Molixa Forge
Get started

Every feature, one panel

Every Feature You Need to Manage a VPS

Molixa Forge is a full VPS control panel for developers. Connect a plain Ubuntu box, push your repo, and you get deploys, SSL, backups, monitoring, a firewall, and an AI teammate out of the box. Keep reading for every feature in plain English, with no fluff.

One-click Git deployment

Push to main. We ship the rest.

Connect a repo from GitHub, GitLab, or Bitbucket. Pick a branch. We pull, build, swap, and reload. Rollback is a single click back to any release still on disk.

  • GitHub, GitLab, and Bitbucket via OAuth or deploy keys
  • Auto deploy on push to the branch you pick
  • Zero downtime symlink swap with atomic releases
  • Pre and post deploy hooks for migrations and cache warm
  • One-click rollback to the previous five releases
  • Per-site environment variables, never written to the repo

WordPress, Laravel, Node.js

One-click stacks that actually work.

Pick a stack, name your site, done. We configure Nginx, PHP-FPM or Node, the database, the cache, and the SSL cert for you. Sites go live in under two minutes.

WordPress in 90 seconds

WP core, wp-cli, Redis object cache, and a salted wp-config live before you finish your coffee. Admin user is created for you with a strong random password.

Laravel with Octane ready

PHP 8.3, Composer, queue workers via Supervisor, scheduler cron, and Octane with FrankenPHP or Swoole as one toggle. Horizon and Pulse ship with the template.

Node.js with PM2

Node 20 or 22, PM2 with clustering, a reverse proxy in Nginx, and auto restart on file change. Works for Next.js, Nuxt, SvelteKit, Remix, Hono, Express, and bare Node.

AI DevOps assistant

Your AI teammate lives on your server.

This is the feature that makes Molixa different. Ask a question in plain English. The AI reads your logs, writes the commands, shows you the plan, waits for your approval, then runs it inside a full audit trail. Every action is reversible.

Read the full AI assistant breakdown to see exactly how the approval gate and rollback work.

  • Free tier runs on Groq Llama 3.1 70B, sub-second replies
  • Pro tier uses Claude Opus 4.7 and GPT-4 Turbo
  • Enterprise tier runs self-hosted Ollama inside your VPC
  • Command preview before anything hits the shell
  • Secrets redacted from every outgoing prompt
  • One-click undo for any config or package the AI touched

SSL certificate automation

Free SSL on every site.

Let's Encrypt is wired in. Add a domain, we issue the cert, renew it 30 days before expiry, and reload Nginx with zero downtime. No cron jobs to write and no certbot flags to remember.

  • Let's Encrypt issue and renew on autopilot
  • Wildcard certs via DNS-01 with Cloudflare and Route 53
  • HTTP to HTTPS redirect enabled by default
  • TLS 1.3 only with A+ Qualys score out of the box
  • Custom paid certs upload in a text box if you prefer
  • HSTS toggle with preload-ready headers

Domain management

Point a domain. We verify it.

Add a domain or a subdomain and Molixa checks your DNS in real time. You see the exact A or CNAME record we expect, a live propagation status, and a green checkmark the moment the record goes live worldwide.

  • Live DNS verification from multiple resolvers
  • Clear copy of the A or CNAME record to add
  • Root and www handled as one unit
  • Wildcard subdomains for staging and preview URLs
  • Cloudflare proxy detection so you do not chase ghosts
  • Clean removal with a confirmation step, no orphan configs

Database management

Four engines, one dashboard.

Create databases, manage users, tune config, and run backups without memorizing a single CLI flag. Every engine keeps its native client, so your app config stays portable.

MySQL 8

Default stack. Tuned my.cnf, slow query log on, buffer pool sized to your RAM, and a read-only user preset for reports.

PostgreSQL 16

One-click install with pg_stat_statements, pgvector, and a sane pg_hba. Point-in-time recovery with wal-g on Pro.

MariaDB 11

Drop-in swap for MySQL with better defaults. Useful if your host recommends MariaDB for WordPress performance.

