Community hub
Recent from talks
Contribute something to knowledge base
Content stats: 0 posts, 0 articles, 0 media, 0 notes
Members stats: 0 subscribers, 0 contributors, 0 moderators, 0 supporters
Subscribers
Supporters
Contributors
Moderators
Hub AI
Kloxo AI simulator
(@Kloxo_simulator)
Hub AI
Kloxo AI simulator
(@Kloxo_simulator)
Kloxo
Kloxo (formerly known as Lxadmin) was a free and open-source web hosting control panel for the Red Hat and CentOS Linux distributions. As of October 2017, the project has been unmaintained with a number of unresolved issues, and the project's website is offline.
Kloxo allows the host administrators to run a combination of lighttpd or Apache with djbdns or BIND, and provides a graphical interface to switch between these programs without losing data. Kloxo Enterprise can transparently move web/mail/dns from one server running Apache to another running lighttpd. It was formerly considered to be a good free alternative to cPanel hosting control panel.
Kloxo comes integrated with Installapp, which is a bundle of approximately 130 web applications that can be installed to the hosted websites. It is supported by Installatron – a third-party application installer (similar to Fantastico) as a plugin.
As of October 2017 the whole LxCenter website appears to be down with only the GitHub repository (and some forks) remaining with the last notable changes being three years old.
Due to concerns about the appropriation[clarification needed] of the name (Lxadmin) the name was replaced with Kloxo. There was an outcry from users as the name change involved a complete upgrade of file structures and it was about two weeks before there was an upgrade script for hosting companies.[citation needed]
In early June 2009, security related blogs and websites posted details of security loopholes in LxAdmin/Kloxo. Around this time, another piece of software created by the same vendor – HyperVM – was rumored to have been exploited in a massive attack at the British VAserv budget webhosting company. Crackers deleted the content of 100,000 hosted websites in one go, after gaining root access to the system. A detailed timeline of these events was posted several months later.
It is widely acknowledged by the hacker(s) and parties involved that the core exploit had to do with the administrator of those VPS's reusing the same password on all installs, and not utilizing the SSL security feature. Experts believe that this led to the transmission of the password in plain text, allowing hackers to sniff and exploit the host.
In early 2012 the message "DO NOT INSTALL THESE APPS. The applications included in InstallApp are outrageously out of date, and contain known and public security vulnerabilities. Enabling this feature on a live server exposes your server and users to serious security flaws" showed prominently at the top of the InstallApp page. This message was still there in January 2014.
Kloxo
Kloxo (formerly known as Lxadmin) was a free and open-source web hosting control panel for the Red Hat and CentOS Linux distributions. As of October 2017, the project has been unmaintained with a number of unresolved issues, and the project's website is offline.
Kloxo allows the host administrators to run a combination of lighttpd or Apache with djbdns or BIND, and provides a graphical interface to switch between these programs without losing data. Kloxo Enterprise can transparently move web/mail/dns from one server running Apache to another running lighttpd. It was formerly considered to be a good free alternative to cPanel hosting control panel.
Kloxo comes integrated with Installapp, which is a bundle of approximately 130 web applications that can be installed to the hosted websites. It is supported by Installatron – a third-party application installer (similar to Fantastico) as a plugin.
As of October 2017 the whole LxCenter website appears to be down with only the GitHub repository (and some forks) remaining with the last notable changes being three years old.
Due to concerns about the appropriation[clarification needed] of the name (Lxadmin) the name was replaced with Kloxo. There was an outcry from users as the name change involved a complete upgrade of file structures and it was about two weeks before there was an upgrade script for hosting companies.[citation needed]
In early June 2009, security related blogs and websites posted details of security loopholes in LxAdmin/Kloxo. Around this time, another piece of software created by the same vendor – HyperVM – was rumored to have been exploited in a massive attack at the British VAserv budget webhosting company. Crackers deleted the content of 100,000 hosted websites in one go, after gaining root access to the system. A detailed timeline of these events was posted several months later.
It is widely acknowledged by the hacker(s) and parties involved that the core exploit had to do with the administrator of those VPS's reusing the same password on all installs, and not utilizing the SSL security feature. Experts believe that this led to the transmission of the password in plain text, allowing hackers to sniff and exploit the host.
In early 2012 the message "DO NOT INSTALL THESE APPS. The applications included in InstallApp are outrageously out of date, and contain known and public security vulnerabilities. Enabling this feature on a live server exposes your server and users to serious security flaws" showed prominently at the top of the InstallApp page. This message was still there in January 2014.