HestiaCP is a free and open-source web server control panel and is a fork of the popular Vesta Control Panel. It provides a simple and clean web interface, and it offers the possibility for administrators to easily manage core features of their web server, including managing and deploying websites, mail accounts, DNS zones and databases.
HestiaCP also offers a command line interface that you can read more on in the HestiaCP docs
A nice feature of HestiaCP is that it offers Quick Install Apps, which means it offers a quick way of installing popular web apps. At the time of writing it includes WordPress, Drupal, Joomla, Opencart, Prestashop, Laravel, and Symfony.
Given that HestiaCP is relatively recent, it doesn’t have a documentation of all the features it offers. On the other hand, thanks to the fact that it’s a fork of Vesta, some solutions/answers coincide with that of Vesta.
It is actively developed and has an active community, so if you do encounter any issues, you can be sure that there are users you can ask for help.
You can read more on HestiaCP in the following sources:
- https://forum.hestiacp.com/ – the HestiaCP community is helpful and very active (at the time of writing, Mar 2021)
- HestiaCP’s Discord Server: https://discord.gg/SmVuXXK8Qs
In this tutorial we’ll install HestiaCP on a server running Ubuntu 20.04, and then we’ll add a domain to it and set up a WordPress site for that domain.
I’ll be using the following domains:
hestiacp.mrtest.sitewill be the address for my instance of HestiaCP
anothertestsite.mlwill be the new domain that I add in HestiaCP, which will become a WordPress website
Table of Contents
- A server running one of the following operating systems: Debian 9/10 or Ubuntu 16.04/18/04/20.04
- It’s recommended that you use a fresh OS install to prevent any potential issues
non-root sudo useror access to the
root user. We recommend acting as a
non-root sudo user, however, as you can harm your system if you’re not careful when acting as root.
Step 1 – Install HestiaCP on Ubuntu 20.04
In this section we’ll go through a few short steps of installing HestiaCP. The entire process can take up to about 15 minutes. You won’t have to do much, as most of the work is done by the HestiaCP installation script.
At the end of the installation you’ll be provided with the Admin URL and credentials to log into the control panel and you’ll be asked to reboot to finish the install.
Here is a quick demo of the install process. It’s sped up, and it took me 5 minutes on a Vultr SSD Cloud Instance with 2GB RAM.
Here is a quick sped up demo of the installation process:
Start by updating the system’s package index and upgrade it:
sudo apt-get update && apt-get upgrade
Add the repository key for HestiaCP to be able to download the required packages during the run of the installation script.
sudo wget -qO - https://gpg.hestiacp.com/deb_signing.key | sudo apt-key add -
Install the latest version of the
sudo apt-get install ca-certificates
Download the HestiaCP installation script:
sudo wget https://raw.githubusercontent.com/hestiacp/hestiacp/release/install/hst-install.sh
Now you can run the HestiaCP installation script.
You can run it without setting custom options, and it will be installed with the default installation options. You’ll be asked for your email and the domain name you want for your HestiaCP panel soon after. At the end you’ll be shown your panel URL and admin credentials, with password generated by the script.
sudo bash hst-install.sh
Alternatively, you can customize the installation options for the script.
You can check all the available options for the install script in the HestiaCP docs: https://docs.hestiacp.com/getting_started.html, but we’ll also list them here for your convenience:
-a, --apache Install Apache [yes|no] default: yes -n, --nginx Install Nginx [yes|no] default: yes -w, --phpfpm Install PHP-FPM [yes|no] default: yes -o, --multiphp Install Multi-PHP [yes|no] default: no -v, --vsftpd Install Vsftpd [yes|no] default: yes -j, --proftpd Install ProFTPD [yes|no] default: no -k, --named Install Bind [yes|no] default: yes -m, --mysql Install MariaDB [yes|no] default: yes -g, --postgresql Install PostgreSQL [yes|no] default: no -x, --exim Install Exim [yes|no] default: yes -z, --dovecot Install Dovecot [yes|no] default: yes -c, --clamav Install ClamAV [yes|no] default: yes -t, --spamassassin Install SpamAssassin [yes|no] default: yes -i, --iptables Install Iptables [yes|no] default: yes -b, --fail2ban Install Fail2ban [yes|no] default: yes -q, --quota Filesystem Quota [yes|no] default: no -d, --api Activate API [yes|no] default: yes -r, --port Change Backend Port default: 8083 -l, --lang Default language default: en -y, --interactive Interactive install [yes|no] default: yes -s, --hostname Set hostname -e, --email Set admin email -p, --password Set admin password -f, --force Force installation -h, --help Print this help
As you can see in the last column, there are just a few options that default to
Example usage of running the script with custom options:
sudo bash hst-install.sh --hostname your_hostname --port custom_port --email [email protected] --password your_password
Upon running the install script without custom options, you’ll be presented with a screen similar to this, where you’ll be also prompted to confirm installation, for your email and the hostname you want for your panel:
www.hestiacp.com ======================================================================== Thank you for downloading Hestia Control Panel! In a few moments, we will begin installing the following components on your server: - NGINX Web / Proxy Server - Apache Web Server (as backend) - PHP-FPM Application Server - Bind DNS Server - Exim Mail Server + ClamAV + SpamAssassin - Dovecot POP3/IMAP Server - MariaDB Database Server - Vsftpd FTP Server - Firewall (Iptables) + Fail2Ban Access Monitor ======================================================================== Would you like to continue with the installation? [Y/N]: Y Please enter admin email address: [email protected] Please enter FQDN hostname [mrtest.wd5vn10vgudetfy1uekpzonwvd.bx.internal.cloudapp.net]: hestiacp.mrtest.site
After it’s finished installing you’ll be provided with the Admin URL, Username and Password in the output.
