Anyone with Experience Using cPFence Web Security? Is It a Viable Alternative to cPGuard?

[kanti]

Hi everyone,


I'm currently exploring options for web security solutions for cPanel servers and came across cPFence Web Security. It looks like a promising tool, but I haven't seen much community feedback or in-depth reviews about its real-world performance, support, and feature set.


Has anyone here used cPFence extensively on production servers? I'm particularly interested in:

• Malware detection & removal accuracy
• Firewall and brute-force protection
• Resource usage compared to cPGuard
• Integration with cPanel & WHM
• Support responsiveness
• Overall reliability and false-positive rate

Also, how does it compare to cPGuard? I’ve used cPGuard before and found it solid, but I’m curious if cPFence offers anything better or more efficient, especially for servers with a large number of cPanel accounts.


Any insights, benchmarks, or honest feedback would be greatly appreciated!


Thanks in advance!

 

[SharedGrid]

cPGuard is far superior to cPFence in my experience. I went through a testing phase with one of my customers a few months ago with cPFence and it wasn't a good experience.

First of all, it made changes to every single WordPress website on the server which were completely undocumented (I don't know if they are documented now). There was no way to disable these changes or any way of knowing they were made until we started facing issues with websites.

1. .htaccess rules were added for every website
2. It added this line into wp-config.php for every website:
define( DISALLOW_FILE_EDIT, 'false' );
HINT: the false shouldn't be wrapped in quotes as it should be a boolean value, added it with quotes makes it a string which isn't correct. And why is it making those changes anyway?
3. It installed a mu-plugin for every WordPress site

These changes are not removed when you remove cPFence, either.

Why a server security product around AV, Malware, WAF, brute-force protection, etc feels the need to change CUSTOMER websites, I do not know.

There was probably more too, but I honestly can't remember.

Oh, and the fact their 'central web-ui' doesn't work if any of the secondary servers have a SSH login banner, their support advised to remove the SSH login banner. The Computer Misuse Act in the UK within section 1 it says "There must be knowledge that the intended access was unauthorised"... which the SSH banner shows.

cPFence is only for the Enhance control panel, it's not compatible with cPanel & WHM.

I utilised cPGuard also for a long time, very good product but their WAF let through a few basic HEAD request attacks which I wasn't overly impressed with. Switched to BitNinja a few months ago and it's such a better product on many levels, in my opinion.

 

[juanzo]

We've recently switched from Imunify360 to cPGuard and so far, we are happy with it.

@SharedGrid did you find BitNinja better? Haven't tested this myself yet.

 

[SharedGrid]

We've recently switched from Imunify360 to cPGuard and so far, we are happy with it.

@SharedGrid did you find BitNinja better? Haven't tested this myself yet.

When we were using cPGuard, many customers moved to us from cPanel hosts that were using Imunify360 and the amount of genuine embedded backdoors in sites cPGuard found was crazy. Imunify360 never detected those for years according to some customers. I highly rate cPGuard.

I did some very heavy testing against cPGuard, cPFence and BitNinja. BitNinja came out top for us. It's more expensive but worth it IMO. The per-website pricing from BitNinja for Enhance hosts makes it quite attractive too.

 

[juanzo]

I did some very heavy testing against cPGuard, cPFence and BitNinja. BitNinja came out top for us. It's more expensive but worth it IMO. The per-website pricing from BitNinja for Enhance hosts makes it quite attractive too.

Thanks for sharing this. Even though we've recently migrated from IM360 to cPGuard, and found the same better results you mention, was there any specific reason you found BitNinja better?

Several people at Enhance forums complained about them and / or the owner, but haven't understood why, and for the time being we are only using cPanel.

 

[kanti]

I have a mix of software on my server, including some of IM360 and some of cPGuard. However, I believe cPGuard is better, particularly due to a recent malware issue.

 

[SharedGrid]

Thanks for sharing this. Even though we've recently migrated from IM360 to cPGuard, and found the same better results you mention, was there any specific reason you found BitNinja better?

Several people at Enhance forums complained about them and / or the owner, but haven't understood why, and for the time being we are only using cPanel.

The WAF performs better, with other products the odd attack here and there managed to get through the WAF but we've had nothing since switched to Bitninja. There are also way less false positives, I can't actually recall having a false positive since switching.

You have the ability to check what attacks a IP address has shared across other Bitninja servers, depending if you set it to share this data. You can also set a Captcha on 1 domain or part of a domain if a website is under attack.

There is also the 'Website Security Dashboard' which allows you to give customers access to their security data, whitelist IP's, run their own AV scans, etc.

I have seen a load of complaints about resource usage from people, but we have found the usage to be on par with other products. I'm not sure if they are trying to run it on a 2 GB VPS or something.

 

[MladenVM]

Thanks everyone for sharing your experiences, really helpful. Haven’t tested BitNinja yet, but if the WAF is stronger with fewer false positives, it seems worth trying. Would be great to hear how it performs on busy cPanel servers.