Luminfra

DirectAdmin is a lightweight, fast web hosting control panel built for efficiency on shared and VPS environments. Unlike heavier alternatives, it maintains a small footprint while exposing full server control — DNS zone management, SSL provisioning, and email configuration all in one place. Luminfra works with DirectAdmin on LiteSpeed and Apache-based stacks, commonly paired with CloudLinux for per-account resource isolation. Its reseller-tier architecture makes it a strong fit for web agencies managing multiple client sites from a single server.

directadmin.com →

Plesk is a cross-platform hosting control panel supporting both Linux and Windows servers — one of the most versatile panels available. Its built-in WordPress Toolkit automates core updates, security scanning, and staging environments, a real advantage for agencies managing multiple WordPress properties. Plesk’s extension marketplace allows granular capability additions without bloating the base install. Luminfra uses Plesk on deployments where clients need a polished client-facing interface or where mixed OS environments are in play.

plesk.com →

GridPane is a WordPress-focused server control platform built specifically for agencies and developers running high-performance WordPress stacks. It sits above the server layer, managing Nginx or OpenLiteSpeed configurations, Redis object caching, automatic SSL, and server-level page caching — all without requiring direct SSH for most operations. GridPane is Luminfra’s primary recommendation for clients whose infrastructure is entirely WordPress-centric, particularly when performance and multi-site scalability are the core requirements.

gridpane.com →

RunCloud is a cloud server management panel that simplifies provisioning PHP web applications — primarily WordPress — on cloud VPS providers like DigitalOcean, Vultr, and Hetzner. It handles Nginx or Apache configuration, PHP version management per application, automated backups, and Git deployment hooks. Luminfra uses RunCloud in environments where clients prefer self-hosted VPS infrastructure but need manageable server administration without a full traditional control panel. Its atomic PHP version switching per app makes it a practical mid-tier option.

runcloud.io →

Enhance is a modern, API-first hosting control panel designed for hosting providers and white-label resellers. Built with a microservices architecture, it separates services into isolated containers — a compromised or failing component cannot take down the entire server. Enhance supports multi-server clustering natively, making it more scalable than traditional monolithic panels. Luminfra works with Enhance where clients need a clean reseller interface or are building a small hosting product, and where traditional panels would be disproportionately expensive.

enhance.com →

PHP is the server-side scripting language powering the vast majority of web CMS platforms — WordPress, Joomla, and Magento among them. Modern PHP has evolved substantially with typed properties, fibers, and significant performance improvements, making it a capable runtime for production workloads. Luminfra manages PHP-FPM configurations, tuning pool sizes, memory limits, and opcache settings to match each site’s traffic profile. PHP version transitions are handled carefully — tested for compatibility before any switch on a live production site.

php.net →

Nginx is a high-performance, event-driven web server and reverse proxy that handles concurrent connections with a minimal memory footprint. Unlike Apache’s process-per-request model, Nginx uses asynchronous non-blocking I/O — significantly more efficient under sustained traffic loads. Luminfra configures Nginx as either a primary web server or a reverse proxy in front of PHP-FPM, tuning worker processes, keepalive settings, and server blocks for optimal throughput. Its built-in rate limiting and connection controls also serve as a first line of defence against abuse and DDoS at the web layer.

nginx.org →

Apache HTTP Server is the long-standing foundation of web hosting infrastructure, offering unmatched compatibility with legacy applications and deep integration with shared hosting control panels. Its .htaccess system allows per-directory configuration without server restarts — still relied on heavily by WordPress and other CMS platforms. Luminfra works with Apache in both standalone and Nginx+Apache proxy setups, the latter pairing Nginx’s connection handling efficiency with Apache’s per-directory flexibility. Mod_security, rewrite rules, and virtual host tuning are standard parts of our Apache engagements.

httpd.apache.org →

MariaDB is the actively developed, community-maintained fork of MySQL that has become the de facto standard on modern Linux hosting stacks. It maintains full drop-in compatibility with MySQL while offering performance improvements, better storage engine support, and a more transparent development process. Luminfra defaults to MariaDB on new deployments for its InnoDB and Aria improvements. MySQL remains relevant for environments using specific MySQL features or cloud-managed database services like AWS RDS. Our database work covers configuration tuning, slow query analysis, replication setup, and backup strategy.

