K E R N E L _ L A B S

Loading

Making Technology Work for Your Business.

Contact Info

Describe your problem

How to Install Hestia Control Panel for Easy Server Management

  • Home
  • Blog
  • How to Install Hestia Control Panel for Easy Server Management

Hestia Control Panel has emerged as a powerful, lightweight, and open-source solution for managing web servers. It offers a complete suite of tools without the resource overhead of older panels like cPanel, making it an ideal choice for everything from small VPS plans to dedicated servers.

Why Choose HestiaCP?

 

Lightweight and Efficient: Hestia is optimized for performance, running comfortably on servers with as little as 1-2 GB of RAM. Its use of a lean Nginx + PHP-FPM stack ensures your server’s resources are dedicated to your applications, not the panel itself.

 

Fully Open Source: Licensed under the GPL, Hestia is transparent, community-driven, and free from licensing fees. You have complete control over your software stack.

 

Complete Feature Set: Out of the box, Hestia provides everything you need: web and proxy servers (Nginx, Apache), DNS, email, databases, automatic Let’s Encrypt SSL, a file manager, robust backup systems, a firewall, and much more.

 

This guide will walk you through installing Hestia on a fresh server, securing it, hosting your first website, and mastering its powerful features for easy server management.

Step 1: Prerequisites and Server Preparation

  • Before you begin, ensure you have the following:

    • Operating System: A fresh installation of Debian 11/12 or Ubuntu 20.04/22.04 LTS.
    • Server Resources: At least 1 vCPU, 1 GB RAM, and 20 GB SSD storage. (2+ GB RAM is recommended if you plan to host email with antivirus scanning).
    • Access: Full root or sudo user access to the server via SSH.
    • Networking: A public IP address and a Fully Qualified Domain Name (FQDN) for your panel (e.g., panel.yourdomain.com).
    • DNS Control: The ability to create and modify DNS records for your domain.

 

1.1 Set the Hostname and Update Your Server

a. Set the hostname
sudo hostnamectl set-hostname panel.example.com

b. Update and upgrade the system:

sudo apt update && sudo apt -y upgrade

c. Install curl and wget

sudo apt -y install curl wget
 

1.2 Ensure ports are open in your provider firewall/security group

-80/443 (web), 8083 (Hestia panel), 22 (SSH)

-If running mail: 25/587/465 (SMTP), 110/995 (POP3), 143/993 (IMAP)

 

Step 2: Install Hestia Control Panel

The Hestia installation is handled by a single, interactive script.

 

2.1 Download and Run the Installer

 

wget https://raw.githubusercontent.com/hestiacp/hestiacp/release/install/hst-install.sh 
sudo bash hst-install.sh

 

The installer will prompt you to confirm the installation and ask you to customize the software stack. You can:

 

-Choose a web server: Nginx + PHP-FPM (recommended for performance) or Nginx + Apache (for .htaccess compatibility).

 

-Select services to install, such as a DNS server (Bind), an email server (Exim/Dovecot), and databases (MariaDB/PostgreSQL).

 

For most use cases, the defaults are excellent. Once the installation is complete, the script will display your admin URL, username, and password. Save these credentials in a secure location.

Step 3: First Login and Essential Security Hardening

Your panel is now running, but you should secure it immediately.

3.1 Log In and Secure the Panel with SSL

First, point your panel’s FQDN (e.g., panel.yourdomain.com) to your server’s IP address by creating an A record in your DNS provider’s dashboard.

Once DNS has propagated, log in to Hestia at https://your-server-ip:8083.

a. Navigate to Server Settings (the gear icon in the top navigation). – Click Configure.

b. Under SSL, find Enable SSL for Control Panel.

c. Enter your FQDN (panel.yourdomain.com) in the Hostname field.

d. Click Enable SSL for this Hostname and follow the prompts to issue a Let’s Encrypt certificate.

Your panel will now be accessible via https://panel.yourdomain.com:8083 with a valid SSL certificate.

3.2 Enable Two-Factor Authentication (2FA)

a. Click your user icon in the top-right corner and select Edit Profile.

b. Find the Two-factor authentication section.

c. Click Generate secret key and scan the QR code with an authenticator app (like Google Authenticator or Authy).

d. Enter the code from your app and click Save.

3.3 Review and Lock Down the Firewall

Hestia comes with an integrated firewall managed by iptables and Fail2Ban.

a. Navigate to Server Settings > Firewall.

b. Review the active rules. By default, Hestia allows the standard ports you need.

For enhanced security, you can edit the SSH rule to allow access only from your IP address.

 

By following this guide, you have successfully set up a secure, efficient web server with HestiaCP, ready to host your websites, databases, and email with professional-grade tools.

Troubleshooting Common Issues

-Can’t access panel on port 8083: Ensure the port is open in your cloud provider’s firewall and that the hestia service is running (systemctl status hestia).

 

-Let’s Encrypt fails: Your domain’s DNS must be pointing to the server. Port 80 must be open. If using Cloudflare, temporarily disable the proxy (set it to “DNS Only”) during certificate issuance.

 

-High RAM usage: On a low-RAM VPS, disable ClamAV and SpamAssassin if you are not hosting critical email. Switch your web template to Nginx + PHP-FPM only.

 

-WordPress permalinks are broken: Edit the web domain and change the Web Template for Nginx to wordpress. This includes the necessary rewrite rules.

 

Tags:
Share:

Leave A Comment