All categories » FAQ Overview

Domain Management

How to add, edit and delete emails on

See the video below for a quick overview of email management on ClusterCS.

Author: Alexandru Bucur
Last update: 2017-03-01 13:03

Adding and managing (sub)domains in ClusterCS

Adding and managing domains in ClusterCS is easy and straightforward. Subdomains are added in exactly the same way as main domains.

First of all, let's talk about Domain Groups:

A domain group is used to filter your domains, categorize them. For example, you can have two separate groups, "Personal websites" and "Work websites". The choice and whether you want to use them is up to you:


Now, adding a domain is the first step you have to do in order to have a working website:


In order, the data you need to insert:

Domain name: This is the full domain or subdomain name, without www. (E.g:, ClusterCS will allow that domain to answer to both non-www as well as www requests for that domain.

Username: In order to have a working domain, a system user needs to be created, here you can name it.

Password: Set a password for the user. Generate will set a random, very secure password for you.

Login Type: Set if you want to be able to login with the user using FTP or SSH (or neither). This is a way to give access only to the files used by the domain, without compromising the other services/domains.

Domain Group: Here you can assign the domain to a group, for filtering purposes. Recommended for accounts that hold a high number of domains.

Server: The server (If you have more than one) that you want to serve the domain requests.

Storage location: In case you have an environment with multiple storage locations, such as a NFS, you can set where the domain files will be stored.

Entry point: If you have a load balancer, such as haproxy, or another proxy service, you can have it as an entry point, and it will proxy/balance the requests to the appropiate services and servers.

PHP Version: If you have a multi-version PHP environment, you can freely choose the version you wish the domain to use. Some code works better on PHP 5.6, some works best on 7.0, for example.

IP: In case you have a server with multiple interfaces or subinterfaces, meaning multiple IPs, you can choose which IP to publicly use for the domain.

Enable DNS Management and Webland Cluster(, If you wish, you can use our DNS server to set your own zone in the Cluster, which you can modify as you wish. Take note that you have to set your Nameservers to and in your tld provider!


Now you can see the domain dashboard. From here you can manage everything for your domain, such as Aliases, DNS, Databases, E-Mails. If you ever forget the password, you can click Show just under it.

For Aliases, you need to introduce the www as well as non-www. Aliases are used for a domain to answer to one or more domain names! E.g: I set my domain to answer requests for both as well as!


That's it! If you followed everything, you should have a working domain!

Author: Viorel Ciurusniuc
Last update: 2017-10-03 09:41

Add and manage WordPress or any CMS with ClusterCS!

ClusterCS offers easy CMS management (WordPress, Drupal, Joomla, PrestaShop, xCart, etc.)

First of all, if you need help to create a domain, you should check out adding and managing domains with ClusterCS

A CMS needs a working database and access to it:


Set any name you wish for your Database:


You also need an user for the CMS to connect to the newly-created database:


Again, choose a fitting name, and you can use our generator for a secure password:

Keep localhost checked if you are on a single server environment, and need to connect only from within it. If you want to have access to the database remotely, or have a Cluster, then Anyhost will allow you so.

Global Locations - You can define your own list of IPs from where to connect, available for all Database Users within your ClusterCS account

User Locations - You can define your own list of IPs from where to connect, available only for the current Database User


Giving pemissions to access the database to the user should be the next step. Keep in mind, you should give it only the permissions it needs. (For most CMS, the permissions needed are SELECT, INSERT, UPDATE, DELETE, however they may vary depending on the CMS and the plugins that you need).


Now you should have enough to install your chosen CMS... except for the CMS. Go ahead, download your CMS of choice and upload it to the public_html folder of your domain.

For example's sake, I have chosen wordpress, from

Accessing your domain will take you to the install script of the CMS. Here is what mine looked like:


Congratulations! You should now have a working CMS installed on your domain!

Author: Viorel Ciurusniuc
Last update: 2018-09-20 16:55

Caching on Wordpress using nginx

Caching your wordpress using ClusterCS
Whether you want more speed, a better experience for your visitors, for SEO, or any personal reason, chances are you want a caching layer on your website.
Caching in ClusterCS is achieved by spending only a few minutes in the Control Panel.
Start by going in the Speed tab of your domain.


Now you should scroll down to ADD NEW RULE


and set the following conditions, which I will explain lower:

 path begins_with / - this is the base path on which the cache layer should be applied. if your wordpress installation is located in a subfolder please adjust accordingly, ex: "path begins_with /blog"

path not_ends_with .php - calls to php files are most likely custom data that should not be cached

cookie - not_contains - wordpress_logged_in – WordPress maintains a cookie which is an indicator of this state – wordpress_logged_in - if it caches it, then some private user data may be shown publicly

method - get - other types usually have important actions being carried and shouldn’t be lost


Don't forget to set the last option with "cache_with Webserver/nginx"

Once everything is set up, you need to give your domain some time (About 30 minutes) to populate the cache. During that time, you may experience some higher resource load, which is totally normal.

For more in-depth details about the Speed Engine, please visit our KB Article

Now you can take full advantage of your cache and serve more users, faster!

Author: Viorel Ciurusniuc
Last update: 2018-09-20 15:52

Setting up your email using ClusterCS (Android&Thunderbird)

If you want one (or more) email address on your domain, ClusterCS offers an easy way to setup it.

Start by navigating to the Email tab of your domain:


On the Add Email form, you have to set up an email address and a password. The extra options include setting a fixed Inbox size for the email address.

You can also set aliases (In the case of the picture below any mail sent to aliasexample[at]example[dot]com will be sent to this inbox - example[at]example[dot]com) and forwards (In this case all mails sent to example[at]example[dot]com will be also sent to example[at]clustercs[dot]com. Remember to press Enter after entering each alias/forward email in order to save it.


