Linux Format

Things to do in Webmin (to stop your server being dead)


Besides taking the pain and suffering out of Samba (and there can be a fair amount of pain once you start getting your user mappings and

smb.confs in a twist), Webmin can also administer virtually all other aspects of your system. From cron jobs to software packages to log files to users, Webmin can respective­ly edit, install, peruse and ban these all from the comfort of a web browser. Previously we installed fail2ban to protect our SSH server from bot logins, and you’ll find a module for controllin­g it in Webmin’s Networking section. Plus, you can configure the SSH daemon itself from the Servers section.

However, all this convenienc­e comes at a potential cost, namely that anyone who has access to our username, password and the Webmin login page basically has entire control of our system. It may not be as bad as it sounds— the login page is probably not viewable from outside your home network. But steps ought to be taken to mitigate the risk here.

From the Webmin section, select Webmin Configurat­ion > IP Access control . We’ll restrict access to only the localhost and local network by entering:

in the box. Be sure to change the last line to match your network, or else you’ll no longer be able to access Webmin. Save these settings, then return to the configurat­ion area, this time visiting Ports and Addresses. Uncheck the Accept IPv6 box, just in case one day someone is able to sneak in this way too. There: rudimentar­y security measures enacted.

Newspapers in English

Newspapers from Australia