Redis 7

Cache, queue, and session store in one. AOF persistence, ACL users, and a memory cap that refuses to eat your app.

Server monitoring and alerts

See it before users do.

Our agent samples CPU, memory, disk, load, and service health every 30 seconds. Historical charts go back 90 days on Pro and a year on Enterprise. Alerts fire to email, Slack, Discord, or a webhook.

  • CPU, RAM, disk IO, network, load, and swap tracked live
  • Service uptime for Nginx, PHP-FPM, MySQL, Redis, and Node
  • HTTP health checks on every site with latency graphs
  • Alert thresholds you set per server or per site
  • Slack, Discord, email, SMS, and custom webhook delivery
  • Incident timeline with exact commands run during outages

Firewall and security

UFW and fail2ban, pre-configured.

Every server ships with UFW locked down to the ports your stack needs and fail2ban watching SSH, Nginx, and WordPress login attempts. Add or remove rules from a simple form and we reload the firewall for you.

  • UFW with a deny-all default, only 22, 80, and 443 open
  • fail2ban jails for sshd, nginx-http-auth, and wp-login
  • One-click ban and unban of any offending IP
  • IP allowlists for SSH so only your office range connects
  • Country block with GeoIP for panels and admin routes
  • Weekly security report with CVEs for every installed package

Automated backups

Backups you will actually restore from.

Pick what to back up, pick where to send it, pick how often. We test restores on a schedule so a broken backup does not surprise you at 3 AM.

Full server snapshots

Full block-level snapshots via your provider API, or filesystem snapshots via btrfs or ZFS where supported. Daily, weekly, or hourly.

Database dumps

mysqldump or pg_dump with a compressed stream straight to your bucket. Point-in-time recovery on Pro with binary logs or WAL archives.

File-level backups

Restic under the hood, encrypted at rest, deduplicated across snapshots. Ship them to S3, Backblaze B2, Wasabi, Cloudflare R2, or any S3-compatible store.

Team collaboration

Bring your team without handing out root.

Four role levels give every teammate the exact access they need. Every action is logged with a user and a timestamp, so you can see who restarted PHP-FPM last Tuesday and why.

  • Owner, Admin, Developer, and Viewer roles out of the box
  • Per-server and per-site access control lists
  • Full audit log with user, IP, action, and result
  • SSH key rotation on invite and on offboarding
  • SAML SSO and SCIM provisioning on Enterprise
  • Two-factor auth via TOTP or WebAuthn for every member

Multi-server management

One panel, many servers.

Run five boxes or five hundred from the same dashboard. Group by project, by client, or by environment. Bulk actions let you apply an OS patch or a firewall change to every server in a group with one click.

  • Unlimited servers on Pro and Agency plans
  • Server groups for projects, clients, or environments
  • Bulk patching, reboots, and package upgrades
  • Global search across every server and every site
  • Per-server tags and notes for inventory tracking
  • Cross-server deploys when a release spans multiple boxes

File manager with AI code assist

Edit server files the way you edit in VS Code.

Monaco editor, the same one that powers VS Code, runs inside your browser. Syntax highlighting for 100+ languages, diff view on every save, and the AI assistant one keystroke away to explain a config or write a regex.

  • Monaco editor with full syntax highlighting
  • Side-by-side diff before you save over a server file
  • File upload, drag-and-drop, and folder create
  • AI-assisted fix and explain on any highlighted block
  • Fine-grained permission controls on every edit
  • Auto backup of the prior file version on every save

Interactive terminal

A real shell in your browser.

Real interactive SSH over a secure WebSocket. Your keystrokes go straight to the server with no polling lag. vim, htop, and tmux all work the way they should.

  • Full TTY over a TLS-encrypted WebSocket
  • Copy paste that works on every OS and every browser
  • Per-session audit log with a downloadable replay
  • Split panes and named tabs inside the panel
  • Session recording on Enterprise for compliance audits
  • Built-in session timeout to kill idle connections

Stack marketplace

Popular stacks in one click.

