only been able to find 1 topic where 1 person asked for a different file manager, which is this one:

https://forum.infinityfree.net/t/change-file-manager/20620

Did I fail to notice any patterns with other people asking for other file managers as well? Since you say that lots of people have been asking for it, could you link to a few more topics or posts from people asking about this?

There have been more people who had trouble using the file manager, but most of those issues were either caused by the FTP server, or doing things which no other file manager would realistically be able to do either (like downloading all the files in an account at once or uploading files outside htdocs directories). There has also been some confusion regarding the master passwords and upgrade notices, but those can simply be disabled and definitely do not require the file manager to be thrown away entirely.

A quick Google search shows that it's possible to use cPanel's CGI interface to run C++. But then your application needs to support CGI as an operating mode, which is probably not the case if your application has it's own connection manager and HTTP component.

So while it might be possible to run C++ on some web hosting services (but not free hosting!), it's very limited. If you want to run your own HTTP daemon, you'll need your own server to run it. Or maybe some kind of application container hosting service.

If you use your own computer for only five minutes per day, is your computer 100 times as fast compared to when you use it for 8.5 hours per day? No, of course it isn't. Computers don't get faster if you use them less. And web hosting servers are also just computers, which also don't get faster if you don't use them continuously.

Similarly, there is a limit to how many requests your account can execute concurrently. If you only have a traffic spike once per day, that doesn't mean you can execute more requests at the same time.

The solution is simple: either you need to reduce the number of concurrent requests, or you need to switch to premium hosting.

Why do you think the WM API is so poor? Or at least, why do you think a web scraper is better?

Sure, the reseller panel has a few more options than the API, and the output of the API is not always very consistent. But a web scraper sounds like it would suffer from these same issues but worse. APIs are at least designed to have consistent output for programmatic access, a guarantee you don't get with a web interface. iFastNet has a habit of making major changes without any notice (before or after), which would break your client completely.

As for your client itself, there are a few things which I would like to see or do differently:

• Make it possible to pass a cookie jar to the client. You currently require a login request for every time a client instance is created, which requires a round trip to the API, which adds a lot of overhead to the web transaction this client is used in. In a production workload where you have a large volume of API calls, persisting and reusing the cookies in some kind of cache (configurable by the developer, hence the cookie jar implementation) will helps prevent MANY unnecessary calls to the panel and speed up your website. For inspiration, check how cookies are done with Guzzle.
• Speaking of Guzzle: try it if you haven't already. It's great, much easier to use than curl_*. Which would be easy to use if combined with...
• Composer. The best way to manage dependencies and class loading in PHP. Learn it, add support for it, your life will never be the same.
• Another case of unnecessary HTTP calls: don't fetch the statistics every time after login. You don't need them every time, and now you're adding dozens of ms to every page load to get data which you may not need. This should be a separate API call.
• Generally messy management of internal state. A good class should not require that implementations calls methods on that class in a specific order. If they do, that's typically a sign that your class boundaries are wrong. A good example is the Client::set function. You must create the client object first and then you MUST call this method first before you can use any of the other methods. Changing that to a constructor makes the class more fool proof and reduces the need for checks to make sure the set method was called first.
• Speaking of internal state: most coding style guides demand that all object variables should be defined on the class, and not created on runtime. You set most values that way (except for a few booleans which determine whether these values were set - why not check the values themselves?).
• Many functions have weird specs or don't do what I would expect them to do. I would change "initialize" to "login" (because logging in to the panel is what it does). "changePassword" changes the reseller password, not the user password. If findUsers has as first argument a string which has to be one of three hard coded values, why not create separate methods?

This option was probably removed because the server load of extracting archives in PHP is ridiculous. FTP does not have an option to extract files "on the server".

If you need to upload a zip file, the most reliable way is to use a desktop FTP client like FileZilla, extract the archive on your own computer and upload the extracted folder to your account. It may take a while (depending on your connection to the FTP servers), but it is pretty much guaranteed to work.