Now, you probably want to set an e-mail client for your new e-mail address. The ones we recommend are Thunderbird (For PCs) and the default GMail app (For Android).

For Thunderbird, the settings should be as follows (Replace with your own domain):


As for Android, go into the GMail App and add a new account:


Here you have two choices: IMAP downloads the mails on your phone, but also keeps them on the server, while POP3 deletes the e-mails from the server and you can access them only from your phone. Choose the one that you want:


For the Incoming Server Settings, you have to use your e-mail address and your password. As mail server use


When you tap Next, the app will search for Security Certificates (SSL Certs), to select an appropriate protocol (SSL/TLS if you have a certificate installed and STARTTLS if you don't). If it doesn't find any, it will show a warning which you can just ignore, and you click next on this screen, as it has done the settings for you:


And for outgoing you should use the same settings as on Incoming:


That's it! Now you will receive e-mails on your Android Phone!

Author: Viorel Ciurusniuc
Last update: 2017-04-30 06:01

Backing up your domains with ClusterCS!

Everyone hates losing their data. That's why, most of us keep weekly, even daily backups.

ClusterCS allows for easy backup jobs management, with possibilities to store them locally, or upload them on a remote server.

Navigate to the backup tab of the Control Panel on the domain you want the job done:


Here you have two options:

  • Adding a repository - is not mandatory, in order to use an external FTP server to upload your backups to, you need to add a repository:


Name: It's a tag for your repository, to identify it

Hostname/IP: Either a domain or an IP

Backup directory: The directory to which the backups will be uploaded. It is relative to the user's root folder

FTP Username/Password: Credentials used to log in


A successfully added repository should look like this:


  • Adding a backup job - I will get into details under the pictures


Backup name: Is used to identify the job

Store backup in: You can choose to either save it locally (Server storage), or have it uploaded on a repository/FTP server

Notification e-mail: You can set notifications via e-mail when a backup job is run. By default, the ClusterCS account e-mail is introduced automatically.

Back up: 

  • All configuration and content
  • Files - backs up your public_html folder
  • The text fields are used to skip files and folders from being backed up (Such as large folders with many images that do not necesarily need backing up too often)
  • Databases - You can select to back up all databases, only the ones you check under or skip the ones you check
  • E-Mail - You can select to back up all e-mail accounts, only the ones you check under or skip the ones you check
  • Verify empty space - Checks if there is enough space before attempting backing up
  • Abort on low space - If there is not enough space to back up the files, it will automatically cancel the job
  • Disable website - You can select this to put the site under maintenance while the job is running. It is recommended, so that the files aren't accessed for read/write while they are being backed up, to prevent corruption. Under, you can select to put the site into maintenance only when backing up files or databases.
  • Schedule - You can set exactly at what times to run the jobs, and how many previous backups to keep. It will automatically delete the older backups.


Alright! If you have set up your backup successfully, the backup tab should look like this!

Author: Viorel Ciurusniuc
Last update: 2017-04-30 05:20

Set up Cronjobs using ClusterCS

If you want something done at a certain time, you probably want a cronjob for it.

ClusterCS offers a simple way to manage your cronjobs. First thing to do is to navigate to the Cronjob tab on your domain and Add a cronjob:


Our Control Panel offers predefined times at which you might want to execute the command, or you can set yourself a Custom time:


If you chose Custom, some important things to remember:

  • * - means every possible number for that position. For example * in all the fields means the cron will be executed every minute
  • You can set multiple numbers in a field. For example, if I want a cron to be executed at minutes 36 and 49, I would have 36,49 in the minute tab
  • You can also set ranges. 12-23 in the hour tab means every hour between 12:00 and 23:00
  • Dividers can be used as well, if you want a cron to be used every X minutes/hours/days/months. */30 in the minute tab will execute the cron every 30 minutes.

The command in a cron can be anything, from simple commands to paths to scrips or even to send emails.

Here is a sample Cron, that executes a shell script every 6 hours:


After you successfully added a cron, you should see it in the Cronjobs tab, from where you can edit or deactivate it:


Now you should be ready to create your own cronjobs to suit your needs!

Author: Viorel Ciurusniuc
Last update: 2017-04-30 08:00

Install SSL certificates on your website with Cluster CS!

A key feature of Cluster CS is installing any certificate in 5 clicks or less. It will also configure your services to be ready to server HTTPS content. (Please note that you may need to optimise your website to serve content using HTTP)

NOTE: You will need to allow traffic towards port 443 on your server, through the Cluster CS firewall. For more information, please check THIS LINK

You can go to the SSL tab on the domain you want:


Here, you have 3 options:
-Self-Signed - used in development or testing mostly
-Let's Encrypt - good for most tasks, live websites, also good in development or testing
-Manage Certificates - Here you can edit/delete already installed certificates or install certificates from certified authorities (Paid certificates)


I will go into detail for the latter two.
Let's Encrypt is possibly the best free SSL certificate, also the easiest to install using Cluster CS.
NOTE: You need a valid DNS for the domain (and aliases, if you're using any) you want to generate a Let's Encrypt certificate!

The form is already completed, using your domain name, aliases and e-mail. So, unless you need to add data of your own, or delete some domains on the list, you can click Start.


Once you clicked Start, the Operation will be In Progress.


When the certificate has been installed and your services configured, your SSL information will be displayed on the SSL tab of Cluster CS:


Now, on Manage Certificates you can activate/deactivate, edit, delete or add new certificates in just as many simple steps! You can also get all the certificate-related info, such as Certificate Signing Requests, Private Keys, Certificates and Chains.


Scrolling down, you can see the button to generate a new CSR (Used if you want to buy a certificate from an authority), or install already generated certificates, regardless of their source!


To generate a CSR, you need to introduce some data about yourself, your company or your organization.


And the CSR generated can be used to buy a certificate from an authority, you just copy-paste it into the CSR field on their website.