Congratulations! You have successfully installed Hestia Control Panel on your server. Ready to get started? Log in using the following credentials: Admin URL: https://184.108.40.206:8083 Username: admin Password: ato8f6M4mqYmdgtn Thank you for choosing Hestia Control Panel to power your full stack web server, we hope that you enjoy using it as much as we do! Please feel free to contact us at any time if you have any questions, or if you encounter any bugs or problems: E-mail: [email protected] Web: https://www.hestiacp.com/ Forum: https://forum.hestiacp.com/ Discord: https://discord.gg/nXRUZch GitHub: https://www.github.com/hestiacp/hestiacp Note: Automatic updates are enabled by default. If you would like to disable them, please log in and navigate to Server > Updates to turn them off. Help support the Hestia Contol Panel project by donating via PayPal: https://www.hestiacp.com/donate -- Sincerely yours, The Hestia Control Panel development team Made with love & pride by the open-source community around the world. [ ! ] IMPORTANT: You must logout or restart the server before continuing. Do you want to reboot now? [Y/N] Y
You’ll be prompted to select if you want to reboot the server for the installation to finish.
After you’ve rebooted you should be ready to visit your HestiaCP panel URL. In the output above it shows the Admin URL as being https://220.127.116.11:8083, however I had pointed a subdomain https://hestiacp.mrtest.site and set it as the control panel’s hostname, so https://hestiacp.mrtest.site:8083 is also my Admin URL.
Set up Let’s Encrypt SSL Certificate for the Panel
When you first access the panel URL that you’ve set, you’ll encounter a “Your connection is not private” error page. This is because SSL isn’t set up.
We can fix this easily with HestiaCP’s built in command to automatically set up Let’s Encrypt for it. To do this run:
It should take about a minute, and after the command is finished running you can refresh the page and you’ll be redirected to the /login page at https://your_panel_domain:8083/login/
Accessing HestiaCP Interface
To log into the control panel use the credentials provided at the end of the output after installing HestiaCP (or the credentials that you set, in case you set them via the options when running the install script).
This is a screenshot of how HestiaCP looks like at the time of writing this article:
If you’ve made it this far then you most likely have successfully installed HestiaCP. Well done!
Step 2 – Creating a New User
You can create additional user accounts, so in case you have any other users, they can manage their websites themselves.
Additionally, even though you can add domains when logged in as the admin, it’s recommended that you create a user account for yourself as well. This is because when you’re logged in as admin you have elevated privileges, so you could harm another user’s websites if you’re not careful, for example.
HestiaCP also warns you of this if you try to add a new domain while logged in as admin:
You still have the possibility of adding domains as admin, however. So unless you have a good reason to do this, it’s generally not recommended.
Adding a user is straightforward. While you’re logged in as admin, in the top sections in your dashboard you should have (Users, Web, DNS, Mail, DB, CRON, Backups)
In the Users section, just click the Add User button, and you’ll be taken to a page where you can enter the user’s details:
Step 3 – Adding a New Domain
To add a new domain click on the WEB section in the upper part of the dashboard.
If you have successfully used a domain for HestiaCP’s Admin URL, then you should see the domain already added to the list.
