Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Hestia or VestaCP? - Page 2
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Hestia or VestaCP?

2

Comments

  • yokowasisyokowasis Member
    edited May 2020

    @Falzo said:

    @yokowasis said:
    I am using hestia, they have WordPress installer, so that's a plus. Too bad none of them have phpmyadmin auto login. I mean nobody is going to remember their WordPress database username and password.

    that's true. how about a password manager with browser extension?

    Works fine if you login into your own account. It will get messy fast when you host websites for your client, and they ask for their phpmyadmin username / password for their websites.

    Also hestia is missing a button. The function / page is there. Because I can type it manually in the browser. It's just the button is missing. Since I can't really remember it, I guess it's not that important.

    I don't know if it exists in vesta / myvesta. But hestia has cache template. They call it reddit mode. Which is neat. I am using it when a website is getting high traffic.

  • dpecadpeca Member

    myVesta has the same cache template as official Vesta - https://github.com/myvesta/vesta/blob/master/install/debian/10/templates/web/nginx/caching.sh
    but I'm wonder how nginx know when to purge/update that cache.
    Via cookie?

  • @dpeca said:
    myVesta has the same cache template as official Vesta - https://github.com/myvesta/vesta/blob/master/install/debian/10/templates/web/nginx/caching.sh
    but I'm wonder how nginx know when to purge/update that cache.
    Via cookie?

    It get purged whenever people login / session. I think.

    As far as I understand, if an ad admin logged in, which ever page he visited, it will get purged. Even after the admin logged out.

  • dpecadpeca Member

    yokowasis said: As far as I understand, if an ad admin logged in, which ever page he visited, it will get purged. Even after the admin logged out.

    but in that case it's possible to edit the page and forget to visit it :smiley:

    Thanked by 1amadex1337
  • EdwardEdward Member

    @wilbo said:
    Hestia or VestaCP. Do you have a preference and why? I know there are other panels, but I'm going to use one of these because it is best for my current needs.

    VestaCP is more suitable for one project. That is, if you have many sites with different software, different versions of PHP, then it’s better not to use VestaCP, it is still rather not flexible in this regard. Also, no SSL is installed on many sites, and it gives errors. I have to do it from the console. I can’t say anything about the second panel, I have never used it.

  • dpecadpeca Member
    edited June 2020

    @Edward said:
    That is, if you have many sites with different software, different versions of PHP, then it’s better not to use VestaCP, it is still rather not flexible in this regard.

    this is my shared server:

    it's powered by myVesta - www.myVestacp.com

    Thanked by 2vpsGOD kkrajk
  • EdwardEdward Member

    dpeca said: this is my shared server:

    Yes, if you are well versed in the console and server administration, then of course it will be convenient for you to use VestaCP (to support multiple domains), but immediately after installation VestaCP will not be able to satisfy an ordinary user (who does not understand much about the console and setting up software on the server) for several different sites.

  • dpecadpeca Member
    edited June 2020

    For what purpose you think that console is needed to user, for example?

  • EdwardEdward Member

    @dpeca said:
    For what purpose you think that console is needed to user, for example?

    For example, I could not install immediately on two sites, right through the panel interface, an SSL certificate from Let's Encrypt. And VestaCP often has some problems because of which you need to go to their forum and solve them through the console.
    I just mean that for a regular user the best solution would be a paid panel that will automatically update Linux and all necessary software, keeping the system safe, and in the case of VestaCP, you need to constantly monitor the software on the server.

  • @Edward said:

    dpeca said: this is my shared server:

    Yes, if you are well versed in the console and server administration, then of course it will be convenient for you to use VestaCP (to support multiple domains), but immediately after installation VestaCP will not be able to satisfy an ordinary user (who does not understand much about the console and setting up software on the server) for several different sites.

    If you are not versed in the console and server administration, you shouldn't have managed your own server in the first place. Just buy reseller.

    Thanked by 2mehargags kkrajk
  • @dpeca said:

    yokowasis said: As far as I understand, if an ad admin logged in, which ever page he visited, it will get purged. Even after the admin logged out.

    but in that case it's possible to edit the page and forget to visit it :smiley:

    Then it won't get purged. But who the heck edit a page and not visiting to see how it looks?