I understand what you are saying @JayAld. There are absolutely cases where access logs are useful to have. If I need to debug a resource limit on cPanel, I generally use a combination of the resource graphs, snapshots and access logs to figure out when the limit was hit and what was happening at the time.

The thing is that it's sometimes better to give people no information than limited information, as people will draw incorrect conclusions based on the incomplete data. Like people saying the CPU limit is wrong when there aren't more hits, but dozens of plugins and themes have been updated. Or people saying the hits counter is not resetting properly, because why else would they be suspended while Google Analytics says there aren't many visitors (hint: visitors != hits).

Having all data would be the best, of course, but I wouldn't say that any data is better than no data.

Most of the resource limits on free hosting are not assigned specific numbers. There is a good reason for this. If the exact calculations and limits are explained, then abusers might try to game this and try to stress the servers as much as possible without getting suspended. This is bad for all other websites, which would be slowed or even brought down because of this.

Also, keep in mind that while cPanel/CloudLinux also limit Entry Processes, CloudLinux restricts concurrent EP usage whereas VistaPanel restricts daily EP usage. CloudLinux can fairly easily take a snapshot the moment the limit is hit, but you can't do that with a daily limit. Unless you would snapshot everything or try to predict when there is a peak, but both require some really complex engineering, especially to make it work smoothly on a high load environment like free hosting.

Having some logs would be useful, but access logs on their own don't tell any conclusive information about CPU/EP usage, because they only tell which pages are being requested and not how much resources those pages take to load. Even unfiltered access logs are too simple to be useful.

I don't quite see what more "basic and simple" logs would look like, I don't see how they could be of any use and I don't see how aggregating logs would be any more performant than simply collecting and routing these logs.

12 hours ago, PlanetCloud said:

It can be useful if you know how to use it such as to built a "Login to MySQL Database" button so there's no need for the user to go into cPanel first

 

It would be nice to be able to provide one-click-login buttons for phpMyAdmin, or interact directly with databases. Unfortunately, while the SQL hostname was one of the pieces of data which was missing, it's still pretty pointless without being able to get a list of databases of the user.

As far as I know, this is a new feature in the API callbacks. After an account is created, you'll get this new webhook which tell you the SQL hostname of the account which was just created, which you can show to the user if you want.

Personally, I just store the data for now and don't do anything with it. And I can't say I'm a big fan of how this webhook was implemented, but it is the way it is.

Whether unrecognized data is messing up your system is of course not something iFastNet can fix for you. Input validation of webhooks is your own responsibility.

On 11/1/2018 at 11:26 AM, Jeyneko said:

Hm. Okay.

I'm fairly skeptical about putting my address on there, given if they send a letter to your home, because ugh.

also can you monetise multiple domains and not have to confirm each time?

Just to let you know: AdSense does send a card with a confirmation code to the address when you first cross the payout threshold. So don't lie when submitting the address details, or you will not be able to get paid.

And AdSense is definitely worth it in terms of revenue. Other ad networks with good revenue likely won't do business with minors either. And since you're 17, I would suggest you just wait a few months until you turn 18 and then join AdSense.

13 hours ago, Arcenas090 said:

Can you Ping Byet Servers though?

Nobody can ping the free hosting servers because they block ping.

21 hours ago, PCTipsGR said:

Okay Everyone!

This topic was created on June 16, 2017, by @Subhendu, and I believe that his topic has been answered.

If you want to ask questions or ask for help with @InfinityFree's script, create a new topic or PM him. Stop reviving old ones.

---

Actually, I was the one that revived this at first just to claim that @BSthuliwal answer was not correct, and then all that happened. Sorry for the mess I caused.

I'm happy to help. Just don't use PMs for that please. Either create a topic on here, or use the Issues section on the GitHub repository.

The more I think about this, the more I think it was a bad idea to say I would be willing to sell without having a clear strategy in mind.

22 hours ago, PCTipsGR said:

Maybe something like Blesta pricing with your modifications (higher / lower) ?

The Blesta company makes money by selling to a large number of hosters. I don't have that big of a market to appeal to. It's a specialty product, and specialty products always are more expensive because of this.