If earlier you introduced a certificate and clicked Verify, you will be promped with additional fields to complete. You can also choose if you want the certificate to be active right away or not:


Your domain should now be ready for all that HTTPS traffic you're going to get!

Author: Viorel Ciurusniuc
Last update: 2017-06-27 03:14

Moving your domain(s) from CPanel to ClusterCS

If you want to move over from a CPanel server or shared hosting to a server managed by ClusterCS, but don't know where to begin, you will now find out that it's relatively simple.

First of all, you need to have a domain added to ClusterCS. For more information on how to do this, you can check THIS link.

Once you are ready, you will have to do a full backup of your CPanel domain. You can do so using their Backup Wizard:


Creating a full backup will save everything: The home directory, databases and any e-mails associated with your domain:

 If you want to save the backup in your PC (If you are not confortable with using SSH commands) click here to go to point B


A. Uploading the backup directly to the server and setting the files using SSH

Go to the Manage section of your domain in ClusterCS, when you will find all the data you need:

In the CPanel Backup Wizard, you can now select Remote FTP Server (passive mode transfer) to directly upload the backup to the new server. Use port 21 for this, and the Remote Dir option should stay empty:

Now you wait for the backup to be generated and uploaded. Once the procedure is finished, you will get an e-mail (If you chose to be notified), and the backup will appear in your user's root FTP directory.


Now, to place the files in their respective folders, you need to login to your server using your SSH Client of choice. For most commands, replace the curly braces {} and the text inside them with the names that fit your case.

Then, you need to go to the user's home folder and unzip the archive:

cd /home/{your username}
tar -xzvf {archive name}

A folder with the same name as the archive has been created, which you can now enter

cd {backup folder name}

In case your SSH connection closes, before entering any commands you will need to change the working directory to the backup folder using:

cd /home/{your username}/{backup folder name}

If your domain is the main domain added in CPanel, to move the files you can use the following command:

rsync -avz homedir/public_html/ ../public_html/

If your domain is added on CPanel as a subdomain or addon domain, go to the respective section in your CPanel and take that domain's document root folder, which should look like public_html/{folder name}, and use this command on your new server:

rsync -avz homedir/public_html/{folder name} ../public_html/

The last thing to do is to set the ownership on the new files, so that the webservers can properly access them:

chown -R {your username}:{your username} ../public_html/

Voila! The files are ready to be served, but most websites also use (at least) a database. You can go ahead and create any databases your domain uses in ClusterCS. THIS article should help you if you have any trouble.

Keep the SSH connection open.

If you know the database user(s) password(s), you can add them exactly as they are in CPanel "MySQL Databases" tab. Remember to Associate the user(s) to the database(s).

Now we only need to restore the database(s) from the Full Backup created. They are all located in the mysql folder. Use this command once for every database you need to restore:

mysql -u {database username} -p {database name} < {database name}.sql

Now your domain should be fully working!

If you want to transfer e-mails as well, click here.


B. Saving and uploading the backup from your PC

If you aren't familiar with secure shell (SSH) commands, then you also can upload the backup using FTP/phpMyAdmin. Please do keep in mind that phpMyAdmin is not a good solution for large databases.

 Instead of choosing a Remote FTP server, you can choose to save the backup to the home folder of your domain in CPanel. Once it is done, you can download there from their File Manager or using any FTP client.

Once you have the backup, you should unzip it on your PC, enter the newly created folder, and connect to FTP using the credentials in the Manage tab of your domain on ClusterCS. Should look something like this:

From the newly created backup folder on your PC, you should navigate to homedir/public_html and copy all the content of that folder to the public_html folder on your domain.

As for the database, first create the database(s) you were using. After setting the username(s) and database(s) and associating them, you can connect using phpMyAdmin:

From here, click on your database, import and select the .sql file from the backup folder/mysql/

NOTE: If you get any errors related to collation, edit the SQL file and use the Search and Replace function of your Text Editor to replace any utf8mb4 occurences to utf8


C. Moving e-mails from CPanel to ClusterCS:

Check this guide to add the e-mail addresses to ClusterCS before migrating anything you have on CPanel:

If you used method A: Connect using SSH to your VPS. Use the following commands to move the mails folder to the right place (Replace {your domain name} with the folder bearing your domain's name):

cd /home/{your username}
rsync -avz {backup directory}/homedir/mail/{your domain name} /var/mails/         - Make sure there are no slashes after {your domain name}
chown -R mails. /var/mails/{your domain name}


If you used method B: Enter the backup folder on your local PC and upload using any FTP client the homedir/mail/{your domain} folder to the user's home folder on your VPS.

Connect using SSH to your VPS. Use the following commands to move the mails folder to the right place (Replace {your domain name} with the folder bearing your domain's name):

cd /home/{your username}
rsync -avz {your domain name} /var/mails/         (Make sure there is no slash after your domain name)
chown -R mails. /var/mails/{your domain name}

Author: Viorel Ciurusniuc
Last update: 2018-03-20 09:07

ClusterCS Speed Engine

At ClusterCS, we have always focused on automation, flexibility and ease of use. The Speed engine is a traffic router for the web services that can deliver your website content. The Speed section interface offers an intuitive rule builder for sending and resolving web requests with the desired web service based on various conditions. The same logic applies to single servers and complex server clusters managed by ClusterCS. For more information on the ClusterCS Speed engine concepts please read the < ClusterCS Speed Engine – Concepts > section.


The Speed engine functionality is available for setups that utilize the HAproxy service as the web domain entry point. Services that can be utilized for traffic routing include Apache, NGINX, Lighttpd and Varnish, given that their settings have enabled HAproxy as the upper layer 7 load balancer. The default “Smart LAMP” setup provides this entire functionality out of the box. For custom setups, please make sure you follow the guidelines above.