  • dpecadpeca Member

    Edward said: And VestaCP often has some problems because of which you need to go to their forum and solve them through the console.

    i don't have those issues on myVesta fork.

  • EdwardEdward Member

    @yokowasis said:

    @Edward said:

    dpeca said: this is my shared server:

    Yes, if you are well versed in the console and server administration, then of course it will be convenient for you to use VestaCP (to support multiple domains), but immediately after installation VestaCP will not be able to satisfy an ordinary user (who does not understand much about the console and setting up software on the server) for several different sites.

    If you are not versed in the console and server administration, you shouldn't have managed your own server in the first place. Just buy reseller.

    I used this panel for a long time, this is an excellent product, but switched to a paid product, since VestaCP began to develop very slowly.

  • EdwardEdward Member

    @dpeca said:

    Edward said: And VestaCP often has some problems because of which you need to go to their forum and solve them through the console.

    i don't have those issues on myVesta fork.

    So you are lucky, or you are a very good server administrator. :)

  • @Edward said:

    @yokowasis said:

    @Edward said:

    dpeca said: this is my shared server:

    Yes, if you are well versed in the console and server administration, then of course it will be convenient for you to use VestaCP (to support multiple domains), but immediately after installation VestaCP will not be able to satisfy an ordinary user (who does not understand much about the console and setting up software on the server) for several different sites.

    If you are not versed in the console and server administration, you shouldn't have managed your own server in the first place. Just buy reseller.

    I used this panel for a long time, this is an excellent product, but switched to a paid product, since VestaCP began to develop very slowly.

    Happens to almost all of open source project. Developer need to spent their time into something that's actually can bring something into the table.

  • I've added Hestia to my audit list when I have some free time.

    Looking at their Github repo, I see some code that perks my interest... will report back at a later date!

  • ScITScIT Member

    Hi Patrick

    Thank you for taking the time to look at the project! If you have any questions or comments, please feel free to contact us.

    And also to contribute my part of the discussion, which I seem to have missed in December:

    Whether Hestia or MyVestaCP is up to you, Hestia offers many new features, but also includes changes that not everyone likes (removed Sofaculous or missing CentOS support). What there is also to say is that Hestia and MyVestaCP are in close contact with each other, having a lot of discussions and also share informations about potential vulnerabilities.

    Thanked by 1dpeca
  • @SecNinja said:
    I've added Hestia to my audit list when I have some free time.
    Looking at their Github repo, I see some code that perks my interest... will report back at a later date!

    Hi Pat,
    I'd say if you are going to invest time on auditing code, you better put efforts into Hestia and MyVesta as both are miles ahead better forks. Not to miss, they have most (or may be all) of your 2018 submissions done as well.
    Thanks again.

    Thanked by 1dpeca
  • dpecadpeca Member
    edited June 2020

    mehargags said: or may be all

    All.
    I know it, because I participated in making those fixes in official Vesta, and I merged then them in my fork and also helped HestiaCP to implement it.
    As ScIT already wrote, both forks has very open mutual communication about security :smile:

    mehargags said: I'd say if you are going to invest time on auditing code

    At least we are very responsive in communication :smile:

    Also, to use this moment to say that I would be very thankful if @SecNinja sometime in future consider myVesta as hosting panel that is worthy to security analysis :smile:

    Thanked by 1bikegremlin
  • ScITScIT Member

    dpeca said: I know it, because I participated in making those fixes in official Vesta, and I merged then them in my fork and also helped HestiaCP to implement it.

    Also confirming that all reported issues from 2018 are resolved since a long time - including the current existing exploits (https://github.com/serghey-rodin/vesta/issues/1984 and https://github.com/serghey-rodin/vesta/issues/2007) that are unfortunately still not released in a new vesta version, but patched from @dpeca - which we pointed him to it. I really like the cooperation between our projects :)!

