High-performance nginx for Plesk, with Apache config and .htaccess compatibility built in.
Run nginx-cyberpanel on public ports 80 and 443 while Plesk keeps managing your vhosts, certificates, PHP handlers and WordPress LiteSpeed Cache workflow. No migration, no rewrites.
bash <(curl -sSL https://cyberpanel.net/nginx-plesk-install.sh)
Browser-like benchmark measured on the server against this exact cached page (the nginx-cyberpanel LSCache fast path), run hourly. Real measured numbers, not synthetic. Raw capacity over the public internet depends on hardware, TLS, network path and cache-hit rate.
nginx performance without the migration risk
Plesk sites lean on Apache vhost config, .htaccess behaviour, PHP handler mapping, panel-managed SSL and WordPress cache plugins. Replacing that stack usually means rewriting all of it.
Without CyberPanel nginx
Migrating every vhost by hand, re-implementing .htaccess rules in nginx syntax, re-wiring SSL and PHP handlers, and giving up Plesk as the control plane.
With CyberPanel nginx
Plesk stays the control plane. nginx-cyberpanel reads the Plesk-generated Apache config in place and only takes over public traffic after config validation and license activation succeed.
Install stages it. A valid license activates it.
Install and traffic takeover are deliberately separate. If the synthesized config fails validation, traffic is never switched.
Install
One-line installer stages the extension and the OS-specific binary. Plesk Apache + nginx keep serving.
License
Admin saves a platform license key in the Plesk extension. It is validated immediately.
Validate
The privileged helper writes and validates the synthesized nginx config before anything switches.
Takeover
nginx-cyberpanel takes public :80 / :443. Apache stays on 127.0.0.1:7080 / 7081 for backend.
Rollback
Disable in the extension or run the uninstaller to return :80 / :443 to Plesk nginx + Apache.
Built for Plesk-managed WordPress fleets
A broad Apache and .htaccess compatibility surface, implemented directly inside nginx. See the full feature reference →
Reads Plesk Apache config in place
Virtual hosts, ServerName/Alias, DocumentRoot, SSL, proxy, rewrites, headers, includes — translated at nginx startup.
.htaccess compatibility
Rewrites, redirects, basic auth, access rules, headers, env, Files/FilesMatch, Expires, php_value, brute-force — merged per request with mtime caching.
WordPress LSCache support
Implements the LiteSpeed Cache plugin protocol: cache-control, tags, vary, and purge by URL or tag.
Plesk extension UI
Overview, Cache, Config, SSL, Diagnose and License tabs — operational control without the shell.
Safe takeover & rollback
Config is validated before any traffic switch. One disable/uninstall returns the node to stock Plesk.
HTTP/2, gzip & brotli
HTTP/2 on SSL listeners, gzip and brotli, with extension-side toggles in generated config.
License-aware domain limits
The binary enforces license validity and a per-tier domain limit. Same features on every tier.
Diagnostics for admins
Checks takeover, cache dir, gzip, brotli, HTTP/2, LSCache signal, PID shim and object cache.
Let's Encrypt helper
Issues certificates for managed domains, validates input, and surfaces useful ACME errors.
Cacheable WordPress traffic stays off PHP
nginx-cyberpanel implements the LiteSpeed Cache plugin signals so cacheable pages are served from nginx and never fall through to PHP/WordPress.
Plugin protocol, implemented in nginx
Reads X-LiteSpeed-Cache-Control, stores and replays X-LiteSpeed-Tag, builds vary sidecars from X-LiteSpeed-Vary, supports PURGE by URL, X-LS-Purge: * and tag purges.
The plain-client cache-HIT fix
Clients with no Accept-Encoding (curl, ab, loaders) now get an inflated in-memory cache HIT instead of falling through to PHP — so a load spike can't turn a cacheable page into uncached backend load.
Operational control, not just a binary
| Tab | What it does |
|---|---|
| Overview | Takeover status, enable / disable / reload controls |
| Cache | Purge LSCache-compatible cache globally or by URL |
| Config | View synthesized config and runtime toggles |
| SSL | Issue Let's Encrypt certificates for managed domains |
| Diagnose | Takeover, cache, gzip, brotli, HTTP/2, LSCache signal, PID shim, Redis |
| License | Save key, show tier, domain limit, current domain count, expiry |
x86_64 Plesk nodes
Separate binaries per OS family because nginx links dynamically against OpenSSL, PCRE2, brotli, libcrypt, zlib and glibc.
| OS family | Public binary |
|---|---|
| Ubuntu 22, Ubuntu 24, Debian 12 | nginx-cyberpanel-1.0.0-x86_64-ubuntu |
| RHEL 9, AlmaLinux 9, Rocky 9 | nginx-cyberpanel-1.0.0-x86_64-rhel9 |
| RHEL 8, AlmaLinux 8, Rocky 8 | nginx-cyberpanel-1.0.0-x86_64-rhel8 |
Claims scoped to what was actually tested
Cache-HIT behaviour is product functionality and a fast path. Raw server capacity depends on CPU, TLS, network path, backend and box size — we don't conflate the two.
Regression & parity
151 regression checks pass on Ubuntu/Debian, RHEL 9 and RHEL 8 build artifacts. OpenLiteSpeed docs parity: 55 PASS, 0 GAP, 0 FAIL. Public CDN artifacts are hash-verified.
What the load test proves
The scheduled test against this site demonstrates that the cache-miss 5xx collapse is fixed and cacheable WordPress responses stay on the nginx-cyberpanel fast path. It is not a claim of unlimited sustained capacity on any box.
Tiers differ by domain limit only
All activated plans include the same nginx, .htaccess, LSCache, HTTP/2, gzip, brotli, diagnostics and extension features.
| Tier | Domain limit | |
|---|---|---|
| Free | 10 | registrable domains |
| Pro | 50 | registrable domains |
| Business | 100 | registrable domains |
| Unlimited | ∞ | unlimited practical limit |
Common questions
Does install switch my live traffic immediately?
No. Install stages the extension and binary. Traffic switches only after a valid license is saved and takeover config validation succeeds.
Can I roll back to normal Plesk?
Yes. Use the extension disable flow or run the uninstall command. Restore brings public :80 and :443 back to Plesk nginx and Apache.
Does it support .htaccess?
Yes — rewrites, redirects, auth, headers, request headers, environment directives, access rules, Files/FilesMatch, expires, PHP values, method limits, charset, SSLRequireSSL and brute-force directives. Full list →
Does the WordPress LiteSpeed Cache plugin work?
Yes. nginx-cyberpanel implements the LiteSpeed Cache plugin header protocol for public cache control, tags, vary and purges.
What operating systems are supported?
Ubuntu 22/24, Debian 12, RHEL/AlmaLinux/Rocky 8 and RHEL/AlmaLinux/Rocky 9 on x86_64 Plesk nodes.
Do all plans have the same features?
In v1.0.0, yes. The binary enforces license validity and domain limits. Feature flags are informational for UI/support.
What should I check if cache is not hitting?
Verify the WordPress LSCache plugin emits X-LiteSpeed-Cache-Control, make sure the request is not logged in, check for Set-Cookie, and confirm the cache root is writable.
Get started
# install (run as root on a Plesk node) bash <(curl -sSL https://cyberpanel.net/nginx-plesk-install.sh) # then in Plesk: Extensions > CyberPanel nginx > License # uninstall / restore Plesk defaults bash <(curl -sSL https://cyberpanel.net/nginx-plesk-install.sh) --uninstall