Preset templates for the stacks most people want on day one. Every template is open in a Git repo so you can see exactly what runs on your box before you install it.

WordPress

Nginx, PHP-FPM, MySQL, Redis object cache, wp-cli, and brute force protection baked in.

Laravel

PHP 8.3, Composer, Horizon, queue workers, scheduler, and Octane ready to flip on.

Node.js

PM2 with clustering, reverse proxy, and health checks. Works with any Node framework or bare app.

Ghost

Node-based blog with MySQL, mail, and a systemd service. TLS and backups wired in from minute one.

Strapi

Headless CMS on Node, PostgreSQL by default, admin panel on a subdomain with SSO support.

Compare plans

See every plan side by side on the Molixa Forge pricing page.

Coming from Forge?

Read our Laravel Forge alternative breakdown.

Go deeper

Tutorials and guides live on the Molixa blog.

FAQ

Questions we get about VPS control panel features.

What is a VPS control panel?

A VPS control panel is software that sits on top of a Linux server and gives you a web dashboard for common tasks. Instead of writing shell commands by hand, you click through deploys, SSL certs, databases, backups, and firewall rules. Molixa Forge is a modern VPS control panel built for developers who still want SSH access when they need it.

Does Molixa Forge work with any VPS provider?

Yes. Molixa connects to any Ubuntu 22.04 or 24.04 server over SSH, so it works with Hetzner, DigitalOcean, Linode, Vultr, AWS Lightsail, OVH, Contabo, and any other provider. You paste in the IP and an SSH key, we provision the stack, and your server is ready in about four minutes.

How does the AI DevOps assistant work?

You type a plain English request like "why is Nginx returning 502s." The AI reads logs, writes the exact shell commands, shows you the plan, waits for your approval, then runs it with a full audit trail. Free tier runs on Groq, Pro uses Claude and GPT-4, Enterprise lets you point at a self-hosted Ollama model.

Is the free plan real or a trial?

It is a real free plan with no credit card and no expiry. You get one server, unlimited sites on it, Git deploys, SSL, basic backups, and the AI assistant on Groq. We only charge when you add a second server, turn on full-server backups to remote storage, or invite team members.

Do you support Apache or OpenLiteSpeed?

Molixa Forge ships with Nginx and PHP-FPM as the default stack because it is the fastest setup for most PHP workloads. OpenLiteSpeed is on the roadmap for Q3. Apache is not planned, but you can still use the file manager, backups, monitoring, and AI on an Apache server if you install it manually.

Can I still use SSH after I connect a server?

Yes. Molixa never locks you out. Every config file we write lives in its normal Linux path, every service uses standard systemd, and nothing is hidden behind a proprietary wrapper. You can SSH in at any time, edit things by hand, and Molixa will pick up the changes on its next sync.

How do deploys actually work?

You connect a GitHub, GitLab, or Bitbucket repo to a site. On every push to your chosen branch, we pull the code, run your build command, swap the symlink to the new release, and reload PHP-FPM or the Node process. Rollback is one click back to any previous release we still have on disk.

What happens if a server goes down?

You get an alert on email, Slack, or Discord within sixty seconds. The monitoring agent runs every 30 seconds and tracks CPU, memory, disk, load, and each service you told it to watch. If you also set up automated backups to S3 or Backblaze, you can spin up a new server and restore the last snapshot in about fifteen minutes.

Is my data encrypted?

Yes. SSH keys and secrets are encrypted with AES-256 before they hit the database, API traffic is TLS 1.3 only, and backups are encrypted at rest on whichever destination you pick. We are SOC 2 Type II in progress and sign a GDPR Data Processing Addendum with any customer who asks.

Can I bring my team in?

Yes. On Pro and above you can invite teammates with four role levels: Owner, Admin, Developer, and Viewer. Every action they take is logged with a user and a timestamp, so you can see who restarted PHP or edited an Nginx config. SSO via SAML and SCIM user provisioning are available on the Enterprise plan.

Start managing servers the easy way

Start freeSee pricing
VPS Control Panel Features | Molixa Forge · Molixa Forge