Instead, it should be compared to what it would cost to commission a similar piece of software from a professional software development company. Which I guess would be in the higher 4 figure to lower 5 figure sums. No lower 3 figures, like with Blesta.

Basically, if you expect it to be similar to a generic hosting billing system with some mods, don't buy my panel.

22 hours ago, PCTipsGR said:

That is why I believe @Mauwiks could sent (via PM of course) an amount which can pay for the software and seems reasonable, and @InfinityFree to either decline or approve it, and then if not succesful make a higher offer and so on..

That was pretty much my initial idea, yes.

22 hours ago, PCTipsGR said:

A simple update system which pushes updates to the software, feature request to be sent via PM.

There is no built-in update checker in the software. I don't have a service which can serve the updates. Everything right now is managed through source control and complex deployment scripts. The software doesn't get any version numbers, I deploy whenever I change something with a highly variable deployment rate (from 10 times in one day to a month without changes). All of this can be changed, but would take a considerable effort to do so. So much so I would have to investigate exploitation strategies in the first place.

Using the PM system of a forum from another company is a bad idea to submit feature requests, but people have long ago designed something called an "issue tracker" or "bug tracker" which is specifically designed for this. But submitting the ideas are the easy part. It's what happens next is the hard part.

Right now, I can build, edit or remove whatever aspect of the software I want, whenever I want. When I have other people purchasing the software from me, do they get rights to features? Do I have to discuss or get permission to make changes? Can they demand demand X features to be implemented within Y time?

16 hours ago, PlanetCloud said:

@Mauwiks and @Arcenas090.

I believe you have to offer him a lot more than just $250 (USD).
He is making lot's of money (Atleast with my calculations) than that per month and why would he sell it to you at that price if he could make more?
*Assuming you will also take away his customers or something simmilar.

Also by selling it, he also has the risk of :

• You could resell the client area.
• You could gave the client area to someone else.
• Opened how IF Client Area was engineered and might can be exploited.

So you should offer something that he couldn't make in a month or year and it should be considered "Good".

Good point! By adopting my panel, I can pretty much expect to lose customers because of it.

And while I don't know what number you figured out, I can guarantee that $250 is nowhere near enough to compensate for the risk in lost revenue because of competition.

12 hours ago, Mauwiks said:

 

Noted, @PlanetCloud.

Thanks for the idea! 

In regards to the selling part, I don't think I would do this kind of stuff. I don't like the idea of reselling something that I did not make from scratch nor anything I did not put in the work with. And if ever I get a deal with @InfinityFree in the future, it would only be limited for a personal interest usage for optimizing my desired free web hosting service, nothing else. It's kinda embarassing to sell something that is not yours. I just don't like the idea. Crap. ?

Sure, you say you won't share it, but I would just have to take your word for it. But right now, I can control exactly where the codebase is and how it's protected. As soon as I give it to anyone else, I risk other people leaking it, either through malice (purposely sharing it with others) or incompetence (failing to protect a server).

12 hours ago, Mauwiks said:

As mentioned on our conversation the last time, it is way better that the service provider or project owner decide a possible package to offer or define a standard (or can be optional) proposal on what he could offer because he is much more aware of the software, unlike the client (which is me for example). And what I only know is that I want to use it on my own. And the dead-end question is How (?) can I get it at a one step convenience, regardless of the price.

I agree, this would all be a lot easier if I already had a clear business strategy on how to sell this software. Which I don't, and only casually said that it's not unthinkable that I would sell the software for others to use.

I have put some thought into the matter in the past, but regardless of how I offer it, I would need to make substantial technical changes to make the system usable for others. These changes cost a lot of time and effort to implement, and add absolutely zero value for my direct customers.

10 hours ago, PlanetCloud said:

I believe the client area is a bit advanced and how it was engineered was great.

And I do believe that this client area took months to built and lots of data to built it this complete.

Yes, it's quite hard to operate. If you're not an experienced sysadmin (or me (I am also a professional sysadmin)), you're going to have a hard time running it yourself.

