Hi, (bonjour)
First of all: thank you for this amazing project.
I’ve been using HestiaCP for a while now and honestly I love it — it’s simple, clean, fast, and it includes so many useful features out of the box (Fail2ban, firewall, ipset, easy integration with blocklists like FireHOL, etc.). It’s exactly what I need for my hosting infrastructure.
I run a small web agency in France and I’ve been doing this for 12+ years, with 140+ client websites (WordPress, PrestaShop, WooCommerce…). HestiaCP has been a great solution for managing everything efficiently.
My main need / feature request
One thing I really miss in HestiaCP is a centralized log viewer / security dashboard, especially for multi-site environments.
Right now logs are available per domain, but there is no real global view with filters like:
Right now logs are available per domain, but there is no real global view with filters like:
filter by domain
filter by HTTP code (403 / 404 / 500 / 503…)
filter by time range (last hour / 24h / 7 days…)
filter by request type (POST / GET)
detect “bursts” (ex: 100x 403 in 1 minute)
quick search for common attack patterns (SQLi / XSS / LFI / RFI)
This becomes even more important when using 7G / 8G firewall rules, because it’s very useful to quickly identify:
real attacks blocked (good)
false positives to whitelist (normal)
targeted domains or IPs
Why it matters
With many websites on one server, a global log view would save a lot of time and help detect threats faster, instead of manually checking each domain one by one.
Idea (optional)
Even a simple “Security Logs” page could be amazing, something like:
top blocked IPs
top attacked domains
top rules triggered (403 reasons)
last 100 suspicious requests across all sites
Thanks again for all your work 
HestiaCP is already one of the best panels out there, and this kind of centralized log/security view would make it even better.
Best regards,
Damien
