Hey everyone,
I’ve been using HestiaCP in production for a while now, and over time I’ve built up a collection of scripts, guides, and configs that we use internally. I figured I’d share them since I’ve benefited so much from other people sharing their work in this community — feels only right to give something back.
What’s in the repo:
- Security & Permissions Scripts: A zero-dependency, modular
v-security-audittool (with pentest capabilities like SSRF, HTTP Smuggling, XML-RPC DoS checks, Kernel CVE profiling, YARA integration, and more), plus a robustv-fix-web-permissionsscript to seamlessly fixpublic_htmlissues without locking out PHP-FPM. - Reporting & Notifications: Automated HTML/Markdown reporting that integrates directly with HestiaCP’s native logs and admin emails.
- Optimization Guides: Practical calculations for tuning PHP-FPM, MariaDB, and SWAP based on your actual RAM and traffic, not copy-pasted generic values.
- Sysadmin Scripts: A backup wrapper with symlink support and smart retention, GitHub mirror script, system health report (
v-system-report), log cleanup, and an Exim outbound limit monitor. - AI Prompt Blueprints: Platform-agnostic system prompts for a DevOps agent and an automated health monitor. No dependency on any specific tool, just inject them into whatever LLM setup you use.
Fair warning: some things in there might look unconventional or like overkill for your setup. That’s fine — they exist because of specific problems we ran into. They’re not polished commercial products, they’re aggressive internal tools that happen to work flawlessly for us on production. I’m sharing them as-is in case they’re useful to someone else, even partially.
Repo: GitHub - webxtekstudio/hestiacp-useful-tools: Some scripts · GitHub
Feedback, PRs, or just questions are welcome. If something looks wrong or could be done better, genuinely happy to hear it.
Branch: 
Repository: 