mariadb.org →  mysql.com →

CloudLinux is a hardened Linux distribution purpose-built for shared hosting environments. Its two primary features are CageFS and LVE. CageFS places each hosting account inside a virtualised filesystem — users can only see their own files and processes, preventing lateral movement between accounts even when one is compromised. LVE (Lightweight Virtual Environment) is CloudLinux’s resource governor, built on Linux cgroups technology, that enforces per-account CPU, memory, I/O, and concurrent process limits. A single runaway script or traffic spike cannot saturate server resources and degrade neighbouring tenants. Luminfra deploys CloudLinux on shared and reseller servers where account isolation and resource fairness are mandatory.

cloudlinux.com →

Debian is one of the oldest and most respected Linux distributions, known for extreme stability, meticulous package management, and long release cycles. It prioritises proven, well-tested software over cutting-edge packages — a conservative but highly reliable base for production servers that need to run unattended for years. Debian’s apt package system and minimal default footprint make it straightforward to harden. Luminfra uses Debian on servers where long-term stability is the primary requirement and upstream package reliability is non-negotiable.

debian.org →

AlmaLinux is a free, community-driven RHEL-compatible distribution that emerged as the primary CentOS replacement after Red Hat shifted CentOS to a rolling stream model in 2021, effectively ending its usefulness as a stable production OS. AlmaLinux maintains binary compatibility with RHEL, making it a reliable drop-in for environments that previously ran CentOS — including control panels like DirectAdmin and Plesk that depend on the RPM ecosystem. Luminfra manages legacy CentOS servers still running in production and handles migration planning to AlmaLinux for clients whose stacks require the RHEL ecosystem. SELinux hardening, RPM package management, and long-term support cycles are core to this environment.

almalinux.org →

Ubuntu is the most widely deployed Linux distribution for cloud workloads, with first-class support from virtually every VPS provider and cloud platform. Its LTS releases receive security updates for five years, offering a stable base with more current packages than Debian stable. Ubuntu’s extensive documentation, large community, and Canonical’s commercial backing make it accessible for clients who want to self-manage portions of their infrastructure. Luminfra uses Ubuntu LTS as the default OS for new cloud server deployments, particularly on DigitalOcean, Hetzner, and Vultr environments.

ubuntu.com →

Podman is a daemonless container runtime that runs OCI-compatible containers without requiring a privileged background service. Unlike Docker, which routes all container operations through a central daemon running as root, Podman interacts directly with the Linux kernel — each container is a direct child process of the user who launched it. This architecture eliminates a significant attack surface: there is no single privileged socket that, if compromised, grants full control over every container on the host. Podman supports rootless containers natively, meaning containers can run entirely within a user’s own namespace without any elevated privileges. For production server environments where security posture matters, this is a meaningful advantage. Luminfra deploys Podman where containerisation is required without the operational risk that a central daemon introduces.

podman.io →

ModSecurity is an open-source web application firewall that operates at the web server layer, inspecting HTTP requests and responses against a ruleset before they reach the application. It is the most widely deployed WAF in the shared and managed hosting space, with support across Apache, Nginx, and IIS. Luminfra deploys ModSecurity with the OWASP Core Rule Set as a baseline, tuning or excluding rules to prevent false positives on specific applications. It provides server-level protection against SQL injection, XSS, remote file inclusion, and other OWASP Top 10 attack vectors — before a vulnerability in the application itself can be reached.

owasp.org/modsecurity →

CrowdSec is a modern, open-source security engine that analyses server logs in real time to detect and respond to malicious behaviour — brute force attacks, credential stuffing, vulnerability scanning, and more. What sets it apart from traditional IP blocklists is its collaborative threat intelligence network: when one server blocks a bad actor, that intelligence is shared globally, giving all participating servers a head start on threats they haven’t yet encountered. Luminfra deploys CrowdSec with bouncer integrations at the Nginx and firewall layers, enabling near-instant IP blocking without disrupting legitimate traffic.

crowdsec.net →

cpGuard is a server-level security suite designed for control panel environments — primarily DirectAdmin and cPanel — combining malware scanning, real-time file change monitoring, a WAF, and brute force protection into a single integrated agent. It performs deep file scanning across all hosted accounts, identifies compromised files, and can automatically quarantine threats before they spread or are used to send spam. Luminfra uses cpGuard on shared hosting servers where per-account malware scanning needs to be automated and surfaced within the control panel. It closes the gap between server-level security tooling and the panel interface, making incident response faster and more targeted.

cpguard.com →