Installation Guide
Full step-by-step instructions for installing hstPanel v3.0.0 on a fresh Ubuntu VPS. Takes 5â15 minutes depending on server speed.
On this page
Before You Begin
Make sure your server meets these requirements before starting:
- OS: Ubuntu 22.04 LTS or Ubuntu 24.04 LTS (64-bit)
- RAM: 1 GB minimum â 2 GB recommended
- Disk: 10 GB free minimum â 20 GB+ SSD recommended
- Root access: You must be logged in as
root - Fresh install: No existing Apache, nginx, MySQL, or Postfix
- Internet access: Outbound HTTP/HTTPS for downloading packages
Do not run on a production server with existing websites. The installer will configure Apache, nginx, MariaDB, Postfix, and other services â potentially overwriting existing configs. Always use a fresh VPS.
Prepare Your Server
SSH into your server as root and run a quick update to make sure packages are current:
ssh root@YOUR-SERVER-IP
apt update && apt upgrade -yIf apt upgrade prompts about kernel or service restarts, accept the defaults and continue. A reboot before installing hstPanel is a good idea.
Run the Installer
One command downloads and runs the full installer:
bash <(curl -sSL https://hstpanel.net/install.sh)The installer will:
Detect your OS and version
Verifies Ubuntu 22.04 or 24.04. Exits with a clear error if the OS isn't supported.
Download the install package
Fetches hst-suite.tar.gz from the CDN (3 retry attempts with wget fallback).
Install all services
Installs nginx, Apache, PHP 8.3, MariaDB, Postfix, Dovecot, ClamAV, Fail2ban, Node.js 20, and PM2. Each package retries up to 3 times if it fails.
Configure services
Writes nginx vhosts, Apache config, PHP settings, MariaDB root password, Postfix relay config, Dovecot auth, and Fail2ban jails.
Deploy hstPanel
Extracts panel, billing, and API server files. Starts the API server with PM2 and saves the process list for auto-start on reboot.
Run post-install verification
Checks 30+ items â binaries, services, ports, PHP extensions, firewall rules. Attempts auto-fix on any failures and prints a pass/fail summary.
What Gets Installed
| Component | Version | Purpose |
|---|---|---|
| nginx | 1.24+ | Reverse proxy on ports 80 and 443. Forwards customer PHP to Apache on 8090. |
| Apache 2 | 2.4 | PHP execution engine â listens on port 8090 only (not exposed directly). |
| PHP | 8.3 | mysql, curl, gd, mbstring, xml, zip, intl, bcmath, soap, opcache, imagick, redis |
| MariaDB | 11.4 | MySQL-compatible database. Root password auto-generated and saved to /root/.my.cnf. |
| Postfix | 3.x | Outbound SMTP on port 25 and submission port 587. |
| Dovecot | 2.x | IMAP (993) and POP3S (995) for mail clients. |
| ClamAV | latest | Antivirus scanner with freshclam auto-update daemon. |
| Fail2ban | latest | Jails for SSH, nginx-http-auth, and Apache brute-force. |
| Node.js | 20 LTS | Runtime for the hstPanel API server. |
| PM2 | latest | Process manager â keeps the API server running and restarts on reboot. |
| UFW | built-in | Firewall rules for 22, 80, 443, 25, 587, 993, 995, 8443. |
After Installation
Once the installer completes, you'll see a summary with your access details:
ââââââââââââââââââââââââââââââââââââââââââââââââ
â hstPanel v3.0.0 â Install Complete â
ââââââââââââââââââââââââââââââââââââââââââââââââ
Panel URL : https://YOUR-IP:8443
WHM URL : https://YOUR-IP:8443/whm
API Port : 8090
DB Root PW : (saved to /root/.my.cnf)
Verification: 28 passed / 2 failedOpen the panel URL in your browser. You'll get a self-signed certificate warning â click through to proceed (you can add a Let's Encrypt cert later through WHM).
Ports & Firewall
The installer opens these ports automatically via UFW:
| Port | Protocol | Service |
|---|---|---|
| 22 | TCP | SSH |
| 80 | TCP | HTTP (nginx â redirects to 443) |
| 443 | TCP | HTTPS (nginx) |
| 8443 | TCP | hstPanel UI (HTTPS) |
| 25 | TCP | SMTP (Postfix) |
| 587 | TCP | SMTP Submission (Postfix) |
| 993 | TCP | IMAPS (Dovecot) |
| 995 | TCP | POP3S (Dovecot) |
Port 8090 (Apache) is not opened externally â nginx proxies customer PHP traffic to it internally. There's no need to expose 8090 through your host's external firewall/security group.
Re-running the Installer
The installer is safe to re-run. If components failed during the first run, run it again:
bash <(curl -sSL https://hstpanel.net/install.sh)Each component checks whether it's already installed before attempting to reinstall. Services are restarted but not re-configured if already set up. This makes the installer fully idempotent.
Check /var/log/hst-bootstrap.log for a full log of the bootstrap process, and /var/log/hst-install.log for the main installer output.