A speed rule is composed of conditions and associated action. If the conditions are met for a request, the selected action is performed. It is very important to remember that the order of the rules matters. If a certain rule meets the criteria, its action will be executed, and remaining rules will no longer be evaluated.

If none of the rules match the received request, it will be forwarded to the web service assigned as default in Speed.


The rule conditions contain the following test types

  1. Path – the component of the URL following the domain name and before ‘?query’ Eg: for , the path component will be “/example_path/”

    url_sub and not_url_sub (negation) tests will perform searches across the entire URL (including what is after ‘?’)

  2. Scheme – the URL scheme type (http or https)

  3. Cookie – cookie tests will be performed on the entire cookie header string

  4. IP – the source IP of the entity making the web request (client IP)

  5. Method – http request method (GET, POST, etc.)

  6. Host – matches on the domain name.

    Important: since the rule is created logically under a domain name, tests for the domain names and aliases are always performed so this rule is evaluated under the correct context. However certain tests require specific matches on the domain name such as tests for www. components or alias only tests - these can be easily performed with the Host tests

  7. Referrer – web request http referrer

  8. User Agent – web request user agent (eg: browser detection)


The actions contain the following options:

  1. Serve With – select one of the load balanced web services to handle the request, this reflects your currently set up services

  2. Cache With – select a caching capable web service to proxy the request through

  3. Clear Cache – define and protect a clear cache URL that can be used for refreshing a cache

  4. Block – allows rejecting a request to protected resources defined by conditions (eg. Admin area)

  5. End with HTTP code – like Block but can end the execution with various status codes

  6. SEO Redirect – ability to do http/https changes, www to non-www and vice versa redirects


Some of these actions can have a complex usage, that is why we are providing dedicated articles below to understand how to implement and benefit from them.

ClusterCS Speed Engine – Concepts
ClusterCS Speed Engine Actions – Serve With
ClusterCS Speed Engine Actions – Cache With
ClusterCS Speed Engine Actions – Clear Cache
ClusterCS Speed Engine – SEO Redirect

Author: Erno Gyorgy
Last update: 2018-04-05 11:13

ClusterCS Speed Engine – Concepts

Loading speed is one of the most important metrics in the web industry. Search engines for example take website’s speed very seriously nowadays and speed has a definite role in their ranking algorithms. Powerful tools and utilities are available on the web to guide us in achieving the best website delivery speeds. The recommendations are in majority related to code restructuring and request handling improvements.

While ClusterCS does not manage your code, it can surely help with the server-side optimizations, this being the key purpose of the Speed section.

The classic concept of a web server is the traditional LAMP – Linux, Apache, MySQL, PHP. This means that when you install a website such as WordPress on these setups, your resolving web service is Apache which handles all the requests. A web page load generally contains the main “URL” request which delivers the page html which in return triggers additional requests for all the static content (such as images, JavaScript, CSS) and other dynamic content requests (such as AJAX requests). Apache is a great web server for resolving requests, but it can lose performance when bombarded with requests.

ClusterCS proposes a modern approach to serving web content by providing the possibility to handle requests with the most suitable web service which leads to faster and better SEO ranked responses.

If we take the previous example of web requests which trigger a main “URL” request and then 50 to 100 images, js and CSS files (imagine the numbers when you have a high number of users on your web sites), instead of sending everything to Apache we can route only the main html request to Apache and rest of the static files to a fast, lightweight service such as Lighttpd or NGINX. This diminishes the effort on Apache tremendously and will have an important improvement on how your servers handle the incoming traffic and how it’s responses are ranked in SEO.

Response times can be greatly improved by utilizing caching. Choosing ClusterCS caching automation will ensure an immediate and hassle-free caching implementation. Varnish and NGINX both provide great caching mechanisms and are trusted all over the world in many environments.

Experienced users can further customize the web service configs. ClusterCS automation focuses on helping save time with many config scenarios and providing advanced strategies, while allowing specific customizations. ClusterCS provides the configs resulting from the routing automations and they can be further configured for specific functionalities.

ClusterCS Speed section is a great resource for both novice/non-technical users and experienced sysadmins. Our Support Team will always be there to guide users on how to create the best setups, therefore don’t hesitate to request information.

ClusterCS can also help with A/B testing for web server delivery architectures. We often find ourselves wondering if using a different approach can bring benefits, but we might lack the time or in-depth knowledge on how to test or switch to new ideas. With ClusterCS you can easily switch between ideas as you are backed up by reliable automations that reconfigure your server across many web services. This way you can avoid wasting hours or days on manual setups, not to mention possible mistakes that are hard to debug.

Complex server cluster architectures bring a whole other level of complexity to the table. ClusterCS hides the complexity of the underlying server infrastructure and implements the routing automation as easily as with single servers. If you outgrow a single server or require high availability to your web site(s), a cluster of servers managed by ClusterCS will not be a step in the unknown but rather a simple and normal evolution to your business.

Author: Erno Gyorgy
Last update: 2018-04-04 16:36

ClusterCS Speed Engine Actions – Serve With

Deliver your website content with the best web service for the task. In the article “ClusterCS Speed Engine – Concepts” we’ve explained our concept of routing request types to specific web services. A quick example is whether you want to serve PHP with Apache or NGINX. Or maybe decide to improve server utilization and delivery speed by using a lightweight server such as Lighttpd or NGINX for serving static files (images, javascripts, css).

“Serve With” action allows you to configure the web requests to be handled with a specific server if the associated conditions are met.


Since examples are easy to understand in this case, let’s go over a few scenarios.

