cPanel and DirectAdmin: SQL, DNS, Email, Backups & the rest
cPanel and Directadmin both offer the expected features such as SQL, DNS and Email. We’ll provide the basics and show the comparisons between the two panels.
DirectAdmin also supports MySQL version 8 where cPanel supports up to version 5.7 (current as of August 2019).
Both panels store the SQL server’s configuration files at /etc/my.cnf. Both also use /var/lib/mysql/ as the data directory, which contains the error logs, pid file, and database files.
The following shows what SQL options are supported for each panel.
So, if you require Postgres and prefer panel-supported installations, you would likely want to use cPanel. However, if you don’t mind installing and configuring services such as Postgres yourself, then you could use DirectAdmin and enjoy more features and security via the latest versions available.
Both DirectAdmin and cPanel support Named/Bind and both support DNS Clustering.
Both have eloquent DNS administration interfaces to record management as well.
Both cPanel and DirectAmin support the following email features (Webmail and anti-spam tools are discussed later):
- Catch-all email accounts
- Autoresponders/Vacation Messages
- Mail Queue Administration Interface
- Mass Email address/forwarders import features
- Quota Enforcement
- Strong Password Enforcement
- Ability to Mass Email All Users
- Automatic purging of mailboxes
- One-click Webmail login when authenticated via the panel
DirectAdmin and cPanel both use Exim and both use some of the same Webmail software, so email capabilities of one panel should match those of the other.
Both DirectAdmin and cPanel offer a myriad of tools for fighting spam. Here is a quick overview:
|Pigeonhole Sieve||yes||no, feature requested|
|Email Sending Limits||yes||yes|
|Custom RBLs & RBL Blocking||yes||yes|
|Rspamd||yes||no, feature requested|
|Spam Blocker||yes||similar functionality available|
|Easy Spam Fighter||yes||similar functionality available|
|Block Cracking||yes||similar functionality available|
|Greylisting||yes, via Spam Blocker exim.conf||yes|
|Sender Verification||yes, via Spam Blocker exim.conf||yes|
DirectAdmin supports mailing lists via Majordomo. cPanel supports mailing lists via Mailman.
As of August 2019, the DirectAdmin migration tool doesn’t copy Mailman mailing lists to Majordomo. Likewise, the same is true of cPanel’s migration tool with regards to Majordomo data to Mailman.
Backup encryption is ideal keeping backups that are GDPR compliant. Encrypted backups are supported via DirectAdmin, but not cPanel. feature requested
DirectAdmin’s backup restoration interface has the ability to restore cPanel backups. This is how DirectAdmin handles migrating content from cPanel. cPanel’s backup restoration interface lacks this ability, however, they have a Transfer Tool that will handle migrating content from many panels, including DirectAdmin, Plesk, and Ensim.
Both panels support automatic Backup FTP/Rsync to remote locations.
DirectAdmin supports free SSLs via Let’s Encrypt for the server’s hostname, domains, subdomains, addon domains, and service subdomains. These can be used to secure services as well. This requires that you run Let’s Encrypt for the domain, which can be done in the panel as long as SSL is enabled in the DirectAdmin configuration and the user’s skin. DirectAdmin also has an autoletsencrypt.sh script that can be downloaded and set to run via cron so that Let’s Encrypt SSLs are automatically renewed for you. Setup LetsEncrypt SSL The SSLs interface can be accessed at the User access level.
cPanel provides free SSLs by default from Sectigo (formerly Comodo) for the server’s hostname and for domains, subdomais, addon domains, and service subdomains. These can be used to secure services as well. cPanel also supports free SSLs from Let’s Encrypt, but it requires the installation of a plugin, and you must choose either Sectigo or Let’s Encrypt, but not both. There was some dispute between Comodo and Let’s Encrypt early in Let’s Encrypt’s deployment which has led many to prefer one to the other, so cPanel’s decision to provide both options will accommodate either preference.
Manage AutoSSL in WHM has several tabs for viewing logs (so that you may determine why domain validation failed or check to see the status of the SSL request), for enabled/disabling SSLs for users, and for configuring AutoSSL options (such as the notifications you wish to receive). Manage AutoSSL is accessed via WHM, but there is also an interface at the cPanel user level for managing SSLs, too.
