How to Install HestiaCP and Create a New Website on Ubuntu 20.04

HestiaCP is a free and open-source web server control panel and is a fork of the popular Vesta Control Panel. It provides a simple and clean web interface, and it offers the possibility for administrators to easily manage core features of their web server, including managing and deploying websites, mail accounts, DNS zones and databases.

HestiaCP also offers a command line interface that you can read more on in the HestiaCP docs

A nice feature of HestiaCP is that it offers Quick Install Apps, which means it offers a quick way of installing popular web apps. At the time of writing it includes WordPress, Drupal, Joomla, Opencart, Prestashop, Laravel, and Symfony.

Given that HestiaCP is relatively recent, it doesn’t have a documentation of all the features it offers. On the other hand, thanks to the fact that it’s a fork of Vesta, some solutions/answers coincide with that of Vesta.

It is actively developed and has an active community, so if you do encounter any issues, you can be sure that there are users you can ask for help.

You can read more on HestiaCP in the following sources:

• https://hestiacp.com/
• https://docs.hestiacp.com/
• https://forum.hestiacp.com/ – the HestiaCP community is helpful and very active (at the time of writing, Mar 2021)
• https://github.com/hestiacp/hestiacp
• HestiaCP’s Discord Server: https://discord.gg/SmVuXXK8Qs

Objectives

In this tutorial we’ll install HestiaCP on a server running Ubuntu 20.04, and then we’ll add a domain to it and set up a WordPress site for that domain.

I’ll be using the following domains:

• hestiacp.mrtest.site will be the address for my instance of HestiaCP
• anothertestsite.ml will be the new domain that I add in HestiaCP, which will become a WordPress website

Prerequisites

• A server running one of the following operating systems: Debian 9/10 or Ubuntu 16.04/18/04/20.04
• It’s recommended that you use a fresh OS install to prevent any potential issues
• A non-root sudo user or access to the root user. We recommend acting as a non-root sudo user, however, as you can harm your system if you’re not careful when acting as root.

Step 1 – Install HestiaCP on Ubuntu 20.04

In this section we’ll go through a few short steps of installing HestiaCP. The entire process can take up to about 15 minutes. You won’t have to do much, as most of the work is done by the HestiaCP installation script.

At the end of the installation you’ll be provided with the Admin URL and credentials to log into the control panel and you’ll be asked to reboot to finish the install.

Here is a quick demo of the install process. It’s sped up, and it took me 5 minutes on a Vultr SSD Cloud Instance with 2GB RAM.
Here is a quick sped up demo of the installation process:

Start by updating the system’s package index and upgrade it:

sudo apt-get update && apt-get upgrade

Add the repository key for HestiaCP to be able to download the required packages during the run of the installation script.

sudo wget -qO - https://gpg.hestiacp.com/deb_signing.key | sudo apt-key add -

Install the latest version of the ca-certificates package:

sudo apt-get install ca-certificates

Download the HestiaCP installation script:

sudo wget https://raw.githubusercontent.com/hestiacp/hestiacp/release/install/hst-install.sh

Now you can run the HestiaCP installation script.

You can run it without setting custom options, and it will be installed with the default installation options. You’ll be asked for your email and the domain name you want for your HestiaCP panel soon after. At the end you’ll be shown your panel URL and admin credentials, with password generated by the script.

sudo bash hst-install.sh

Alternatively, you can customize the installation options for the script.

You can check all the available options for the install script in the HestiaCP docs: https://docs.hestiacp.com/getting_started.html, but we’ll also list them here for your convenience:

-a, --apache          Install Apache        [yes|no]  default: yes
-n, --nginx           Install Nginx         [yes|no]  default: yes
-w, --phpfpm          Install PHP-FPM       [yes|no]  default: yes
-o, --multiphp        Install Multi-PHP     [yes|no]  default: no
-v, --vsftpd          Install Vsftpd        [yes|no]  default: yes
-j, --proftpd         Install ProFTPD       [yes|no]  default: no
-k, --named           Install Bind          [yes|no]  default: yes
-m, --mysql           Install MariaDB       [yes|no]  default: yes
-g, --postgresql      Install PostgreSQL    [yes|no]  default: no
-x, --exim            Install Exim          [yes|no]  default: yes
-z, --dovecot         Install Dovecot       [yes|no]  default: yes
-c, --clamav          Install ClamAV        [yes|no]  default: yes
-t, --spamassassin    Install SpamAssassin  [yes|no]  default: yes
-i, --iptables        Install Iptables      [yes|no]  default: yes
-b, --fail2ban        Install Fail2ban      [yes|no]  default: yes
-q, --quota           Filesystem Quota      [yes|no]  default: no
-d, --api             Activate API          [yes|no]  default: yes
-r, --port            Change Backend Port             default: 8083
-l, --lang            Default language                default: en
-y, --interactive     Interactive install   [yes|no]  default: yes
-s, --hostname        Set hostname
-e, --email           Set admin email
-p, --password        Set admin password
-f, --force           Force installation
-h, --help            Print this help

As you can see in the last column, there are just a few options that default to no.