  1. Serve static files with Lighttpd


This rule states that if the path component of the URL ends with common static file extensions, the rule should be handled by Lighttpd. It is a default rule added by ClusterCS when adding a new domain to instantly improve the server resource usage from your web site requests. In some occasions, your website script may not provide the resource at the exact URL location (for eg on the fly generated thumbnails in Drupal) which can lead to Lighttpd returning a 404 Not Found error. In such cases you may disable or remove this rule so that traffic flows to your default backend service or to another rule that you create to better handle the situation. In certain occasion, these resources are generated on the fly by the script and you can often find great improvements if you replace the static files rule with a “Cache With” rule to intercept this traffic. This alleviates the problem of the script continuously generating resources on every request. For more information on “Cache With” action please read the following article "cache with"

       2. Serve with NGINX

It’s easy to send traffic to NGINX. Compared to Apache, NGINX lacks the capability to read .htaccess files which is a general standard for rewrite rules in most of the common scripts. Instead of relying on htaccess, rewrites must be placed in the NGINX server block. You can easily find resources to customize your NGINX setup and ClusterCS makes it possible to add those by customizing the corresponding block configuration.



Click Customize next to Serve With NGINX and you can enter your custom rules


The custom NGINX config in its basic form contains a series of variables marked with a starting and ending $ sign which are later replaced by corresponding values based on various rules. We advise against replacing or removing those as in most cases it will result in broken configurations. These elements should not interfere with any NGINX customizations you need to  and, in most cases, you need to add your rules at the end of the server block (before the last ‘}’ sign)


      3. Serve with Apache

Apache is set as the default server in standard ClusterCS setups. If you need to change the default or force Apache in certain conditions in between other rules you define, this easy selector achieves this. The Speed Engine allows multiple “Serve With” rules and it´s very important to remember the order of the rules matter. Use the drag icon to arrange them in the correct order. With NGINX you can have different custom configs per each zone which makes it easy to configure various custom rules per location, Example cases can include a web site which contains several types of scripts under the same domain (eg. Drupal, WordPress, etc.)

Author: Erno Gyorgy
Last update: 2018-04-05 11:21

ClusterCS Speed Engine Actions – Cache With

Caching is great improvement for your web site speed. In most cases it achieves instant visible speed gains and great advantages in SEO rankings. ClusterCS offers two caching engines: Varnish and NGINX. Depending on your decision or received recommendations you can use either of them with great trust. Same automation features have been implemented for both systems, so you can obtain quick advantages with a few clicks for many scenarios.

You can have multiple “Cache With” rules for a domain and you can customize the settings for each zone individually. 


Let’s take an example WordPress caching rule and discuss the available options. 


First, we select the caching engine Varnish or NGINX.

  • “use backend” defines the backend web service where the selected caching engine will proxy requests to.
  • “load balanced” refers to cluster environments when multiple servers are associated with the backend service. In a load balanced scenario, the caching engine will forward requests in a rotation (round robin) to all the available backend service servers. When “load balanced” is disabled and the caching engine is found on the same server with the backend service, it will forward the request locally to that server. When such a proximity is not available, it would revert to act as if “load balanced” is set to on. In single server cases, this setting is ignored.
  • “stickiness cookie” is available to clustered backend web service as well. Sometimes it is required that once a user hits a backend, he will always be sent to that backend (for example to keep a logged in session to the same server). In single server cases, this setting is ignored.
  • “Clear cache zone path” provides a mechanism for clearing the cache for the requests cached by this rule. This setting is only enabled when a main “Clear Cache” rule is defined and both definitions must contain a valid path. The URL to trigger a clear cache for this zone is built based on the main “Clear Cache” URL to which this path is added. Since ClusterCS handles both single servers and clusters, a clear cache action may require the cache to be cleared on more than one server. ClusterCS facilitates this by generating links which automatically cycles through the caching engines (servers) involved in the rule. This link can be triggered in a browser for an easy clear cache mechanism. This is especially useful when doing development and frequent clear cache actions are required. For environments when a programmatic trigger of clear cache is required, ClusterCS generates a link which provides a json that helps build the required individual URLs to trigger the clear cache action on all the involved servers. These links (both website and json) can be retrieved by clicking the “Get Links” button. Please remember that zone clear cache will not be available unless main “Clear Cache” rule is present. The “Clear Cache” rule is there to provide a mechanism for protecting your clear cache mechanisms from outside world. For more information on “Clear Cache” rule please read this article <Clear Cache link>. For your own security, always customize the clear cache paths and don’t use the default paths provided and use IP protection conditions in the “Clear Cache” rule or any other conditions that can prevent outside triggers to the clear cache links.
  • “Cache expiration per response code” allows you to set specific timers for expiration based on response codes. You can add, remove and customize response codes as necessary.
  • “Cache URL includes schema” allows creating of separate cache files for http and https links.
  • “Cache URL includes query string” defines the behavior when creating a unique cache key per request. If disabled, anything in the request URL past the ‘?’ sign is ignored, and a single cache file is created and served for any parameters that may show up after ‘?’. When enabled, the cache key will observer the query string parameters as well based on exclusions or inclusions lists.
  • “Cache URL params list” defines whether to use the excluded or included list logic on the server.
  • “Cache URL exclude params list” allows the definition of query string parameters (what follows ‘?’ in the URL) that can be ignored when creating a unique cache file. Any other parameters not included in this list will be part of the unique cache key of the file. The default parameters handle the cases of Goggle Analytics campaigns which in general have no meaning for your backend script and would highly disrupt your caching mechanism effectiveness. For this list to be active on the server settings, “Cache URL exclude params list” must be set to “excluded list”.
  • “Cache URL included params list” allows you to define the only query string parameters that matter to your script (anything that would mean a different content should be generated by the backend service). For this list to be active on the server settings, “Cache URL exclude params list” must be set to “included list”


Only one of the “excluded list” or “included list” can be active at one time as they are logically mutually exclusive. If you are required to have absolutely all query string parameters accounted for, you can select “excluded list” for “Cache URL params list” and clear the corresponding “Cache url exclude params list” box for any parameters (leave it empty).

