Want to change server

Shaman2 · May 12, 2021, 12:39pm

Hello. Now I use many year vps server with 7 sites with vestacp, apache, php7.2 and nginx on centos 6.5. I dont use email.
My vps is 2core, 4gb memory and 80gb ssd.

Because vestacp and centos do not develop, I want get new vps 4gb with 2core, 4gb memory and 80gb ssd and move sites to new vps. But I need add email support to any sites.

I see hestiacp setup apache+php-fpm+nginx by default, is it good choise or better setup php-fpm+nginx?

What about clamav and spamassist? will they create a heavy load with 4GB of memory?

Because I add email on vps, which name of host I need to choise? I never earlie work with it. Dns I use from cloudflare.

Thank you for your responses and sorry for my english

jlguerrero · May 12, 2021, 3:57pm

For WordPress better to have apache since some plugins try to access htaccess.

You only need them for email. They are not that heavy. It depends on the websites. I think you will be fine with the 4GB ram.

It doesn’t really matter.
I use the machine’s name for everything serverx.hostingcompany.com

Shaman2 · May 12, 2021, 4:18pm

Now enought make backup on vestacp and restore in hestiacp or need something do else?

jlguerrero · May 12, 2021, 4:36pm

Yes. In theory that’s the way to do it right!

But I have never restored a hestia backup in my life so I can’t help you with this.

eris · May 12, 2021, 4:39pm

No should be working fine. Have done it to many times…

Shaman2 · May 12, 2021, 4:51pm

And question about quota=yes function. Is it realy work for debian10 image from provider or need change function in kernel ? I am afraid that the mailbox overflow will not lead to the server stop

Shaman2 · May 12, 2021, 4:55pm

What else should I pay attention to when installing the panel and configuring the server, except for tweaking php?

jlguerrero · May 12, 2021, 5:06pm

It works for me.

Set a cron job to check disk
df -h

Wibol · May 12, 2021, 5:06pm

What is really important for deliverability is that the DNS records for MX and PTR match. Normally they are “mail.domain.tld”. The latter needs to be configured in the VPS control panel.

You can use MXToolBox for tips.

eris · May 12, 2021, 5:26pm

It needs an additional kernel module. Depening on the virtualisation software it may not work

jlguerrero · May 12, 2021, 5:29pm

This is my checklist / commandlist:

Add letsencrypt
$HESTIA/bin/v-add-letsencrypt-host

Open ssh in port 2222
$HESTIA/bin/v-add-firewall-rule ACCEPT 0.0.0.0/0 2222 tcp SSH

Change SSH port to 2222
sed -i ‘s/Port 22/Port 2222/g’ /etc/ssh/sshd_config
Disallow root login
sed -i ‘s/PermitRootLogin yes/PermitRootLogin no/g’ /etc/ssh/sshd_config

service sshd restart

Ban malicious IPs
$HESTIA/bin/v-add-firewall-ipset maliciosas ‘https://iplists.firehol.org/files/firehol_level1.netset’
$HESTIA/bin/v-add-firewall-rule DROP ipset:maliciosas 0

Install WP-CLI
curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar && chmod +x wp-cli.phar && sudo mv wp-cli.phar /usr/local/bin/wp
Tweak to enable permalink flush via command line
echo “apache_modules:” >> ~/.wp-cli/config.yml
echo " - mod_rewrite" >> ~/.wp-cli/config.yml

Enable xz compression for emails stored in server
cd /etc/dovecot/conf.d

15-lda.conf
protocol lda {
mail_plugins = $mail_plugins zlib
}
20-imap.conf
protocol imap {
mail_plugins = $mail_plugins zlib
}
20-pop3.conf
protocol pop3 {
mail_plugins = $mail_plugins zlib
}
20-lmtp.conf
protocol lmtp {
mail_plugins = $mail_plugins zlib
}
90-plugin.conf
plugin {
#setting_name = value
#Gzip vs Bzip2 vs XZ Performance Comparison
zlib_save_level = 5
zlib_save = xz
}

eris · May 12, 2021, 5:32pm

If the hostname is set up correctly this is not needed any more in 1.4

Shaman2 · May 12, 2021, 5:35pm

So now I can setup 1.4 as beta without problem? I read changelog, very nice. If I install 1.4 beta, in future with autoupdate panel will changing to release or will on beta-channel always?

eris · May 12, 2021, 5:52pm

It will update to the release version.

Follow the instructions here

Shaman2 · May 12, 2021, 7:38pm

Big thank you for iplist block information, I dont use it earlie

falzo · May 12, 2021, 7:38pm

if you value your data you should not use any beta in production - easy as that.
especially not, if you are not really experienced about system administration at all. please be informed that Hestia is not a drop-in replacement for Vesta and might not be a good tool for beginners.

while it somewhat keeps the look and feel and for now still offers a migration path from vesta, quite some things have changed, and setting it up and adjusting it to your needs will need some sysadmin skills.

in theory, if you know what you are doing, a migration works out of the box. there are however always hurdles you might come across (different OS, newer versions of this&that), so take your time and do not rush things. we won’t be able to support you with setting up your specific environment

Shaman2 · May 12, 2021, 7:54pm

I have been servicing my vps for over 7 years on my own without any problems during this time. But it is always useful to learn something new or to clarify on new functionality. Thank you, I will not install beta versions for now and will limit myself to the release

jobet · May 16, 2021, 6:08pm

From my experience it’s much better to have separate servers for web and mail services.

Not only because of server load issues (clamav alone takes 1 GB RAM when idle, in production that may increase following the mail system load) but there are also security issues like email flooding attacks.

For email services, I prefer to delegate all the email hassles to an email cloud service like rackspace or similar!

Finally, regarding web server stack, I found that WordPress sites have a much better performance on a LEMP stack (Nginx, MySQL and PHP-FPM)!

Shaman2 · May 19, 2021, 5:24pm

May you right, I test hestiacp install to vps 2gb memory and result:
ps -eo pmem,pcpu,rss,vsize,args | sort -k 1 -r | less

%MEM %CPU   RSS    VSZ COMMAND
54.0  0.2 1104600 1252716 /usr/sbin/clamd --foreground=true
 4.3  0.0 88960 102420 /usr/bin/perl -T -w /usr/sbin/spamd -d --pidfile=/var/run/spamd.pid --create-prefs --max-children 5 --helper-home-dir
 4.1  0.0 84232 102420 spamd child
 4.1  0.0 84220 102420 spamd child
 3.9  0.0 80664 969280 /usr/sbin/mariadbd
 1.9  0.0 38896 180548 php-fpm: master process (/etc/php/5.6/fpm/php-fpm.conf)
 1.8  0.0 37748 283472 php-fpm: master process (/etc/php/7.4/fpm/php-fpm.conf)
 1.0  0.2 22080 660868 /usr/bin/python3 /usr/bin/fail2ban-server -xf start
 0.8  0.0 17128 157000 /usr/sbin/named -u bind
 0.6  0.0 13996 180832 php-fpm: pool www
 0.6  0.0 13996 180832 php-fpm: pool www
 0.6  0.0 12788  66028 /usr/bin/freshclam -d --foreground=true
 0.5  0.0 11388 114516 php-fpm: master process (/usr/local/hestia/php/etc/php-fpm.conf)
 0.5  0.0 10432 761172 /usr/sbin/apache2 -k start
 0.5  0.0 10224 104996 /sbin/init

free -m

      total        used        free      shared  buff/cache   available

Mem: 1995 1346 286 17 362 485
Swap: 976 3 973

system · June 18, 2021, 5:24pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.