HestiaCP under subdomain

adiif1 · November 18, 2024, 8:50pm

Hello everyone,
I’ve been struggling for a while to ensure the panel is accessible only through the subdomain:
panel.domena.com

During the installation, I changed the hostname to:
panel.domena.com

I also modified the server_name in the configuration file:
/usr/local/hestia/nginx/conf/nginx.conf

Of course, the DNS A record points to panel.domena.com, but no matter what I do, I can still log in using the main domain by entering domena.com:port.

Additionally, panel.domena.com:port works as expected.

I even created a new user with the domain domena.com, but this hasn’t solved the issue.

Where should I look to find the root cause?

sahsanu · November 18, 2024, 9:18pm

Hi @adiif1,

You can get what you want editing Hestia’s nginc.conf file but keep in mind that this file could be overrided on next Hestia update.

Note: before modifying a conf file, make a backup of that file… just in case.

Edit the file /usr/local/hestia/nginx/conf/nginx.conf and modify the current server block to replace _; by panel.domena.com on server_name directive.

        # Vhost
        server {
                listen              8083 ssl;
                server_name         panel.domena.com;
                root                /usr/local/hestia/web;
[...]

Also add a new server block before the above one with this data:

        # Vhost
        server {
                listen              8083  ssl;
                server_name         _;
                return 403;
                ssl_certificate     /usr/local/hestia/ssl/certificate.crt;
                ssl_certificate_key /usr/local/hestia/ssl/certificate.key;
        }

Once done, restart Hestia.

systemctl restart hestia

adiif1 · November 18, 2024, 9:31pm

Darn, I thought it would stay like this longer—oh well, back to the original configuration.
How’s the best way to go about it?
If I want to use the main domain and its subdomains, how should I approach it?

If the main user is set up as domain.com, won’t that mean a second user can’t create a subdomain, or am I mistaken?

The panel is a bit oddly designed, but I hope version 1.9 will bring a lot of improvements.

sahsanu · November 18, 2024, 9:46pm

If you don’t want to modify anything, the domain and its subdomains should be assigned to the same user.

That is the default behavior, but you can allow other users to create subdomains by changing option Enforce subdomain ownership to No. This option is here: Server Settings -> Configure -> Security -> Policies -> Enforce subdomain ownership

aaronkempf · November 18, 2024, 10:52pm

I don’t know why you’re objecting to ‘setting up a user’
FIRST THING I do on Hestia?

I setup 50 users.
u101
u102
u103
u104

Then I login as
u101 (I click on their name)

Then I create a web for
mydomain.com
Then I create a SECOND web for
subdomain1.mydomain.com
If I want, I can create a THIRD web for
subdomain2.mydomain.com

by default, I name my database
DBName: db1
DBUser: du1

DBName: db2
DBUser_du2

That way
mydomain.com uses
u101_db1 - DatabaseName
u101_du1 - DatabaseUser
subdomain1.mydomain.com uses
u101_db2 - DatabaseName
u101_du2 - DatabaseUser

I don’t know why anyone has ANY difficulty with this.

I think that CLEARLY hestiaCP is THE GREATEST PLATFORM in the entire world.

I’ve done A LOT of multi-tenant systems administration over the years.

HestiaCP makes this childs play.