Copying from my own notes, below is a list of features and improvements which I would like to see in Hestia CP (please feel free to add your own):
- use Cloudflare for DNS (can we edit Bind zone files locally, but update CF over PHP API? what about Letsencrypt?)
- offer a restricted shell (e.g. rssh or GNU rush) which allows rsync & git
- improve firewall (ipset lists, hashlimit, fail2ban etc)
- monitoring software & log viewer
- add WHMCS module (use VestaCP’s one)
- use AppArmor for more of the exposed apps (Exim, Bind, Nginx, Apache)
- securely add apt keys and repos during installation see
- create a Wiki (on Github)
- create a new article on Wikipedia about HestiaCP
- Backup (borg+borgmatic, rsnapshot)
- Security improvement: Replace PHP crypt() with password_hash() and MD5 with a stronger hashing algo (like BCRYPT) (see https://github.com/hestiacp/hestiacp/issues/895). But would replacing MD5 break the ability to migrate between CPs?
- Antivirus scan of the base system (e.g. rkhunter) and user files (e.g. using inotify-tools’ inotifywait with ClamAV’s clamscan & Sophos Free sweep)
- Migration scripts from other CPs to HestiaCP. User Skamasle at Github has migration scripts from cPanel, DirectAdmin and CWP to Vesta (see https://github.com/Skamasle)
Note: I’m posting here so we can first discuss / brainstorm. Once we have discussed them here, we can move to opening some issues at Github.