aaPanel 8.0.4 is a stable aaPanel release published on July 2, 2026. It is separate from the 8.16.0 beta branch and is the better starting point for most production control-panel admins who need a current stable update path.
The release adds site deployment helpers, backup workflow changes, WAF visibility, scan detection, AI troubleshooting features, WordPress management features, and fixes a Panel SSL access problem. aaPanel also notes that this version updates the panel operating environment to Python 3.12, so admins should plan the upgrade like a control-panel maintenance window instead of a casual click-through update.
What Changed In aaPanel 8.0.4
- New AI Design Website workflow with preview, editing, and deployment.
- New guide page for deploying WordPress, PHP sites, proxy projects, and Node.js projects.
- Home dashboard announcement notifications.
- Create-from-backup option for PHP project site creation.
- New Node.js project backup features for restore, download, and delete.
- Two-way binding between proxy projects and the Supervisor plugin.
- New scan detection to identify malicious scanning IPs and block abnormal traffic.
- New WAF Protection Screen with real-time QPS and attack information.
- AI website troubleshooting for inaccessible sites and HTTP errors.
- New WordPress AI workflow for deployment, theme and plugin management, WP-CLI, and troubleshooting.
- AI ChatOps support through Discord and Telegram bot interaction.
- File Manager upload/download support for FTP Storage, AWS S3, Google Drive, and Google Cloud Storage.
- BillionMail as the default service for newly installed Mail Server, with Debian 13 and Ubuntu 26 compatibility noted by aaPanel.
- New alternate connection nodes to improve feature stability.
- Server time zone modification in Settings.
- Lao and Arabic language support.
Fixes And Optimizations To Check
- Refactored backup and restore interfaces for PHP Project and WP Toolkit.
- Improved redirect interface for PHP Project and WP Toolkit, including 404 routing configuration.
- IPv6 handling for proxy projects when IPv6 is disabled.
- Attack Map removed from WAF and replaced by Protection Screen.
- Optimized Security – SSH interface.
- SSH key download error fixed.
- Message Box error on newly installed aaPanel fixed.
- Custom theme color reset issue fixed.
- Panel SSL disablement access issue fixed.
Before You Upgrade
- Back up the server, panel data, websites, databases, DNS zones, mail data, and SSL material.
- Take a VM snapshot when the server runs in Proxmox, VMware, Hyper-V, XCP-ng, VirtualBox, or another virtual platform.
- Confirm you have out-of-band access through console, SSH, provider rescue mode, or a recovery user.
- Record the current aaPanel version, OS version, Python-related panel notes, web server stack, PHP versions, database versions, mail stack, and WAF settings.
- Check disk space before upgrading. Control-panel upgrades can fail badly when the root filesystem is tight.
- Schedule a maintenance window for production sites, especially if mail, WordPress management, WAF, or backup jobs are business-critical.
Python 3.12 Upgrade Notes
aaPanel says this version updates the panel operating environment to Python 3.12 and points admins to its Python 3.12 Q&A post before updating. Treat that as a compatibility warning. After the upgrade, check panel login, scheduled jobs, backup tasks, plugin screens, website management, mail features, and any custom scripts that interact with aaPanel.
Upgrade Checklist
- Confirm backups and snapshots are complete.
- Read the aaPanel 8.0.4 release note and Python 3.12 Q&A.
- Run the upgrade first on a staging server or low-risk node if possible.
- Upgrade during the planned maintenance window.
- After the upgrade, press Ctrl+F5 in the browser as aaPanel recommends.
- Re-check panel login, dashboard widgets, WAF screens, website lists, SSL screens, backup screens, mail screens, and plugin pages.
- Run a test backup and restore check for at least one low-risk site or project.
- Review WAF Protection Screen output and scan detection events before changing blocking policy.
- Test WordPress management, WP-CLI, plugin/theme management, and any deployment assistant features on non-critical sites first.
- Document any client-facing changes, downtime, or follow-up work.
Post-Upgrade Verification
- Panel login returns normally over HTTPS.
- Websites return expected 200 responses.
- PHP and Node.js projects still start correctly.
- Proxy projects and Supervisor bindings still match expected services.
- WAF Protection Screen loads and does not create unexpected false positives.
- Backups can be created, listed, downloaded, and restored in a controlled test.
- Mail services still send and receive where applicable.
- SSH and key download workflows work for admins who rely on them.
- Logs do not show repeated panel, web server, database, mail, or backup failures after the update.
Rollback Plan
If the panel becomes unstable after the update, avoid making more changes from a partially broken dashboard. Use your VM snapshot, provider backup, or full server backup plan. If only a website or plugin feature is affected, preserve logs, record the OS and aaPanel version, and roll back the smallest affected layer first.
aaPanel 8.0.4 vs 8.16.0 Beta
aaPanel 8.0.4 is the stable release path. aaPanel 8.16.0 is a beta release from the same date and should be treated as lab or low-risk testing unless you specifically need beta behavior. Production admins should normally evaluate 8.0.4 first.
Fix I.T. Phill Recommendation
For production hosting servers, treat aaPanel 8.0.4 as a real maintenance event. The Python 3.12 operating-environment change, backup interface changes, WAF screen replacement, Panel SSL fix, mail defaults, and WordPress management additions are useful, but they touch enough control-panel surface area that backups and verification matter.