NGINX used as a caching engine or as a backend web service can be further customized by using the associated “Customize” link when selected that exposes the generated config file.

Author: Erno Gyorgy
Last update: 2018-04-04 18:15

ClusterCS Speed Engine Actions – Clear Cache

Clear cache” action allows the definition of a main clear cache URL and to protect it against malicious usage. Use the conditions in the rule to define under which cases this link can be triggered.

This rule allows the definition of a global clear cache mechanism and the links generated for it will trigger clear cache across all the caching engine services involved for this domain (in all the “Cache With” rules). 



You can select whether this URL can trigger a clear cache for all NGINX and/or Varnish caching engines by selecting the appropriate check box near “clear NGINX cache” or “clear varnish cache”

The “Clear cache path” field is the actual definition of the clear cache path. Do not confuse this with a “Path” condition that you might select in the conditions area of the rule. That area is there strictly to define (protect) the access to this clear cache URL and any subsequent per zone clear cache URLs defined by the “Cache With” rules. For more information on using “Cache With” and defining per zone clear cache URLs please read the following article "Cache With".

The actual path will be generated by using the domain name with “Clear cache path” added as path without a trailing slash. If you specify a trailing slash, it will be ignored. Please make sure you take this into consideration when you “Path” conditions to filter access to this action. Also, internal clear cache URLs towards the caching engines involved will be generated by appending paths to this “Clear cache path”, so a “Path” condition should not employ “ends_with” filters or any other combination that would not validate a URL starting with your “Clear cache path” path.

Since ClusterCS handles both single servers and clusters, a clear cache action may require the cache to be cleared on more than one server. ClusterCS facilitates this by generating links which automatically cycle through the caching engines (servers) involved in the rule. This link can be triggered in a browser for an easy clear cache mechanism. This is especially useful when doing development and frequent clear cache actions are required. For environments when a programmatic trigger of clear cache is required, ClusterCS generates a link which provides a json that helps build the required individual URLs to trigger the clear cache action on all the involved servers. These links (both website and json) can be retrieved by clicking the “Get Links” button.

Author: Erno Gyorgy
Last update: 2018-04-05 11:28

ClusterCS Speed Engine – SEO Redirect

It is very often desired to have only one form of the URL (with or without www) and sometimes to enforce all traffic to be https.

“SEO Redirect” action solves these two problems in a simple rule setup and ensures the usage of a single redirect from any original format to your target URL type. Furthermore, these redirects are emitted directly by the HAproxy entry point, which avoids loading a backend web service with this processing.



Since most of the times these redirects need to happen on all URLs, you can use a generic condition that would cover all cases such as “Path” begins with “/”.

The target URL format is defined by the scheme redirect type (“scheme_http”, “scheme_https” or “leave_unchanged”) and by the “www redirect” type (“With www”, “Without www” or “Leave unchanged”).


The “redirect type” filed specifies the redirect code to be used in the response. Available codes are:

  • 301 – Permanent redirect
  • 302 – Temporary redirect
  • 307 – Temporary Redirect and keep method
  • 308 – Permanent Redirect and keep method


307 and 308 response codes are a bit lesser known codes and they function as their 301 and 302 counterparts but additionally instruct the browsers to keep the same method and parameters (i.e. POST method and parameters) when calling the target URL.

If you do not require a “www redirect” type (specified with “Leave unchanged”) and you only need a http/https redirect, a small processing optimization can be achieved by specified a condition for the initial schema. For example, when redirecting to https you can specify a “schema” condition “http” and vice versa for redirects to http, you can specify a “schema” condition “https”. This optimizes a bit rule placement and evaluation in HAproxy and avoids unnecessary processing.


Author: Erno Gyorgy
Last update: 2018-04-04 18:28

Convert a ssh-keygen public key to a PEM format that you can use on ClusterCS

In case you are using a ssh-keygen public key to connect to your server/VPS, and want to use it to start a server setup using ClusterCS, you will need to convert to a PEM format.

First, make sure you have a file that contains only your key, let's say it's called Afterwards run the following command:

ssh-keygen -f -e -m pem

In the terminal you will see the key in PEM format. Use that to start your setup on ClusterCS!

Author: Viorel Ciurusniuc
Last update: 2018-07-06 09:01

Getting started with ClusterCS Logs

This entry is in revision and can not be displayed.

Author: Viorel Ciurusniuc
Last update: 2018-10-02 15:54

Getting started with ClusterCS DNS Zone

This entry is in revision and can not be displayed.

Author: Viorel Ciurusniuc
Last update: 2018-10-02 16:28

Server Setup

How to add a single server to

How to add a single server to

Author: Alexandru Bucur
Last update: 2017-03-01 13:16

How to add an AWS server to

Adding an Amazon server to ClusterCS:
Adding a new Amazon server to ClusterCS is very easy, and it takes only 3 steps:
1. Setting the Security Groups
You can do so by going into the Security Groups tab in the left menu panel

Then you can Edit the Inbound Rules, and allow our two IPs ( ,

2. Getting the instance IP:
You can find it in the Instance dashboard:

3. Finding your user and SSH Key:
ClusterCS uses SSH to connect remotely to your server. This means it needs a valid root access account. You can connect to AWS using SSH Keys. You set and downloaded such a key when you created the instance, at a step similar to this:

The user is not the default "root" one either. An easy way to get it is by Clicking Connect with the instance selected:

Afterwards, the user is shown (The user usually is ec2-user, however it may differ depending on the package you have):

Now you have everything you need in order to add your AWS Server to Thank you for using our services!

Author: Viorel Ciurusniuc
Last update: 2017-04-17 13:00

How to add an Azure server to

Adding an Azure server to ClusterCS:
Adding a new Amazon server to ClusterCS is very easy, and it takes only 2 steps:
1. Getting the server public IP:
Your Public IP can be easily seen in the Overview tab of your Instance:

2. (Optional) In case you forgot your root access user and/or password
Azure asks you to add an user and password when you create your Virtual Server Instance. If you forgot them, they can be easily reset from their Control Panel:

Now you have everything you need in order to add your Azure Server to Thank you for using our services!

