We are going to add a user for us to administer Hestiacp, it is advised to not use the admin account that was creadted upon installation as this has other functions and can be a security risk.
We are also going to lock out the admin acount and add F2A on our new admistrative account.
After Logging into Hestiacp click on add user, set the user name, password and change role to administrator.
Click save in the upper right and the user will be created for you.
Click edit under the admin account
Click do not allow user to log into controlpanel or you can limit the access of the admin account to your IP address either external IP address if yo installed on a VPS or DPS from a provider or local IP address of your computer if you installed hestia on an old laptop or simular.
Go back to users
Click edit on the new account and select F2A and click save
Now open you’re Authentication app and add the QR code to the App.
We have made the control panel more secure by disableing or limiting access to the admin account and added more authentication to the account that we will be using for administration of the server.