Server management

How to setup a DNS Cluster

If you are looking for the options to minimize DNS-related downtime or the way to manage dns across all server you have, you might consider to set up dns cluster.

  1. Create user dns-cluster on a server which will be used as dns slave
  2. Run following command on a master
v-add-remote-dns-host 8083 admin p4sw0rd

Password and host name should be replaced with relevant data of course.

Alternatively you can run on the slave server the following command


This will generate an API key. Replace the username "admin" with the generated key. This will keep the ability to change the admin password without issues in the future.

v-add-remote-dns-host 8083 api_key

This way you can set up master->slave or master-master-master cluster. There is no limitation on how to chain dns servers.

How to setup a remote database server

  1. It is assumed you already have your second server up and running
  2. On your Hestia Server run the following command
v-add-database-host mysql root password

Mysql maybe replaced by the PostgreSQL

  1. To make sure database has been added run following command

How do Web templates work?


Modifying templates could cause errors on the server and services that are not able to reload or start.

Every time you will rebuild the user or domain the config files of the domain will be over written by the new templates. This is done by default during update of HestiaCP or it can be initiated by the admin or by modifying settings by the user.

The templates can be found in the /data/templates/ directory in the install folder

Template locations
Service Location
Nginx (Proxy) /usr/local/hestia/data/templates/web/nginx/
Nginx - PHP FPM /usr/local/hestia/data/templates/web/nginx/php-fpm/
Apache2 (Legacy / mod-php ) /usr/local/hestia/data/templates/web/apache2/
Apache2 - PHP FPM /usr/local/hestia/data/templates/web/apache2/php-fpm/
PHP-FPM /usr/local/hestia/data/templates/web/php-fpm/

When editing it is the best practice to copy the template before editing. As the default templates will reset after update of HestiaCP

cp original.tpl new.tpl
cp original.stpl new.stpl


Modifying any default templates can cause issues in the future as there are commonly overwritten during updates.

When you are done modifying enable the template with the selected domain from the control panel.

After modifying existing template you need to rebuild user configuration. This can be done using v-rebuild-user command or bulk operation in the web interface (drop down list on a "User" page).

Available variables

Name Example Description
%ip% IP Address of Server
%proxy_port% 80 Port of Proxy
%proxy_port_ssl% 443 Port of Proxy (SSL)
%web_port% 80 or 8080 Port of Webserver
%web_ssl_port% 443 or 8443 Port of Webserver (SSL)
%domain% domain.tld Domain
%domain_idn% domain.tld Domain (Internationalised)
%alias_idn% alias.domain.tld Alias Domain (Internationalised)
%docroot% /home/username/web/public_html/ Document root of domain
%sdocroot% /home/username/web/public_shtml/ Private root of domain
%ssl_pem% /usr/local/hestia/data/user/username/ssl Location of SSL Certificate
%ssl_key% /usr/local/hestia/data/user/username/ssl Location of SSL Key
%web_system% Nginx / Apache Software used as Webserver
%home% /home Default home directory
%user% username Username of user
%user% username Username of user
%backend_lsnr% proxy:fcgi:// Your default FPM Server
%proxy_extentions% List of extensions All extension that should be handled by the proxy server

%sdocroot% can also be set to %docroot% with settings

How can I change settings for a specific domain

With the switch to PHP-FPM there are currently 2 different ways.

1# Using user.ini in the directory 2# Via PHP-FPM pool config

Config templates for the PHP pool can be found in

Template locations
Service Location
PHP-FPM /usr/local/hestia/data/templates/web/php-fpm/

Due to the fact we use multi PHP we need to recognise the PHP version to be used. There for we follow the following naming.


There X_Y is your PHP version

How do DNS templates work?

DNS templates can be found in

Templates locations
Service Location
DNS /usr/local/hestia/data/templates/dns/

Variables that can be used are

Available variables
Name Example Description
%ns1% ns1.nameserver.tld Name server 1
%ns2% ns2.nameserver.tld Name server 2
%ip% Ip address of the server or Dedicated ip
%domain% domain.tld Domain of the user
%time% 12:00:00 Time of creation
%date% 01-01-2020 Time of creation

Templates can support up to 8 name servers with with %nsx% x could be up to maximum of 8

Where can I find more information about the config files

A good starting point for every software check the creator

You could also try our Forum

How to install additional PHP packages / Modules

apt-get install php-package-name

For example

apt-get install php-memcached php-redis

Will install php-memcached and php-redis including the required additional packages for PHP.

Incase you use PHP-FPM you don't have to do anything.

IPTables How can I allow/deny an IP to all ports

By default after each restart Hestia will clear the current iptables

To allow an IP to all ports (Or block)

Use the following command

v-add-firewall-rule ACTION IP PORT [PROTOCOL] [COMMENT] [RULE]

v-add-firewall-rule 'accept' '' '0' # Port 0 matches all ports

Also via interface it is possible just enter 0 as port number

Can I use HestiaCP behind Cloudflare CDN?

By default Cloudflare supports only a limited number of ports

To change the port you can run the command

v-change-sys-port 2083

Or you can disable the proxy of Cloudflare

Why I can't use http://my.ip.adress/phpmyadmin/

For security reason we have decided to disable this option

Please use https://host.domain.tld/phpmyadmin/

How can I enable / Disable the filemanager

By an new install the filemanager will be enabled by default

For updates please run the following command


To disable the file manager please run


How to remove unused ethernet ports from RRD

nano /usr/local/hestia/conf/hestia.conf

Add the following line:


Add a other network port as comma separated list

rm /usr/local/hestia/web/rrd/net/*
systemctl restart hestia