Example usage of running the script with custom options:

sudo bash hst-install.sh --hostname your_hostname --port custom_port --email [email protected] --password your_password

Upon running the install script without custom options, you’ll be presented with a screen similar to this, where you’ll be also prompted to confirm installation, for your email and the hostname you want for your panel:

www.hestiacp.com

========================================================================

Thank you for downloading Hestia Control Panel! In a few moments,

we will begin installing the following components on your server:

- NGINX Web / Proxy Server
- Apache Web Server (as backend)
- PHP-FPM Application Server
- Bind DNS Server
- Exim Mail Server + ClamAV + SpamAssassin
- Dovecot POP3/IMAP Server
- MariaDB Database Server
- Vsftpd FTP Server
- Firewall (Iptables) + Fail2Ban Access Monitor

========================================================================

Would you like to continue with the installation? [Y/N]: Y

Please enter admin email address: [email protected]

Please enter FQDN hostname [mrtest.wd5vn10vgudetfy1uekpzonwvd.bx.internal.cloudapp.net]: hestiacp.mrtest.site

After it’s finished installing you’ll be provided with the Admin URL, Username and Password in the output.

Congratulations!

You have successfully installed Hestia Control Panel on your server.

Ready to get started? Log in using the following credentials:

Admin URL: https://20.55.104.39:8083
Username: admin
Password: ato8f6M4mqYmdgtn

Thank you for choosing Hestia Control Panel to power your full stack web server,
we hope that you enjoy using it as much as we do!

Please feel free to contact us at any time if you have any questions,
or if you encounter any bugs or problems:

E-mail: [email protected]
Web: https://www.hestiacp.com/
Forum: https://forum.hestiacp.com/
Discord: https://discord.gg/nXRUZch
GitHub: https://www.github.com/hestiacp/hestiacp

Note: Automatic updates are enabled by default. If you would like to disable them,
please log in and navigate to Server > Updates to turn them off.

Help support the Hestia Contol Panel project by donating via PayPal:
https://www.hestiacp.com/donate

--

Sincerely yours,
The Hestia Control Panel development team

Made with love & pride by the open-source community around the world.

[ ! ] IMPORTANT: You must logout or restart the server before continuing.

Do you want to reboot now? [Y/N] Y

You’ll be prompted to select if you want to reboot the server for the installation to finish.

After you’ve rebooted you should be ready to visit your HestiaCP panel URL. In the output above it shows the Admin URL as being https://20.55.104.39:8083, however I had pointed a subdomain https://hestiacp.mrtest.site and set it as the control panel’s hostname, so https://hestiacp.mrtest.site:8083 is also my Admin URL.

Set up Let’s Encrypt SSL Certificate for the Panel

When you first access the panel URL that you’ve set, you’ll encounter a “Your connection is not private” error page. This is because SSL isn’t set up.

We can fix this easily with HestiaCP’s built in command to automatically set up Let’s Encrypt for it. To do this run:

sudo v-add-letsencrypt-host

It should take about a minute, and after the command is finished running you can refresh the page and you’ll be redirected to the /login page at https://your_panel_domain:8083/login/

Accessing HestiaCP Interface

To log into the control panel use the credentials provided at the end of the output after installing HestiaCP (or the credentials that you set, in case you set them via the options when running the install script).

This is a screenshot of how HestiaCP looks like at the time of writing this article:

If you’ve made it this far then you most likely have successfully installed HestiaCP. Well done!

Step 2 – Creating a New User

You can create additional user accounts, so in case you have any other users, they can manage their websites themselves.

[powerkit_alert type=”info” dismissible=”false” multiline=”true”]Important Note

Additionally, even though you can add domains when logged in as the admin, it’s recommended that you create a user account for yourself as well. This is because when you’re logged in as admin you have elevated privileges, so you could harm another user’s websites if you’re not careful, for example.[/powerkit_alert]

HestiaCP also warns you of this if you try to add a new domain while logged in as admin:

You still have the possibility of adding domains as admin, however. So unless you have a good reason to do this, it’s generally not recommended.

Adding a user is straightforward. While you’re logged in as admin, in the top sections in your dashboard you should have (Users, Web, DNS, Mail, DB, CRON, Backups)

In the Users section, just click the Add User button, and you’ll be taken to a page where you can enter the user’s details:

Step 3 – Adding a New Domain

To add a new domain click on the WEB section in the upper part of the dashboard.

