Basic Security - Administration

Webmin is a powerful tool; if the wrong person had access they could login to your system and delete partitions, steal files, etc. There isn't anything you can't do with this tool, so you need to make sure you protect it.

First go to your web browser and type in:
   http://www.yourdomain.com:1000 or
   http://localhost:10000 if you're in front of the machine

Now it will ask for your username and password. Type in the one it created for you during setup. If you installed via the .rpm file the default username is root, and password is your current root password.

Now you'll see a couple of different tabs. For the Webmin security files you'll want to select "Webmin Configuration." You should then see a list of options.

The best way to start out security is to restrict what IP address have access to Webmin. This can be done by selecting 'IP Access control.' Here you can select to only allow certain IP's, or you can allow all but certain IP's. Since you should know where your going to access your system from select "Only allow from listed addresses."

Now in the box to the right type in the IP addresses you want to have access from. Press return after every address you add. Remember to add your localhost IP address (127.0.0.1). You need to have that one selected if you want to be able to access Webmin from http://localhost:10000. Then click update. That's it. You've now restricted access to every machine that is not on your list. Remember that this only limits access to Webmin not your other programs. If you need security set up for your system as a whole I would suggest using a program called IP Chains.

>>> More Site Administration Articles          >>> More By Dev Shed

blog comments powered by Disqus