Author: Viorel Ciurusniuc
Last update: 2017-04-16 13:09

Which modules do I need? A summary of ClusterCS supported modules.

When adding new modules, you have to keep two things in mind: The modules you need (Left side) and the server(s) you want them on (Right side).

ClusterCS currently offers installation and management for 22 modules:
1. apache - the world's most used web server. Highly recommended in most environments set on serving web content and a core component of the LAMP stack
2. lighttpd - lighttpd is a secure, fast, compliant, and very flexible web-server that has been optimized for high-performance environments. It has a very low memory footprint compared to other webservers and takes care of cpu-load. Its advanced feature-set (FastCGI, CGI, Auth, Output-Compression, URL-Rewriting and many more) make lighttpd the perfect webserver-software for every server that suffers load problems
3. haproxy - very fast and reliable solution offering high availability, load balancing, and proxying. It is particularly suited for very high traffic web sites and powers quite a number of the world's most visited ones. Recommended by the ClusterCS team!
4. php - The core module needed to compile, run and serve PHP scripts and web pages
5. iptables - an application that allows configuration of the Linux firewall, for IPv4 protocol. Highly recommended by the ClusterCS team!
6. proftpd - A high performance, very secure FTP server
7. nginx - high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. NGINX is known for its high performance, stability, rich feature set, simple configuration, and low resource consumption
8. mysql - is an open-source relational database management system. A core component of the LAMP stack.
9. mysql-cluster - is a technology providing shared-nothing clustering and auto-sharding for the MySQL database management system. It is designed to provide high availability and high throughput with low latency, while allowing for near linear scalability
10. mariadb galera cluster - is a synchronous multi-master cluster and database replication for MariaDB
11. postfix - A fast, easy to administrate and secure mail server
12. storage_location - a mandatory module designed by ClusterCS team which manages the server storage for both single-server setups, as well as clusters
13. roundcube - A browser-based IMAP client, providing the full functionality of an e-mail client
14. fail2ban - a service that scans log files to detect possible intrusion/malicious attempts, and temporarily blacklists the IPs. Useful against brute-force attacks
15. memcached - a distributed memory object caching system intended for use in speeding up dynamic web applications by alleviating database load
16. stunnel - an application used to provide SSL/TLS tunneling service, enabling secured TLS/SSL connections. Used for communicating over HTTPS.
17. phpmyadmin - a tool written in PHP, used to manage and administrate mySQL databases over the web
18. spamassassin - an anti-spam platform used to filter spam e-mails
19. clamav - an open source antivirus engine for detecting trojans, viruses, malware & other malicious threats
20. varnish - is a web application accelerator also known as a caching HTTP reverse proxy.
21. redis - is an open source in-memory data structure store, used as a database, cache and message broker. It supports data structures such as strings, hashes, lists, sets, sorted sets with range queries, bitmaps, hyperloglogs and geospatial indexes with radius queries
22. pacemaker - is a high-availability cluster resource manager, it achieves maximum availability for your cluster services (a.k.a. resources) by detecting and recovering from node- and resource-level failures

Author: Viorel Ciurusniuc
Last update: 2018-10-02 15:57

Which setup is best for me? Introducing Smart Load LAMP!

After ClusterCS successfully connected to your machine, you need to tell our system which modules you want it to install and manage.

We currently have 3 predefined server recipes, each ready to serve web content:
1. Smart web server (optimized LAMP) - this is our signature, recommended setup. It is a High Availability, very scalable solution intended for clusters, as well as single servers. It uses the haproxy load balancer to direct (proxy) the incoming traffic to specialized services: an Apache web server for dynamic content, which includes scripts and the bare web pages, lighttpd for serving static content, images and video, and nginx which serves as a caching layer.
2. Simple LAMP web server - a web server setup, which uses the Apache service in order to serve all the web content, consuming less resources than our optimized LAMP solution in low traffic environments, great for start ups, but it is less scalable than our recommended setup.
3. Nginx-php web server - a mirrored solution for our Simple LAMP web server, but using Nginx instead of Apache.

In addition, all our defined server recipes include: a firewall (Using iptables and fail2ban), mySQL database with phpMyAdmin to manage it, Postfix mail server with roundcube as webmail.
Any recipe can be further customized, in order to server particular needs. Choose the modules that YOU need!
You can visit our modules FAQ for further information on singular modules.

Author: Viorel Ciurusniuc
Last update: 2017-04-16 16:35

How to add a Bluemix (IBM) server to

Adding a Bluemix server to ClusterCS:
Adding a new Bluemix server to ClusterCS is very easy, and can be done in 2 steps:
1. Copy the droplet IP
You can get the IP by going to your device list and selecting the server:

The IP you need is the Public IP:

2. Getting the root password:
If you recently created the server, you have to wait between 30 minutes and 1 hour before you have full root acces. The credentials are found in the Passwords tab, the one that is required is the root password. You can reveal it by clicking on it.

Now you have everything you need in order to add your Bluemix Server to Thank you for using our services!

Author: Viorel Ciurusniuc
Last update: 2017-04-20 10:19

How to add a DigitalOcean server to

Adding a DigitalOcean droplet to ClusterCS:
Adding a new DigitalOcean droplet to ClusterCS is very easy, and can be done in 2 steps:
1. Copy the droplet IP:
You can get the IP from the droplet list screen:


or from the droplet details screen:


2. Getting the root password:
When you create the droplet, you will receive an e-mail with root login details, and the password should be there.
Remember, ClusterCS will require you to change the password of the droplet when you add it into the Panel for the first time.
If you lost the e-mail and/or forgot the password, you can resend the root password to your e-mail. 