    Thanked by 2dpeca Falzo
  • RedSoxRedSox Member

    When will Ubuntu 20.04 be supported? Just tried to install Hestian on Ubuntu 20.04 and it says sorry man you have to quit, we accept only Debian 8, 9, 10 and Ubuntu 16.04 LTS, 18.04 LTS :#

  • FalzoFalzo Member

    @RedSox said:
    When will Ubuntu 20.04 be supported?

    no final date yet, afaik not all repos have all needed packages for meeting dependencies and such. check the forum and you should find a thread regarding ubuntu 20.04 support, which might include option to test it anyways via master branch and some aditional script.

    Thanked by 1RedSox
  • VitalyVitaly Member, Host Rep

    DirectAadmin and nothing more!!

    Thanked by 1Iroshan464
  • @SecNinja said:
    I've added Hestia to my audit list when I have some free time.

    Looking at their Github repo, I see some code that perks my interest... will report back at a later date!

    Finally took a quick look at HestiaCP and it's not too bad, I mean relatively speaking compared to most alternative panels out there...

    I just sent off a single admin (local) exploit to them. Probably have a couple more things to send off, but so far nothing overly crazy like any RCE'S or that. Still have to play around with it a bit more. :)

  • Thanks patrick. I tried it earlier and Probably, one of the coolest design other than cpanel.

    I think this project needs some paid add-ons like a paid reseller module/paid support etc. It is very difficult to survive an opensource control panel stay free without a steady source of Income for atleast security auditing/attract more devs.

    Another thing, adding support for CentOs will be better.

  • +1 AAPanel.

  • @SecNinja said:

    @SecNinja said:
    I've added Hestia to my audit list when I have some free time.

    Looking at their Github repo, I see some code that perks my interest... will report back at a later date!

    Finally took a quick look at HestiaCP and it's not too bad, I mean relatively speaking compared to most alternative panels out there...

    I just sent off a single admin (local) exploit to them. Probably have a couple more things to send off, but so far nothing overly crazy like any RCE'S or that. Still have to play around with it a bit more. :)

    thanks, well received. and no worries, we are thankful for every feedback and will see to it being taken care of ;-)

  • @Falzo said:

    @SecNinja said:

    @SecNinja said:
    I've added Hestia to my audit list when I have some free time.

    Looking at their Github repo, I see some code that perks my interest... will report back at a later date!

    Finally took a quick look at HestiaCP and it's not too bad, I mean relatively speaking compared to most alternative panels out there...

    I just sent off a single admin (local) exploit to them. Probably have a couple more things to send off, but so far nothing overly crazy like any RCE'S or that. Still have to play around with it a bit more. :)

    thanks, well received. and no worries, we are thankful for every feedback and will see to it being taken care of ;-)

    Paid file Manager. I mean a real file manager. Not vesta file manager. Something like CPANEL / Direct Admin.

    Also is there docs for creating / adding custom plug in. I believe in vesta a have to hack my way.

  • ShazanShazan Member, Host Rep

    I've always liked Vesta very much and both MyVesta and Hestia are improving it a lot.
    The only thing I miss in all of them is an integrated and easy way to install mod_security for Nginx.
    Yes, of course you can do it manually but having it integrated would be great.

    Thanked by 1dpeca
  • also phpmyadmin sso, it would be great

    @yokowasis said:

    @Falzo said:

    @SecNinja said:

    @SecNinja said:
    I've added Hestia to my audit list when I have some free time.

    Looking at their Github repo, I see some code that perks my interest... will report back at a later date!

    Finally took a quick look at HestiaCP and it's not too bad, I mean relatively speaking compared to most alternative panels out there...

    I just sent off a single admin (local) exploit to them. Probably have a couple more things to send off, but so far nothing overly crazy like any RCE'S or that. Still have to play around with it a bit more. :)

    thanks, well received. and no worries, we are thankful for every feedback and will see to it being taken care of ;-)

    Paid file Manager. I mean a real file manager. Not vesta file manager. Something like CPANEL / Direct Admin.

    Also is there docs for creating / adding custom plug in. I believe in vesta a have to hack my way.

Sign In or Register to comment.