Web Hosting

Overview

The One-Click Web Hosting module is a full-stack hosting orchestration and application provisioning system designed to automate the deployment, isolation, and lifecycle management of websites and web applications.

Rather than functioning as a traditional hosting panel or basic installer, the platform provisions complete application environments at the operating system level, including web server configuration, PHP runtime isolation, database provisioning, SSL automation, backup management, and resource control.

Each hosted domain is treated as an isolated service unit with dedicated users, runtime environments, and system-level protections.

WordPress

The WordPress module provisions fully isolated WordPress environments with automated deployment, runtime isolation, SSL integration, and backup management.

Each WordPress instance operates as an independent application service.

    Features
  • Automated WordPress installation via WP-CLI
  • Dedicated PHP-FPM pool per site
  • Independent database provisioning
  • Automatic SSL integration
  • Secure admin credential generation
  • Optional Redis integration
  • Isolated filesystem and user environment


# Deploy a new WordPress instance. 
one-click --wp-create
...
# Basic wordpress and cron management.
one-click --wp
...
# Manage Wordpress instances, profiles, backups and security
one-click --wp-admin
...
# Local and remote backup and restore for Wordpress sites via profiles
one-click --wp-backup
...
# Reissue or request LetsEncrypt SSL or self signed SSL
one-click --ssl

                                        

Static Sites

The static hosting engine provisions lightweight isolated environments for HTML, CSS, JavaScript, and frontend-only applications.

    This mode is optimized for:
  • Documentation sites
  • Landing pages
  • Frontend applications
  • Lightweight web deployments
Features
  • Nginx static site optimization
  • SSL automation
  • Clean URL rewriting
  • Independent virtual hosts
  • Optional CDN and cache integration


# Deploy a new static site
one-click --web-create
...
# Manage all static sites, backups, profiles etc
one-click --web-admin
...
# Reissue or request LetsEncrypt SSL or self signed SSL
one-click --ssl
					

Application Hosting

Deploy, isolate, and scale modern Node.js applications and APIs in seconds. This module replaces complex terminal configurations with an automated, high-performance hosting pipeline built for modern JavaScript workflows. Currently supports only NodeJS.

    This mode is optimized for:
  • Secure application hosting
  • Isolated single tenant multi-site deployments
  • Frontend applications
  • Lightweight web deployments
Features
  • Isolated Runtime Sandboxing (Zero-Conflict Engine)
  • Automated Reverse Proxy Injection (Nginx & Apache)
  • Smart Port Allocation
  • Unprivileged System User Isolation
  • Automated Git/Repository Deployment Pipeline


# Deploy a new static site
one-click --nodejs-create
...
# Manage all static sites, backups, profiles etc
one-click --nodejs-admin
...
                                        

Database Manager

Keeping in line with our security first posture, the database GUI is a proxied token driven time sensitive application which requires enabling the GUI and generating a one-click login token to gain secured access to manage your databases. Further, the token will bind to the first IP that uses the token further enhancing the security posture of publicly exposed endpoints.

    Database Manager provides:
  • A graphical interface for managing databases
  • Secured access by design
  • Total isolation
  • Pinned sessions to user agents/IPs
Features
  • One-Click execution for creating, altering, dropping, and tracking tables, views, indexes, and foreign keys
  • Single-Use Token Authentication (No Login Screen)
  • Automated Administrative Kill Switch
  • Automatic Out-of-Band Credential Injection
  • Smart SQL Command Console


# Manage Databases and create temp front end if needed
one-click --db-admin
...
                                        

PHP

The PHP hosting subsystem provisions isolated PHP runtime environments for dynamic web applications and custom PHP sites.

    Each PHP application operates within:
  • Dedicated PHP-FPM pools
  • Independent webserver configuration
  • Separate runtime policies
  • Isolated filesystem permissions
Features
  • Per-site PHP-FPM isolation
  • Multi-version PHP support
  • Resource-controlled execution
  • Custom PHP configuration support
  • Nginx and Apache integration

one-click --php

Redis

The Redis integration layer provides optional object caching and performance acceleration for Wordpress installations and can be managed within the wordpress admin.

Redis is integrated directly into isolated WordPress environments.

    Features
  • Redis object caching
  • Persistent cache support
  • WordPress Redis plugin integration
  • Automated socket configuration
  • Runtime performance optimization

SSL Issuance

SSL provisioning is fully automated using Certbot and Let's Encrypt integration.
SSL issuance is strict and requires that values are present for both A (if IPv4 is in use) and AAAA (if IPv6 is in use) as well as the www. subdomain EVEN IF NOT USED.

    The platform handles:
  • Domain validation
  • Certificate issuance
  • Automatic renewal
  • HTTPS enforcement
  • Webserver certificate installation

one-click --ssl

Backup & Recovery

The hosting platform includes integrated backup lifecycle management for all hosted applications. Multiple backup locations is handled by profiles giving further flexibility

    Features
  • Filesystem snapshots
  • Database exports
  • Timestamped backup rotation
  • Local and remote backup targets
  • Profile-based backup destinations
  • Restore and recovery workflows

one-click --wp-backup

one-click --web-admin

Isolation & Resource Control

Each hosted application is isolated across multiple layers:

  • Process isolation via PHP-FPM pools
  • User isolation via Linux system users
  • Filesystem isolation per domain
  • Resource isolation via systemd slices
  • Credential isolation via per-site databases
This enables multi-site hosting without shared runtime exposure.