Now you have everything you need in order to add your DigitalOcean Server to Thank you for using our services!

Author: Viorel Ciurusniuc
Last update: 2018-09-20 13:42

Setting Firewall rules with ClusterCS

ClusterCS offers the possibility to easily manage your Firewall rules directly from the Control Panel interface.

You can make changes to the rules by going to Server->Firewall:


Now you should see the Default rules that ClusterCS created. They are the minimum required for the server and web services to communicate, in order to keep your server secured.

You can add your own rules by scrolling down. I will offer details about each option below:


The rule sampled above is made to allow SSH connections:

  • Server: The server(s) on which you would like the firewall rule to be applied to
  • Protocol: The protocol which is used (TCP is the most common)
  • Source IP: The IP the requests come from. For example, to give access or block yourself only, enter your IP. If you want everyone to have access, leave it to any.
  • Port spectrum: On which port do the requests come from. Usually the Source and Destination port is the same, however there are special situations in which they differ.
  • State: The state of the incoming connection. ANY is the most used option.
  • Destination IP: This is used mostly for servers that use multiple IPs on interfaces/subinterfaces. If you want to allow only connections coming to one IP, you can specify it here.
  • Active: Set whether the rule is active or not when you Add it.
  • Action: You can either block or allow connections that verify the rule you set here.
  • Interface: You can limit the rule to apply only to connections coming on a certain interface. Leave empty if you don't want this option.
  • Description: Set a description which is visible in the Control Panel to know what you set the rule for.

After you click Add to add the rule to the Control Panel, you can either apply it or set another one before applying them to the firewall at once.

You will see a message, and the rules will be active in a couple of minutes.



That's it! Now you can set your own rules in the Firewall, suited for your own needs!

Author: Viorel Ciurusniuc
Last update: 2017-04-26 15:50

How to make a HA Cluster with ClusterCS

The defining feature of ClusterCS is creating and managing High Availability Clusters. All while offering a simple, friendly interface in the Control Panel.


Adding a Cluster will welcome you with the same interface as adding a Single Server. Here, you have to give credentials of every single server, you want to be part of it, and after ClusterCS check the credentials, you can add it to your cluster:


You can also add previously tested servers from the same screen, if you scroll lower:


After you add all your servers to your cluster, you can click "Continue to setup". Here is an example of a well-balanced one. Your setup may differ, according to your preferences, and this is what's great about ClusterCS: the flexibility of setups, to accommodate every need.


I will explain the names and modules chosen for each server:

lb - Load balancer, its job is to sort the requests and send them to the right server

db - Database, it will keep the databases and also execute the mySQL queries

st - Storage, it has all the domain files

work - One of the dedicated workers, which serves the actual web content (html/php/etc.)


The layers are already set up using "optimised LAMP", our recipe of choice for HA Clusters (And even single servers) that specialize in serving web content. Remember, you should assign each layer to the corresponding server(s) by clicking "Manage".

Firewall - All servers need a strong firewall, no matter their role, so I chose this for all of them

Smart Traffic Manager - Only on lb

Webserver - The worker(s) needs this layer, as it is the only one serving actual web content

Database - Only on db, the others will connect to it

Email - You can have it on any server, it is up to you.

Webmail & Utilities - work, as they do require the apache module to run

Storage - st, this is the main storage for the domains


You can now continue your setup. It takes about 20 minutes for your HA Cluster to have everything installed and be ready for work!

Author: Viorel Ciurusniuc
Last update: 2017-04-30 07:34

Re enabling SSH Access in ClusterCS

ClusterCS implicitly blocks external SSH access after a successfull setup.
In order to re-enable SSH access you can modify the server rules reading the following KB article

We recommend you specifying a Source IP in order to limit the possibility of unwanted access, if the Source IP is left on "any", the server can be accessed from anywhere in the world.

Author: Alexandru Bucur
Last update: 2018-09-20 13:21

How to update ClusterCS supported OS to the latest minor version?

This entry is in revision and can not be displayed.

Author: Iuliana Constantin
Last update: 2018-03-14 11:57


How to set up a git bare repository for code pushes in ClusterCS

Developers often need an easy and simple way of sharing code changes to a development and production setup.

This can be easily achieved by setting up a git bare repository and setting it as a remote git repository in your codebase. Git bare repositories are great because it's the perfect setup for sharing code.

In order to make this work, we first need to go to domains and click manage on the domain we want to do the setup.

The next step is to enable SSH as a login method since we're going to use that as the authentication method for getting to the bare git repo.

Now we can use the domain credentials to login via SSH on the server as the domain's user. In case you need to set up your server firewall to accept SSH connections you can read the Firewall Setup KB article.

Once logged in, your domain's root folder is set up at /home/~domain_username . Make sure you're in the domain root folder before carring on with the tutorial.

mkdir .gitrepo
cd .gitrepo/
git init --bare
cd hooks/
touch post-receive
chmod +x post-receive
vim post-receive

Now in the post-receive file, we're going to set up specific code that will checkout the received changes automatically in the domain's root folder. This can also be set up for other usefull functions like making sure file permissions are correctly setup, or specific post-deployment scripts are run.

We have two options for setting up the checkout

  1. Checking out only a specific branch

    GIT_WORK_TREE=../ git checkout -f [branch]
  2. Checking out any receiving branch (this is useful for a development setup)
    while read oldrev newrev refdo
        branch=´echo $ref | cut -d/ -f3´
        GIT_WORK_TREE=../ git checkout -f $branch


Once that's done, you can use the remote repository after you add it to your local git repository using the following command

git remote add [remote-name] ssh://[user]@[site]/~/.gitrepo

Now you can just push your code changes to the remote git bare repository and see your changes appear on the server.

Author: Alexandru Bucur
Last update: 2017-12-17 19:31