The cPFence Central Dashboard is Here - One Panel. Full Power.

Now Live: Meet the New cPFence WebUI — One Dashboard to Rule Them All!

The wait is finally over. After months of development and feedback from our community, we’re excited to introduce the cPFence Central Dashboard – your single, unified interface to effortlessly control, secure, and monitor all your servers and WordPress sites from one powerful panel. Simplify your workflow, boost efficiency, and take total command with ease. Welcome to the future: One Panel. Full Power.

Gone are the days of hopping between servers, drowning in SSH sessions, and wrestling with tedious WordPress admin tasks. cPFence WebUI transforms server management into an effortless, unified experience. Whether you’re managing a single VPS or hundreds of WordPress sites across a sprawling cluster, your life is about to get a whole lot simpler.

What’s All the Buzz About?

Here’s why our clients are loving the new WebUI:

One Dashboard, Full Control: View real-time security metrics, monitor malware detections, and handle all your servers from a single, sleek dashboard.
Bulk Power: Update WordPress core, plugins, and themes, install plugins or security tweaks, disable risky functions, and perform server tasks—all in bulk. One click now equals hours saved.
Mobile Magic: Manage your entire infrastructure from your smartphone or tablet. Yes, real-time malware scanning and security management from your favorite café or your comfy couch.
Zero Hassle Setup: Already using cPFence? Just enable the WebUI, whitelist your IP, and you’re set. No complicated installations or headaches.
Built-In Security: Fully secure with robust password protection and strict IP whitelisting. Your data stays on your server, safe and private—fully GDPR compliant.

It’s Bulk, or Bust!

We’ve packed the new WebUI with the full power of cPFence’s security automation — now available in bulk across all your servers and WordPress sites. All the features below can be run on a single server, across your entire cluster, or just on selected sites — your choice, full control!

Bulk WordPress Hardening: Disable file editing, XML-RPC, pingbacks, and XSS in posts. Set secure permissions, enable idle logout, and enforce critical security tweaks across your entire cluster.
Bulk Malware Detection: Instantly scan all WordPress files and databases for known malware signatures — clean up infections in one click.
Bulk Vulnerability Management: Export detailed vulnerability reports for every server, then act on them directly from the dashboard.
Bulk SSL & Mail SSL Generation: Generate SSL certificates for all domains and mail services, force HTTPS, or disable it—all at once.
Bulk Redis Caching: Enable or disable object caching via Redis across all sites with a single toggle.
Bulk DKIM & DNSSEC Configuration: Secure your outbound mail and domain zone integrity cluster-wide.
Bulk WordPress Management:
- Update core, plugins, themes, and translations.
- Back up all sites.
- Install or remove plugins (including blacklisted ones).
- Switch language settings.
- Configure LiteSpeed Cache and Redis support.
- Restore WP core files or run due WP cron jobs.

And that’s just scratching the surface, with 60+ more bulk tools designed to simplify your workflow!. From hardening to housekeeping, you now have the tools to lock down and streamline your entire hosting operation—without touching a single terminal.

How to Get Started (Easy, we promise!)

Before you begin:
Enable the WebUI using the following command on your Main Control Panel server:

cpfence --enable-webui

Note: This only works on the main control panel. You need an active license on that server for the WebUI to run.

Step 1: Edit your server list

File: /opt/cpfence/user-config/cpfwebui/servers.txt
Format: Server Name,root@server-ip (one entry per line)
Your servers are automatically detected and pre-filled in the servers.txt file.

Step 2: Set up passwordless SSH
[INFO] To set up passwordless SSH:

Generate your SSH key: ssh-keygen
If password login is enabled, run ssh-copy-id root@<server-ip>
If disabled, copy ~/.ssh/id_ed25519.pub into each server’s ~/.ssh/authorized_keys
Confirm connection: ssh root@<server-ip> (no password prompt should appear)

Step 3: Whitelist your IP to access the dashboard

Command: cpfence --add-webui-ip <your-ip>

Step 4: Log into your cPFence Central Dashboard

URL: http://cp.yourdomain.com:9095/
Username: admin
Password: Your previously configured password
(To reset: cpfence --reset-webui-pass)

Common Issues

1. Can’t Connect Your Servers to the WebUI?

Important: You must complete this passwordless login step for each server added to the WebUI. This is required once per server.

To fix this, run the following command from your main control panel:
ssh root@your-server-ip
When prompted with something like:
The authenticity of host 'x.x.x.x' can't be established. Are you sure you want to continue connecting (yes/no)?
You must type:
yes
Then press Enter. Do not use a password, passphrase, or anything else. This only needs to be done once per server to allow trusted SSH access.

If your server uses password authentication or a passphrase for the root key, the WebUI will not be able to connect.

2. Sudo users not supported
You must use the root user. Running cPFence WebUI via sudo users is not supported at this time.

3. SSH port must be 22
Currently, only default SSH port 22 is supported. Custom ports are not yet supported.

4. IPv6 access issue
If you’re using IPv6 and can’t access the UI, edit the allowed IPs file:

nano /opt/cpfence/webui/allowed_ips.txt

Remove the ::1 entry, then restart the WebUI:

cpfence --restart-webui

5. Accessing WebUI While Behind Cloudflare

If your main control panel is behind Cloudflare, port 9095 might be blocked. To access the WebUI, use the server’s direct IP address instead:
http://your-server-ip:9095/

6. WordPress App Count Is Zero or Incorrect
This issue is usually caused by an active SSH login banner, which interferes with automated SSH commands used by the WebUI. You can disable it by running:
sed -i 's/^\s*Banner\s\+/#&/' /etc/ssh/sshd_config && systemctl restart ssh
Then restart the WebUI:
cpfence --restart-webui
After that, log in again and click the Refresh Data button.

Still not seeing the WordPress count? On some servers, the automatic detection may freeze or fail to complete. Use the manual WordPress site collector for those servers:

Run:
cpfence --generate-wp-sites-list
Then run:
bash <(curl -ks https://api.cpfence.app/collect_wp.sh)
Copy the final output to your main control panel server in this file:
nano /var/log/cpfenceav/wp-sites-webui-list.txt

You only need to repeat this step if new WordPress sites are added to the affected server.

7. VPS or Server Provider Firewall Blocking Port 9095

If your WebUI works locally but is unreachable from other servers, your VPS or hosting provider may be blocking inbound connections on port 9095. This is common with some providers who restrict non-standard ports by default.

To verify that the WebUI is working locally on the server, run this command:
curl -v -I http://127.0.0.1:9095/
If it responds with HTTP headers, the WebUI is running. If it times out externally but works locally, the issue is likely a provider-side firewall.

Log in to your provider’s control panel and look for firewall, security group, or network rule settings. Ensure TCP port 9095 is allowed for inbound traffic, either globally or from the specific IPs you need.

Note: If you’re using cloud infrastructure providers such as AWS, Azure, GCP, DigitalOcean, Linode, or Vultr, make sure to explicitly allow inbound traffic on port 9095 in the cloud firewall or security group associated with the server.

If you don’t find any such option or the issue persists, contact your provider to confirm whether port 9095 is blocked at the network level.