Free Let’s Encrypt WildCard SSLs and Rate-Limits
DirectAdmin has has support for this since approximately summer 2018 LetsEncrypt wildcards for free. As of August 2019, wildcard SSLs are not available with cPanel. cPanel does, however, have plans to implement this feature by v84. See here: Let’s Encrypt cPanel
One notable benefit of using cPanel’s Sectigo (formerly Comodo) SSL vendor is that they do not impose rate-limits as Let’s Encrypt will start doing with their new API cPanel blog. The new rate-limit is 300 certificate orders every three hours. Let’s Encrypt does provide a form to request a larger limit, though. Also, with the ability to request wildcard SSLs, reaching the limit is made less likely.
APIs, Pre/Post Hooks, Debug Mode, and Scripts
Both panels offer vast options for customizing and extending the panel via APIs, Pre- and Post-Hooks, and plugins. Furthermore, they both contain a scripts directory containing many useful scripts to help you administer your server. DirectAdmin’s scripts directory is located at /usr/local/directadmin/scripts/ and cPanel’s is located at /usr/local/cpanel/scripts/.
The DirectAdmin Api permits one to accomplish anything via a script that can be accomplished via the panel. All one must do is determine what POST values to use with the API in order to construct the API command. You can run the panel in debug mode to determine these values.
Aside from the API, you may also attach custom scripts to pre-and post-hooks so that custom code runs either before or after certain events. Plugins allow one to extend DirectAdmin’s functionality even further.
cPanel is developer friendly as well and accommodates these same features. You can create your own package items, implement custom code via plugins and pre- and post- hooks and plugins, and use debug mode to debug your custom code. All of the development features and more are well documented on their developer documentation page. See here: cPanel Developer Documentation
Both panels are quite secure out of the box. Statistically speaking from experience, 99.9% of hacks occur due to vulnerabilities in the site rather than in the server, and this is largely due to how KnownHost utilizes the panels’ features to secure everything by default in addition to a reliable firewall, such as CSF/LFD. Here are just a few of the security features that both panels support (listed features may be either enabled already or optional on KH servers and unofficially supported, e.g., Maldet):
- Automatic Updates via Cron DirectAdmin | cPanel
- 2FA DirectAdmin | cPanel
- Security Questions DirectAdmin | cPanel
- CSF/LFD Firewall
- ClamAV DirectAdmin | cPanel
- Maldet DirectAdmin | cPanel
- Option to Enforce Strong Passwords DirectAdmin | cPanel
- Automatic PunyCode translation for IDN domains DirectAdmin
- ModSecurity DirectAdmin | cPanel
- Spam-fighting software/methods DirectAdmin | cPanel
- much, much more!
Both panels offer their own bruteforce monitoring software. DirectAdmin includes BFM, the BruteForce Monitor, and cPanel includes cPHulk.
DirectAdmin’s BFM by default sends messages to the admin about bruteforce attempts, but doesn’t actually block them. This is because DirectAdmin doesn’t support IPTables, but there is an unsupported way to configure this. block IP An alternative option would be to configure BFM to work with the CSF/LFD firewall, block IP’s with csf but the integration appears to be redundant as it appears to simply disable settings that the firewall monitors and passes those to BFM. CSF/LFD would monitor these services sufficiently alone. For this reason, Knownhost uses CSF/LFD for bruteforce attack blocking.
cPanel’s cPHulk is much of the same story. Unlike BFM, it does handle blocking by default (via denying authentication, not via IPTables), though. Still, CSF/LFD is sufficient for monitoring and blocking bruteforce attacks, so this feature can be considered just another layer of protection for the paranoid, if not redundant. For this reason, Knownhost does not enable this by default.
For any users that choose not to use a firewall such as CSF/LFD, these services would be highly recommended.
DirectAdmin and cPanel alike support both Awstats and Webalizer.
You may choose to use neither, one or the other, or both. These options applies to both panels.
Even with software such as email, MySQL, and other 3rd party applications — both panels strive to offer comparable features to ensure that the chosen panel does what the user needs. Whether it be statistical software, security, or your everyday mail features both panels are intent on ensuring similar features.
KnownHost offers 365 days a year, 24 hours a day, all 7 days of the week best in class technical support. A dedicated team is ready to help you should you need our assistance. You’re not using KnownHost for the best web hosting experience? Well, why not? Check with our Sales team to see what can KnownHost do for you in improving your web hosting experience.