Security message

  • This project is currently in Beta with many ongoing changes.
  • Whilst we're confident the majority of code is safe, nothing in life is 100% safe or risk-free. Writing functional, secure code is very difficult. The current fast pace of development/change may unintentionally introduce bugs/security issues. Use your best judgment before storing highly confidential information in the app. You may wish to consider running ITFlow on it's own server, using a web-app firewall, restricting access (except /portal) to trusted IP addresses, etc.
  • ITFlow comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law

A Fantastic Free and Opensource Web Hosting Control Panel

Admin Level

Install HestiaCP

  • Install on Debian 12 without Mail, DNS and Apache (Nginx will be used instead) This will provide the most ultimate performance for ITFlow

Install PHP Mods

These modules are not installed as part of the default HestiaCP Install

  • Login as root: apt install php-intl php-imap php-mailparse php-curl -y

Create User

  1. Login to HestiaCP as admin https://host.yourdomain.ext:8083
  2. Create Normal user with bash shell access - it defaults to no login
  3. Logout as admin

User Level

Create Web Domain

  1. Login as newly created user
  2. Click Create Web Domain
  3. Enter your FQDN - for example
  4. Click Save
  5. Edit the newly created Web Domain
  6. Click Enable SSL for this domain and the 3 options under it should be checked as well.
    1. Use Let's Encrypt to obtain SSL certificate
    2. Enable automatic HTTPS redirection
    3. Enable HTTP Strict Transport Security (HSTS)
  7. Click Save

Create Database

  1. Click DB
  2. Click Add Database
  3. Name the database
  4. create username for database you can use the same name as the database name for simplicity
  5. make a secure password
  6. Click Save

Pull down ITFlow install files

  1. Login with your new user via ssh - ssh username@host.domain.ext
  2. Change to Web root Directory cd /home/[USERNAME]/web/[HOST.DOMAIN.EXT]/public_html
  3. Delete HestiaCP automatic created files rm * - This will delete index.html and robots.txt
  4. Install ITFlow files via git - git clone . - Do not forget the . at the end

Follow Web Install Process

Setup Cron Jobs

  1. Log back into HestiaCP
  2. Click Cron
  3. Add each of the Cron Jobs in the documentation here

Tweaks (Optional)

  • Click Users > Packages > Edit Default Package
    • Set Backups to something other than the default 1 - 7 to 14 is a good practice
    • Set SSH Access from nologin to bash
  • PHP Settings Default to the following - Click gear icon top right > Click on php8.2-fpm

  • MariaDB Settings - Click gear icon top right > Click on mariadb

  • NginX Settings - Click gear icon top right > Click on nginx