A safe, production-ready server maintenance script designed specifically for
CloudPanel-supported Linux distributions (Debian / Ubuntu family).
This script automates system updates, optional security hardening, and controlled PHP-FPM management with strong safety guardrails to prevent accidental server outages.
- ✅ CloudPanel-safe by design
- ✅ Prevents disabling all PHP versions
- ✅ Supports re-enabling disabled PHP-FPM services
- ✅ Interactive & guarded destructive actions
- ✅ Full logging & rollback awareness
- ✅ Production friendly – no risky defaults
- Features
- Supported Systems
- Installation
- How to Use
- Advanced Configuration
- Safety & Guardrails
- Logs & State Files
- Troubleshooting
- License
- Support
apt updateapt upgradeapt dist-upgradeapt autoremoveapt autoclean
Ensures the system is fully up-to-date and clean.
- Automatic security updates (
unattended-upgrades) - Firewall protection with UFW
- Brute-force attack protection using fail2ban
All security steps are optional and require confirmation.
- Automatically detects installed
php*-fpmservices - Disable selected PHP versions only
- ❌ Impossible to disable all PHP-FPM versions
- Stores disabled services in a persistent state file
- Allows safe re-enable of disabled PHP versions
- Blocked in non-interactive mode for safety
📁 State tracking file:
/var/lib/recipe-codes/disabled-php-fpm-services.txt
- All actions logged with timestamps
- Errors are trapped with line numbers
- Log file:
/var/log/recipe-codes-server-maintenance.log
This script supports CloudPanel-compatible Linux distributions:
- Ubuntu 20.04 / 22.04 / 24.04
- Debian 10 / 11 / 12
- Any APT-based CloudPanel installation
❌ RPM-based systems are intentionally blocked for safety.
wget https://raw.githubusercontent.com/mariomsamy/cloudpanel_maintinance_ubuntu/main/server_maintenance.shchmod +x server_maintenance.shRun the script as root:
sudo ./server_maintenance.shOr:
sudo su
./server_maintenance.shYou will be guided step-by-step.
You will be prompted:
Apply security improvements? (y/n)
If Yes, the script will:
- Enable automatic updates
- Configure UFW safely (SSH allowed)
- Install and enable fail2ban
You will be prompted:
Do you want to manage PHP-FPM services? (y/n)
- Disable selected PHP versions
- Re-enable previously disabled versions
- View detected PHP-FPM services
⚠ Critical Protection
- Script refuses to disable all PHP-FPM services
- Requires multi-step confirmation
At the end:
Maintenance completed. Reboot the server now? (y/n)
y→ rebootn→ exit safely
You can control behavior using environment variables:
| Variable | Purpose |
|---|---|
NONINTERACTIVE=1 |
Reduce prompts (PHP management disabled) |
ASSUME_YES=1 |
Auto-confirm prompts (⚠ dangerous) |
APPLY_SECURITY=0 |
Skip security hardening |
MANAGE_PHP=0 |
Skip PHP-FPM management |
Example:
APPLY_SECURITY=0 MANAGE_PHP=0 sudo ./server_maintenance.shThis script includes strong safeguards:
- ❌ No “Disable All PHP” option
- ❌ PHP actions blocked in non-interactive mode
- ❌ Cannot lock yourself out via firewall
- ✅ CloudPanel compatibility preserved
- ✅ Rollback path via recorded state
⚠ Disabling PHP incorrectly can break:
- CloudPanel UI
- Websites
- PHP applications
This script is intentionally conservative.
/var/log/recipe-codes-server-maintenance.log
/var/lib/recipe-codes/disabled-php-fpm-services.txt
- Ensure you are running as
root - Check log file for error details
- CloudPanel may not use PHP-FPM yet
- Script will safely skip
- UFW enable requires confirmation
- SSH rule is always added before enabling
© 2023–2026 Recipe Codes All rights reserved.
- GitHub Repository: https://github.com/mariomsamy/cloudpanel_maintinance_ubuntu
- Issues & Requests: https://github.com/mariomsamy/cloudpanel_maintinance_ubuntu/issues
- Maintainer: Mario M. Samy
- Company: Recipe Codes