Hi, I’ve been using Hestia for a month now and I think this project will go a long way.
But some time ago I saw another interesting project called MyVesta that implements some security features that would be interesting to incorporate into Hestia if they haven’t been incorporated yet. I’ll detail the ones that for me have been the most interesting:
You can limit the maximum number of sent emails (per hour) per mail account and per hosting account, preventing hijacking of email accounts and preventing PHP malware scripts to send spam.
You can completely “lock” myVesta so it can be accessed only via secret URL, for example https://serverhost:8083/?MY-SECRET-URL
We disabled dangerous PHP functions in php.ini, so even if, for example, your customer’s CMS gets compromised, hacker will not be able to execute shell scripts from within PHP
ClamAV is configured to block zip/rar/7z archives that contains executable files (just like GMail)