VestaCP is one of the many free and open source control panels. It’s fast, and requires very little resources to run:
- 512MB RAM
- 20GB HDD
- 1 GHz CPU
Additionally, most Linux distributions are supported:
- 5,6, and 7
- 5, 6, and 7
- 7,8, and 9
It can be configured to use NGINX, Apache, and even NGINX as a reverse proxy for Apache.
VestaCP is full-featured and can manage your:
- Cron jobs
Enough details, how do I install? Glad you asked.
The first thing you’ll need is a VPS, or dedicated server(i.e. RPi, that old computer in your basement, that old computer in the attic, your neighbor’s old computer in their attic, etc.). If you already have a VPS, you can skip this section. Otherwise, sign up with a VPS provider, and spin up a VPS. I’m currently on, and recommend DigitalOcean. They have plans starting from $5 a month, and generally have more features than the competition.
If you’d like to check them out, and hopefully sign up, please use this link. You get $10 of free credit, a.k.a. 2 free months, and you help support this site at no extra cost to you.
Generating the commands
VestaCP has a very simple install process. All you need to do is go to the install page, and generate an install command. To do this, scroll to the bottom(until you see “Advanced Install Settings”), and fill out the dropdown things to whatever you want.
I chose plain old Apache for my configuration, because that’s what I’m used to. However, NGINX + Apache will generally yield much higher performance, while retaining most
.htaccess functionality(static resources will be delivered without Apache). The best performance will probably be NGINX + PHP-FPM, but you lose
.htaccess support. Speaking of performance, be sure to only install what you’re going to use. I personally set the DNS option to “no”, because I use Cloudflare anyways.
Once you click the big “Generate Install Command” button, you’ll see something like the following image appear out of nowhere(basic website magic, you know 🙂 ):
Actually running the commands
Now, it’s time(insert horror movie music here) to actually SSH into your VPS and run the install command. Even if you have no idea what SSH is, I’ll do my best to help.
- Download an SSH client
- If you’re on Mac or a Linux distro, you can use the built-in
- If you’re on Mac or a Linux distro, you can use the built-in
- SSH into your VPS
- User: root(generally not a good idea, but it’s a new VPS anyways)
- Hostname/IP: The IP address of your VPS(click on it in the DO dashboard to get it copied to your clipboard)
- Port: 22
- Free cake: Yes
- Run the commands(generated by the website in the previous section)
- You’re already in your server, so skip the first command
- The second command looks something like:
curl -O http://vestacp.com/pub/vst-install.sh
- Copy and paste the third and longest command
- Press “y” and enter when prompted
- Eat the free cake while you wait
Once the install is complete, you’ll be given the information needed to login. Copy the URL, and paste it in your browser. The username is “admin”, and the password is what you were given.
What I like about VestaCP is that it is one of the very few control panels that manages to balance lots and lots of features with an uncluttered UI. It has everything I need, while maintaining the simplicity control panels were designed for in the first place.
If you have no idea how a web server works, VestaCP’s UI makes it easy to manage. If you like managing every little detail of your server, 95% of the time, VestaCP has an option for it.
While I didn’t do a benchmark between my Apache configuration and VestaCP’s, all websites hosted with it loaded extremely fast. I’m even confident in saying the performance is slightly better than the shared hosting I was on. While many of you just thought “obviously; VPS hosting has more resources than shared”, I actually doubt that in this case. My shared hosting had 1GB of RAM with 20GB of HDD space. My VPS also has 1GB of RAM, but with 25GB of SSD space. Additionally, Namecheap has many experienced developers who can fine tune things, while I don’t.
.htaccess support enabled by default. This is great for simplicity, because most CMS’s will work out of the box this way. However, it does also result in a slight performance decrease. This is less of a problem if you have NGINX as a reverse proxy, because the majority of requests will be handled without Apache needing to process all of your
VestaCP does an exceptionally good job at not breaking even after messing with the auto-generated configuration files. What surprised me most is that I configured NGINX to multiplex HTTPS and OpenVPN on one port, and everything still works. All I had to do is set VestaCP’s main IP to localhost, and tell NGINX to listen on the external IP address.
Additionally, if you chose just Apache, I recommend you use NGINX as a SSL termination proxy. That way, you just have to mess with one certificate.
VestaCP also adds many features to protect your server from attacks. Fail2ban comes installed, unless you disabled that, and there’s Let’s Encrypt integration. With the tick of a checkbox, you can add a free, and valid SSL certificate to your website. That SSL certificate will even work with Cloudflare’s “Full (Strict)” mode.
Security is good and all, but nothing beats a good backup system. VestaCP also has a built-in tool to back up all of your websites, databases, email accounts, etc. Everything is automatically compressed to save space, and you can configure how many backups to keep.
Restoring is amazingly easy. VestaCP will automatically restore all your web files, emails, databases, and settings. All you need to do is move the backup
.tar file in
/backup then run:
/usr/local/vesta/bin/v-restore-user admin admin.something.tar
And VestaCP will restore everything!
Update: I’m now on NGINX + Apache after a quick re-install and restore.
So, should you use VestaCP?
If you’re looking for a free and open source control panel, then I think the answer is … yes! VestaCP is simple, performant, and does everything you need it to.
Affiliate disclosure: This post may contain affiliate links. Affiliate links are special links which allow the destination website to know we sent that visit, and will often set a cookie to remember that. Should you then purchase their product/service, we may get a commission. Learn more.