Dynamic Domain Setup and IP Access Restriction

Dear HestiaCP Community,
I am currently grappling with a technical challenge in managing a PHP-based sitebuilder platform utilizing Nginx + PHP-FPM via HestiaCP. I seek your expertise in two key areas.
Firstly, with a user base of approximately 50, and a daily influx of new users, the manual creation of individual domains is proving impractical. Is there a secure method to allow users to configure their DNS settings to point to my server, ensuring seamless integration with my platform, and, critically, the automatic provisioning of SSL certificates?

Secondly, regarding HestiaCP’s IP address management, if I were to add a secondary IP address, is there a means to restrict access to the HestiaCP panel exclusively to that secondary IP? The aim is to permit panel access solely from the specified secondary IP, effectively blocking access from the primary IP. This measure is intended to prevent users configuring DNS with the primary server IP from inadvertently accessing the HestiaCP login page.

I would greatly appreciate your insights and guidance on these technical matters. Thank you for your time and expertise.

  • Creating new users / websites can be done via the API

  • No you can block access to the panel via firewall settings

There is no more efficient way without the need to create specific domains, if in the future I have 1000 customers I will have to create 1000 domains, it would be impossible to manage. If it can’t be done, can you give me a guide please to use HestiaCP api in PHP.
Also why isn’t there a way to access the hestiacp control panel just from the secondary IP address I added? What solution do you recommend to prevent users from not seeing the open HestiaCP access TCP port? I connect from a home network with a dynamic IP address and I don’t want to use VPN or something similar to have the static IP address to connect to the panel.

No! How is Hestia supposed to configure Nginx / SSL and other services it doesn’t know the domain?

API: API | Hestia Control Panel

It currently use only to :8083. You can add an other domain and use a template and block port 8083 completely. Use the search function it has been handled 1000 of times…

Can you help me? How do I add/remove a domain from the API? I didn’t find anything exhaustive doing a search. I should automatically add a domain and also generate SSL certificate with let’s encrypt

Delete domain:

v-delete-web-domain user domain.com

Here is a list of all the commands:

1 Like