If you have successfully used a domain for HestiaCP’s Admin URL, then you should see the domain already added to the list.

To add a new domain click on Add Web Domain.You’ll then have to fill a short form for adding your new domain:

• Domain: the domain you want to add
• IP Address: you can also assign custom IP addresses, if your server has more than one.
• Create DNS zone: If you want HestiaCP to manage the DNS zone
• Enable mail for this domain: if you want to send emails using the added domain

If you click Advanced Options you have a few more things you can configure.

• Aliases: By default you have it set as www.yourwebsite.com, which points to your domain
• Proxy Support: HestiaCP uses Nginx to serve static files by default. This is what this option is.
• Web Statistics: This is for all sorts of web related stats. By default none is selected, but HestiaCP also comes with AWStats which can be quite useful for various stats for the web, or server related. You can check the AWStats official website for more info, to decide if you need it.
  • Statistics Authorization: Protect your stats from being looked at by other people. You’ll have to fill in a desired user/password for this.
• Custom document root: Change the document root of your website. By default it’s /home/your_user/web/your_website/public_html/
• Enable SSL for this domain: By default this isn’t checked. Here you can use Let’s Encrypt for an SSL certificate. This should be automatically obtained within 5 minutes. Alternatively you can provide your own SSL certificate.
  • Enable automatic HTTPS redirection: set it to automatically redirect from HTTP to HTTPS
• Additional FTP Accounts: Possibility to create additional FTP accounts.

When you’re done with the desired configuration for your domain, click on the SAVE button in the upper right.

If everything went well you’ll see a green success message:

Domain Configuration

Now that you’ve successfully added your domain, you can do a few things with it.

If you go back to the WEB section you’ll see your newly added domain in the list of the domains, and also a few buttons next to it:

I’ve marked them with numbers 1 to 6:

1. Statistics: These are the Web Statistics that I enabled when adding the domains. When you click it you’re taken to https://your_domain.com/vstats and if you enabled Statistics Authorization you’ll be prompted to enter the username and password you set when enabling it.
2. Link to your website’s homepage: This is just a link to your website. I haven’t done anything on my example domain. Here is the default page:
3. Edit Web Domain: You can edit the domain. If you click it, you’ll be taken to the domain’s settings page, where you’ll see the same settings that from the page where you created the domain, but a few extra ones as well:- Web Template: These are predefined configurations for the Apache Web Server. You can add your own, however by default there is only one called default, which is a typical Apache configuration. This should work for most users.- Backend Template: Predefined templates on how the site is served. At the time of writing the available templates are PHP-FPM, no-php, socket and php-7_4. However you can add your own, if needed.

   – Enable HTTP Strict Transport Security (HSTS) (This is under Enable SSL for this domain): HSTS is disabled by default (probably because sometimes HSTS can cause issues for some people). You can read more about HSTS on Mozilla.org

   – Quick App Install: This enables you to quick install some popular software. The ones included are WordPress, Drupal, Joomla, Opencart, Prestashop, Laravel, and Symfony. You can also add your own, but I’m not sure if the procedure is documented. I believe you’ll have to check HestiaCP on Github, the HestiaCP community forum, or the HestiaCP documentation and determine how to create your own by yourself.

   

   Here is how the Quick Install App section looks like:

   

4. Access Log: This is the web server’s access log that you can view in your browser.
5. Suspend
6. Delete

Step 4 – Creating a WordPress Website

I’m more familiar with WordPress, than the other platforms offered, so I’ll set up a WordPress website using the Quick Install App function.

1. In the Quick Install App page click Setup under WordPress.
2. Next you’ll have to fill in some details regarding your new WordPress site. You also have the option of connecting to an existing database by filling in its details. In my case, I checked Database Create, so HestiaCP creates a new database, and left the database fields blank, which means they’ll be auto generated.Important Note: Make sure to remember your password. You’ll be sent an email upon successful install, but it won’t mention the password.
3. Click the Install button in the top right corner.
4. In a few seconds you should get a green success message WordPress App was installed successfully!
5. And you should also receive an email confirming the successful install:
6. And I can confirm that the WordPress site has been successfully set up by visiting the site:

Conclusion

Well done. Hopefully this helped you set up HestiaCP on a Ubuntu 20.04 server, or any other compatible OS, and to set up a website on it.

HestiaCP is under active development. Even if it’s relatively new, it’s a fork of VestaCP. In some areas it isn’t documented, so it may be difficult to figure out some things at times. A few things you can do to find solutions are:

• Check the HestiaCP Github
• Search through the HestiaCP Docs
• Search for answers or ask on the HestiaCP Community
• Search through the VestaCP Forums for solutions or answers that might apply to HestiaCP

If you encountered any issues feel free to leave a comment or contact us and we’ll get back to you as soon as we can.