And wow, the years of trial and error which went into it to get the workflows right. I must have redesigned and rebuilt the suspension handling code at least half a dozen times to send users the right message at the right time. The current system is maybe half a year old, which is probably a record.

1 hour ago, Mauwiks said:

The difference in my perspective is what you want to offer and not what I want you to offer me. A strategy of fairness and not to take advantage of anybody. I want to take an offer that a service provider would want to work on without a doubt and come up with a great result instead of me asking for an offer that I'm not sure if somebody could give the best service later on. It's asking of the best price for the best service.

So, if I understand you correctly, you want me to take a look at the software and estimate it's worth, and give you an offer I believe is still reasonably fair to you?

That sounds like a fair strategy (after all, I know more about the software than you). Unfortunately, I still cannot give it to you because:

• I don't know what is common for highly specialized software like this.
• I don't know what would be reasonable/possible for you.
• There are still many more questions to ask, like what to do for installation support (the software is NOT simple to  run), updates, feature requests, etc.

I didn't put much thought in the selling offer at all, really. So I still can't really make you an offer without having some sort of strategy for that as well.

4 hours ago, PCTipsGR said:

Blesta works with MOFH?

Sure! Just as well as WHMCS. Which is to say, not at all with the shipped modules, but you can build your own.

2 hours ago, Mauwiks said:

I'm sorry @InfinityFree , but if I am not mistaken, why do you sound like pissed about THE BEST PRICE thing? Just for the record: I don't mean it as at its minimum price if you think so. It is actually whatever you think is the best worth or what you're saying that is enough as an offer for your product or whatever you can offer to a certain client.

And earlier, I mentioned that I don't like to make an offer because I figured you don't want to sell it for sure as a pride of your so-called brand, InfinityFree. I don't want to pressure somebody just because of my own interest, but if you're willing to sell it without me having to figure out the idea of how can I convince you ( which is a waste of time) instead of just a straightforward offer, then I might be interested in it. I hope you could prompt me if you decided, later on, to offer it at the best price you could offer. Please take note of my email at [email protected].

More power to InfinityFree!

Best regards,

So, from your perspective, what would you say is the different between the minimum price and the best price? How would a higher price be better for you than a lower one?

The reason I'm pissed is because you either don't read or you don't understand me. I say you can make me an offer. Your response is to ask me for an offer instead. You seem completely puzzled on how you could convince me, but I think I made it rather clear that making me a good offer is a great way to do that.

There is one thing I can agree on though: that this is a waste of time. You clearly don't want to buy (or you would have either made an offer or at least contacted me for more details about the software) and I already said multiple times I'm not in a hurry to sell. So go wait for that email to come in, I'm sure your "so-called" strategy of "I don't know, just give me your best offer" and insulting my "so-called" successful business is going to work out great for you.

17 hours ago, Aqib said:

I think you should email by yourself to @InfinityFree at [email protected] and make a reasonable deal with them.

Oh, great, now I have to burn that email address. Thanks! Already looking forward to all the whiny, egocentric, entitled support requests coming in through it!

I really regret saying this now. I share a little bit of libertarian philosophy and suddenly everyone expects I will sell everything for a pittance.

On 9/18/2018 at 6:25 AM, Mauwiks said:

Hi @Infinityfree.

May I avail this deal?

Please send me a proposal at [email protected].

Read my previous message. Yes, you may avail this deal. But I don't have a proposal and I will not make you an offer.

I believe everything in the world is for sale if you offer enough. But pay attention to the last part of the sentence: if you offer enough

Everything is for sale means that, for anything, you can give people an offer they cannot refuse. But it's up to YOU to come up with an offer which I cannot refuse.

If you want a well developed product intended to be used by other parties with a clear pricing chart, go use something like WHMCS or Blesta.

I don't want to sell the platform which has allowed me to develop InfinityFree into the market leading brand it is today. I have no plans to exploit the platform by marketing it to other (competing) hosting providers. But, "I don't want to sell it" does not mean "I will not sell it". It's up to you to convince me to do so.

14 hours ago, Mauwiks said:

I'm sure he will email me if he gets interested. I am not really in a hurry. No pressure. I want them to offer me the best price in regards to the worth of the service they could offer.

