vps header 1200x200

5.4 Configure your Hestia Control Panel

At the end of our last article, we installed the Hestia Control Panel and logged into it using the URL ns1.collegeintheclouds.com:8083 and the long Hestia password. In this article, we will review the initial configuration steps for Hestia.

Log in to your Hestia Control Panel
Before we can log in, we need to make sure our VPS is running. Go to VMM (or Canhost) and turn on the server. Then open a browser, copy paste the Hestia URL.


Log in with the user name admin and the complex password supplied by the Hestia installer. Here is the screen you will see when you first log into the Hestia Control Panel:


1 Change the Background Color of the Panel

The dark panel is hard to read and hard to see on screen shots. Therefore, our first task is to change the background color of the panel to a lighter color. Click on the Settings wheel in the upper right corner.


Then click Configure.


Then click Basic Options


Then use the Appearance drop down arrow to change from dark to default and click Save. Then click on the word Back to return to the main panel Settings screen.


2 Change the Admin Password
Click on Users in the top menu.


Then select the Admin User and click the Edit pencil.


Type in a new password to replace the Hestia complex password. Then scroll down the page and click Advanced Options. Then, for the admin user only, change SSH access from nologin to bash. This will allow the admin user to access all account files. Then click Save and Back to go back to the User screen.

3 Get a Better SSL Lets Encrypt Certificate
Assuming you have waited 12 hours since changing your DNS records, add an LE certificate to your name server domain. Click Web then select the name server domain to edit it. Note that the admin account should have only one website. It should use your VPS Primary IP address. Check Enable SSL for this domain. Then click Use Lets Encrypt.


Click Save. If you get an LE certificate, in about one minute, your screen will look like this:


Then click Save. To verify server domain name is working, click on Web. There is one domain name which is the name of your server. Select it and click on the up arrow to go to the server page:

4 Add a New User
It is very important to create a new user for the admin as this will create a wall for hackers preventing them from reaching the Admin Control Panel should they ever manage to break into an individual user account or website. In short, all websites should be created by Hestia users and not by Hestia administrators. Click Add User.


Type in a user name and password. Be sure to save this user name and password in a place you will remember. Then type in the User Name and email address. Check Send Welcome Email to see what that looks like. The SSH Access box does not appear for users until after the user has been created or saved. However, the default setting for Users is No Log In. Leave SSH access for all user accounts set for NoLogIn. This will prevent users (and hackers) from logging into the Admin folders of the Hestia Control Panel or accessing the folders of other users. Click Save and Back to return to the Users screen:


5 Review the Administrator File Structure
Click on the Files menu item at the top of the page.


 There are a lot of files. We could also do an SSH session into our server and turn on the Midnight Commander File Manager to see these same files. Click on the home folder.


So far, there are three accounts. The first is the Hestia User account. The second is the Hestia user we just created. The third is your Home computer user name and files. Click on the Admin account to open it. Then click on the web account to open it. There is only one website in the web folder. It is called ns1.collegeintheclouds.com. Click on it to open it. Then click on public_html.


This is similar to the Apache web/html folder. Right click on index.html to see the editing options popup screen.


Note that if you check the box to the left of index.html or only left click once on the index.html screen, you will only see some of the editing options appear above the file:


Finally, if you click on the index.html file, it will open the file for editing.


To leave the file manager and return to the control panel, click on the menu icon in the upper right corner. Then click Exit to Control Panel. Then click on the small arrow in the upper right corner to log out.

6 Log in as a User

Enter your new user name and password in the Hestia log in screen.


This screen has fewer items that the Admin screen. The main areas we will use are Add Web Address, DB - to create databases for Joomla or Moodle websites and Files - to add files for Joomla or Moodle websites.

8 Add a New Website
Click Add Web Domain to add a new web domain. The admin account is using ns1.collegeintheclouds.com. We can still use the base domain name, collegeintheclouds.com for this website.


Use the drop down arrow to select your primary VPS IP address. Then click Save and Back. Then click on Edit again to edit the new domain name.


Check Enable SSL and check Use Lets Encrypt. Then click Save and wait for the SSL certificate to install. Then click Back.

8 Review the User File Structure
Click on Files in the top menu. Then click web. There is one website. It is called collegeintheclouds.com. Click on it to open it. Then click on public_html.


This is identical to the admin website folder. The same right click and double click functions apply.

9 View the Hestia Default Website in the Front End

To see what this website looks like in the front end, open a web browser new tab and type the website name. If you are working with a VMM VPS, the server will reply that it can not find the website. Open your home terminal and type /etc/hosts. Add the new website local IP address and Fully Qualified Domain Name to the list of domains:


Then click Control plus o, then Enter to save the file and Control plus x to close the file. Then close the terminal. Then open a new browser (not the browser you are using for your Hestia Control Panel). Clear the browser cache. Then type the domain name of your VMM VPS. Because the website does not have a security certificate, the browser warning screen should appear. Click Continue.

If you are working with a CanHost VPS and a real domain name, you do not need to add anything to your home computer etc/hosts file. Either way, this screen should appear:


To edit this website, go back to the user Control Panel and click Files, web, your-domain-name, public_html and click to open the index.html file. Scroll down to the words, We're working on it! and change it This will be a terrific website very soon! Then click Save and Close. Then refresh the browser page.


Exit the Hestia File Manager and log out of the User Control Panel. Then close the browser. Then close the VPS. Then close VMM. If you are working with a CanHost VPS, leave the server running.

What's Next?
In our next article, we will review several ways to improve our website data transfer security.