Apache
Restricting Webmin Acess from specific IP and port
Fri, 06/10/2011 - 04:58 | 
admin
A simple change of webmin port from the default of 10000 to some random number will significantly reduce the likelyhood of hacks.
Its a simple 2 step process.
First - Open up port on your iptables, this can be done from
Webmin > Networking > Linux Firewall
or by directly editing from webmin file browser
/etc/sysconfig/iptables
(just change the webmin port 10000 to something line 12341)
Apply the changes
#/sbin/service iptables save
(or apply chages from Webmin > Networking > Linux firewall > apply configuration
Second - login as ssh user and edit
#sudo vi /etc/webmin/miniserv.conf
and change the port to whatever port you opened in your firewall - iptables.
#/etc/webmin/restart
Allowing access to webmin from your specific IP is simple
Webmin > Webmin Config > IP Access Control
Tags: Restricting Webmin Acess from specific IP and port
Fri, 06/10/2011 - 04:58 | admin
A simple change of webmin port from the default of 10000 to some random number will significantly reduce the likelyhood of hacks.
Its a simple 2 step process.
First - Open up port on your iptables, this can be done from
Webmin > Networking > Linux Firewall
or by directly editing from webmin file browser
/etc/sysconfig/iptables
(just change the webmin port 10000 to some thing line 11001)
Apply the changes
/sbin/service iptables save
(or apply chages from Webmin > Networking > Linux firewall > apply configuration
Second - login as ssh user and edit
/etc/webmin/miniserv.conf
and change the port to whatever port you opened in your firewall - iptables.
/etc/webmin/restart
Setting up SSH usage with Key - no passwords
Fri, 06/10/2011 - 02:34 | admin
Here are some good resources to setup the ssh access via key.
http://articles.slicehost.com/2010/5/15/centos-5-5-setup-part-1
http://andremolnar.com/how_to_set_up_ssh_keys_with_putty_and_not_get_server_refused_our_key
SFTP Access using SSH Server but no SSH access
Thu, 06/09/2011 - 22:18 | admin
When using SSH for SFTP the user gets access to 'browse' the whole site unless you do CHROOT setup for users.
You can find more information on setting up CHROOT for users here - http://bostonlinux.net/bl/security/rssh
This tutorial is designed to just limit users to use SFTP (like filezilla) but not give SSH access, its a half way solution that creates users that have SFTP access using SSH server but no SSH access.
Got to rpmfind.net and find the rpm for you centos version
rssh-2.3.3-1.el5.rf.x86_64.rpm (this is for the centos 5 - 64bit)
You can also search right from
Securing your Centos 5.5 install
Thu, 06/09/2011 - 16:07 | admin
There are couple of simple things that can be done to make your box more secure.
Allow Webmin access only from your speicifed ip addresses.
Webmin > Webmin Configuration > Ip Access Control > Allowed IP Address - Only allow from listed addresses.
Stop SSH brute force attacks
This is basically hackers using bots to try random user/passowrds.
You can find a list of attempts if you check your log files - /etc/secure
Install DENYHOSTS
Webmin > Systems > Software Packages > RPM FIND TAB (search for denyhosts)
For CENTOS - you will find the DAG repo for you machine (i386 -32bit or x86_64)
something like this - denyhosts-2.6-3.el5.rf.noarch.rpm
Select the package and Install.
Unable to install Webmin key - import read failed
Sun, 06/05/2011 - 03:19 | admin
Try downloading the key locally:
wget http://www.webmin.com/jcameron-key.asc
Then run:
rpm --import jcameron-key.asc
Feb 2010 - 3 Step Sever Install
Sat, 02/13/2010 - 10:53 | admin
Ok, Here is a simpler way now to setup the server.
1) add second user - sudo user
1.1) add seconduser to 'wheel' group - admin prev.
So firstly, add the user to the wheel group:
Webmin - Apache Server Install
Wed, 06/18/2008 - 07:09 | admin
Apache server install is one of the easiest using the Webmin interface.
Just go to Servers > Apache Server page
Initially you will see this page, saying Apache is not installed and if you would like to install it.
click the link to install Apache server. Once Apache is installed you should see the page shown below.
Existing Virtual Host > Default Server