Again, I'm not interested in selling. You are interested in buying. So you email me.

Also, I SPECIFICALLY said you should not bother asking for the best price. So if you do contact me, don't just repeat what you said here. Again: YOU CAN MAKE ME AN OFFER. Not the other way around.

5 hours ago, Mauwiks said:

The problem is that I'm not really familiar with the price to offer for this kind of project. I think it should be best if they offer at the best price they could offer it. I am willing to dive into what's worth they think of their service.

I don't know what a good price is either. Again, the InfinityFree client area is not a commercial service. I have not done market research to gauge what a fair price would be. But since you want to buy it, you should have an idea of what you're willing to spend.

User Agent blacklisting can help stop bots and is a lot less intrusive than the nginx testcookie module, but it's also far less effective because:

• Hackers don't announce themselves in the User Agent, they generally use User Agent strings from popular browsers to make them harder to detect.
• It doesn't block against hotlinking (which was blocked on ByetHost before this system was introduced).
• It doesn't block against direct downloads (free hosting is for websites, not for file sharing).
• The default .htaccess file cannot be edited, but it can be removed and it can be overridden.

Any hacker who isn't a 13 year old script kiddie isn't going to be stopped by such simple measures.

Only add the cpanel domain to MyOwnFreeHost and host your main website elsewhere. Use the API to create accounts.

5 hours ago, PCTipsGR said:

You don't know that, actually @InfinityFree had said once that they might sell their client area if it is a logical for the creator prize (not $5 for example), I dunno if this offer still exists or not, but trying never hurted anyone.

Even if you do that, you better make a serious offer from the beginning or they will never consider you at all.

It does still stand, more or less. But I believe that anything is for sale, if you offer enough.

Just don't bother asking me "what's the lowest offer you can give me" (yes, someone did that not too long ago). The fact that I'm willing to sell it does not mean I'm offering it for sale. 

10 hours ago, DragonOsman said:

Apache should be able to execute it as an added service or behind a reverse-proxy, like with a Wt app (if you know what I'm about talking about here).  

Will a compiled server-side application not work at all on here?  I can compile the app to a Linux executable, so it doesn't have to be a .exe.

I don't know any "web hosting" service which allows you to run your own application program to handle requests. "Web hosting" is usually used to host PHP, Perl or ASP scripts using a web server and interpreter managed by the host.

Limited support for other languages (Ruby, Python, NodeJS) is being developed as well by cPanel. But that uses Passenger which, again, means the interpreter is being controlled and managed by the host. Java support is also supported by some systems, which feeds the WAR file into a Tomcat server managed by the host.

In other words, a key characteristic of web hosting is that the application runtime is controlled by the host. So if a host doesn't offer a runtime for a certain language (or the runtime used doesn't support all necessary features of a language), you can't host your software on it. "Web hosting" doesn't allow you to bring your own binary and run it as a persistent process. 

Either you need to get a server where you can manage your own runtime (like a VPS or Dedi) or you need an Application Hosting service (like Heroku).

On 8/20/2018 at 1:38 AM, The Coders Zone said:

I have only just realised this forum existed and have just found the WHM API. So that is how you create accounts automatically. I noticed @InfinityFree have a custom account activation email - how do you do it?

The WHM API does not cause any email to be sent on account creation, so you can send your own.

On 8/20/2018 at 1:18 PM, PlanetCloud said:

He wants to boost his post count

You shame someone else yet you are bumping this old topic as well...

I recognize I may not be helping here either. But at least I won't engage in a 5 year old discussion.

7 hours ago, PlanetCloud said:

About this part "(spoiler: it won't work, I tried that already)" can you please PM me what problem did you encountered?

This is for custom confirmation page to replace the regular confirmation page.

The registration session is IP locked. The IP address used to submit the form must match the IP address used to complete the email confirmation. Which in turn will be associated with the account. Would phishing be found on one of the sites on your hosting? Then all accounts of all users would be taken down with it.

If you want to create accounts from your own software, use the API. That's what it's for.