Vesta is a free admin panel for virtual hosting which is possible to use on a VPS/VDS. To install it will take just few minutes, but the system has some problems which must be fixed at the start. So, let’s do it!
To install Vesta you must go to the project’s website: https://vestacp.com/
Another step is to make settings and download installation script here: https://vestacp.com/install/
Usually I’m using configuration with clean Apache without NGINX and ProFTPd. Other things depends of needs for exact server.
After you are done with all commands you had from installation page, you have Vesta, but if to go to address of the admin panel, self-signed certificate will be warned in browser. And it’s first thing we gonna fix. We need to log in to the panel as admin, then go to page Web. The domain or subdomain of the server will be there, so just click Edit, remove aliases and select SSL Support then Lets Encrypt Support. Make sure your DNS already delegated your domain or subdomain to the server. or else you will receive error 400.
And here we are! Now you have certificate for your main domain of the server. But how about admin panel on the port 8083? Easy! Go to Server then Configure, Vesta SSL then Use Web Domain SSL Certificate. Save and here we are – your login page to admin panel and fully panel will be marked as secured.
Next step is to receive access to PHPMyAdmin and secure it. Some issues already was fixed by that topic: https://forum.vestacp.com/viewtopic.php?t=10307 So, I’m just using this command:
curl -O -k https://raw.githubusercontent.com/skurudo/phpmyadmin-fixer/master/pma-ubuntu.sh && chmod +x pma-ubuntu.sh && ./pma-ubuntu.sh
But anyway, if we will try to open /phpmyadmin/ and login as root with our admin’s password, we will receive this: #1045 – Access denied for user ‘root’@’localhost’ (using password: YES)
So, we need to change the password of the root user and flush privileges of MySQL. And first of all let’s stop SQL server:
service mysql stop
Then let’s start it with –skip-grant-tables for to have access to root without a password in terminal:
service mysql start –skip-grant-tables
After that let’s log in to the MySQL:
mysql -u root
update user set authentication_string=password(‘1111′) where user=’root’;
And restart MySQL:
service mysql restart
Now if we will try to connect to /phpmyadmin/ and log in there, it will be successful. But we need to hide the address from /phpmyadmin/ to something like /gdfgadSGDFGsg/. Open the file /etc/phpmyadmin/apache.conf and fix it there. Don’t forget to restart Apache2!
Some more information about it possible to find here:
Now if we gonna restart server, we will receive some mistakes, and PHPMyAdmin nor Apache will not work. It happens because Nginx so mush wants to work, and Vesta installing it for fun, but we no need this joke. So, let’s remove Nginx:
apt-get remove nginx
Setup authorization using keys from this article: https://rusenas.com/lets-check-if-your-site-is-infected/
Done! You can enjoy now!