I am not able to login
For installing dependencies we use Composer. As are currently not able to run it under hestia-php version. We install it via /usr/bin/php. Make sure proc_open is allowed in the main php version. In the future we look in methods to allow install via composer via hestia-php.
Where can I find more information about the config files?
A good starting point for every software is to check the official docs:
You could also try our Forum
Can I use HestiaCP behind Cloudflare CDN?
By default the Cloudflare Proxy supports only a limited number of ports. This means that Cloudflare will not forward port 8083, which is the default port for Hestia. To change the Hestia port to one that Cloudflare will forward, run this command:
You can also disable Cloudflare proxy feature.
How to remove unused ethernet ports from RRD?
Add the following line:
Add network ports as comma separated list
rm /usr/local/hestia/web/rrd/net/* systemctl restart hestia
What does the “Enforce subdomain ownership” policy mean?
In Hestia <=1.3.5 and Vesta, it was possible for users to create subdomains from domains that were owned by other users. For example, user Bob could create
bob.alice.com, even if
alice.com is owned by Alice. This could cause security issues and therefor we have decided to add a policy to control this behaviour. By default, the policy is enabled.
You can tweak the policy for a specific domain and user, for example for a domain that has been used for testing:
# to enable v-add-web-domain-allow-users user domain.tld # to disable v-delete-web-domain-allow-users user domain.tld
Can I restrict access to the
In Hestia 1.3, we have made it possible to give another user Administrator access. In 1.4, we have given system administrators the option to limit access to the main System Administrator account to improve security.
My server IP has changed, what do I need to do?
When a server IP changes, you need to run the following command, which will rebuild all config files:
Unable to bind address
In rare cases the network service might be slower than Apache2 and or Nginx. In that case, Nginx or Apache2 will refuse to successfully start. You can verify that this is the case by looking at the service’s status:
systemctl status nginx # Output nginx: [emerg] bind to x.x.x.x:80 failed (99: cannot assign requested address)
Or, in case of Apache2:
systemctl status httpd # Output (99)Cannot assign requested address: AH00072: make_sock: could not bind to address x.x.x.x:8443
The following command should allow services to assign to non existing IP addresses:
sysctl -w net.ipv4.ip_nonlocal_bind=1
I am unable to monitor processes with Zabbix
For security reasons, users are not allowed to monitor processes from other users by default.
To solve the issue if you use monitoring via Zabbix, edit
/etc/fstab and modify it to the following, then reboot the server or remount
proc /proc proc defaults,hidepid=2,gid=zabbix 0 0
Error: 24: Too many open files
If you see an error similar to this:
2022/02/21 15:04:38 [emerg] 51772#51772: open() "/var/log/apache2/domains/domain.tld.error.log" failed (24: Too many open files)
It means that there are too many open files with Nginx. To resolve this issue, edit the Nginx daemon config, then reload the daemons by running
# /etc/systemd/system/nginx.service.d/override.conf [Service] LimitNOFILE=65536
Add this to the Nginx config file (Needs to be smaller or equal to
# /etc/nginx/nginx.conf worker_rlimit_nofile 16384
Restart Nginx with
systemctl restart nginx, and verify the new limits by running:
cat /proc/ < nginx-pid > /limits.