To add a new domain click on Add Web Domain.You’ll then have to fill a short form for adding your new domain:
- Domain: the domain you want to add
- IP Address: you can also assign custom IP addresses, if your server has more than one.
- Create DNS zone: If you want HestiaCP to manage the DNS zone
- Enable mail for this domain: if you want to send emails using the added domain
If you click Advanced Options you have a few more things you can configure.
- Aliases: By default you have it set as www.yourwebsite.com, which points to your domain
- Proxy Support: HestiaCP uses Nginx to serve static files by default. This is what this option is.
- Web Statistics: This is for all sorts of web related stats. By default
noneis selected, but HestiaCP also comes with AWStats which can be quite useful for various stats for the web, or server related. You can check the AWStats official website for more info, to decide if you need it.
- Statistics Authorization: Protect your stats from being looked at by other people. You’ll have to fill in a desired user/password for this.
- Custom document root: Change the document root of your website. By default it’s
- Enable SSL for this domain: By default this isn’t checked. Here you can use Let’s Encrypt for an SSL certificate. This should be automatically obtained within 5 minutes. Alternatively you can provide your own SSL certificate.
- Enable automatic HTTPS redirection: set it to automatically redirect from HTTP to HTTPS
- Additional FTP Accounts: Possibility to create additional FTP accounts.
When you’re done with the desired configuration for your domain, click on the SAVE button in the upper right.
If everything went well you’ll see a green success message:
Now that you’ve successfully added your domain, you can do a few things with it.
If you go back to the WEB section you’ll see your newly added domain in the list of the domains, and also a few buttons next to it:
I’ve marked them with numbers 1 to 6:
- Statistics: These are the Web Statistics that I enabled when adding the domains. When you click it you’re taken to https://your_domain.com/vstats and if you enabled Statistics Authorization you’ll be prompted to enter the username and password you set when enabling it.
- Link to your website’s homepage: This is just a link to your website. I haven’t done anything on my example domain. Here is the default page:
- Edit Web Domain: You can edit the domain. If you click it, you’ll be taken to the domain’s settings page, where you’ll see the same settings that from the page where you created the domain, but a few extra ones as well:- Web Template: These are predefined configurations for the Apache Web Server. You can add your own, however by default there is only one called
default, which is a typical Apache configuration. This should work for most users.- Backend Template: Predefined templates on how the site is served. At the time of writing the available templates are PHP-FPM, no-php, socket and php-7_4. However you can add your own, if needed.
– Enable HTTP Strict Transport Security (HSTS) (This is under Enable SSL for this domain): HSTS is disabled by default (probably because sometimes HSTS can cause issues for some people). You can read more about HSTS on Mozilla.org
– Quick App Install: This enables you to quick install some popular software. The ones included are WordPress, Drupal, Joomla, Opencart, Prestashop, Laravel, and Symfony. You can also add your own, but I’m not sure if the procedure is documented. I believe you’ll have to check HestiaCP on Github, the HestiaCP community forum, or the HestiaCP documentation and determine how to create your own by yourself.
Here is how the Quick Install App section looks like:
- Access Log: This is the web server’s access log that you can view in your browser.
Step 4 – Creating a WordPress Website
I’m more familiar with WordPress, than the other platforms offered, so I’ll set up a WordPress website using the Quick Install App function.
- In the Quick Install App page click Setup under WordPress.
- Next you’ll have to fill in some details regarding your new WordPress site. You also have the option of connecting to an existing database by filling in its details. In my case, I checked Database Create, so HestiaCP creates a new database, and left the database fields blank, which means they’ll be auto generated.Important Note: Make sure to remember your password. You’ll be sent an email upon successful install, but it won’t mention the password.
- Click the Install button in the top right corner.
- In a few seconds you should get a green success message WordPress App was installed successfully!
- And you should also receive an email confirming the successful install:
- And I can confirm that the WordPress site has been successfully set up by visiting the site:
Well done. Hopefully this helped you set up HestiaCP on a Ubuntu 20.04 server, or any other compatible OS, and to set up a website on it.
HestiaCP is under active development. Even if it’s relatively new, it’s a fork of VestaCP. In some areas it isn’t documented, so it may be difficult to figure out some things at times. A few things you can do to find solutions are:
- Check the HestiaCP Github
- Search through the HestiaCP Docs
- Search for answers or ask on the HestiaCP Community
- Search through the VestaCP Forums for solutions or answers that might apply to HestiaCP
If you encountered any issues feel free to leave a comment or contact us and we’ll get back to you as soon as we can.