Hello,

I've a default installation of webmin running and it scares me quite a lot that it asks for a password without having all the staff protected with .htaccess and .htpasswd files.

Could you pls tell me if the .htpasswd method is a good one to protect webmin little more? I've tryed to put the 2 files inside:

/usr/libexec/webmin

but I'm not even prompted for the .htpasswd request ... (even if it works in all the normal html directories).

Further, what port do you suggest for webmin?

thanks a lot!

Hi,

If you use the ssl encryption configuration, you should be safe(r). As for port- pick your lucky number :) .

Jake

hi jake thanx a lot :) but I do not own an ssl certificate? can I use SSL encryption anyway? could you pls tell me how? thanks a lot!

I remember reading on the webmin site that the default port is 10000 and that although there is no CA , there is encryption-decryption in webmin by default

I will try and locate it for you

<Edit>

Here goes:

http://webmin.com/ssl.html

</Edit>


Cheers
Balaji

wow thank you very much indeed:)

>> just incase your wondering...

placing .htaccess etc... doesnt work cos webmin doesnt use apache, it uses a custom built webserver written in perl, which isnt coded to read .htaccess

>> best solution

place it on a port that no1 will know, somert pretty high up where no1 bothers to scan :D

ports

could you pls tell me if there is a limit to the number of ports? Can I assign a port like mydomain:1234567890?

I know this sounds stupid but I guess that nobody knows the phone number of my ex ex ex ex gf... it's even hard for me to remember who she was ;)


ssl

Ouch.... as Webmin says I need OpenSSL and NET:SSLayer. I did just check if this stuff is already installed on my box, and yes openssl-engine-0.9.6b is installed. Now I did download Net_SSLeay.pm-1.13 but it says that my Openssl version B is to old and I should upgrade to C.
Hemm, how can I upgrade OpenSSL from B to C? I did try to install C but it says that I'm running B. ;)

[root@myserver openssl]# rpm -i openssl-0.9.6c-2mdk.i586.rpm --test
file /usr/bin/openssl from install of openssl-0.9.6c-2mdk conflicts with file from package openssl-0.9.6b-8

I believe the number of ports you can have is limited by the size of an "int", which should be about 65000 or so. (2 to the 16th power).

Peter

Last time I checked you could also have Webmin only accept logins from certain IPs, and domains...

I use my firewall (ipfw on FreeBSD) to only allow access to the webmin port from certain IP addresses. I do not trust webmin's IP restriction capabilities completely.

Updating SSL:

up2date --update (on Redhat) works great.

Jake

max is 65535 port you can use.

ports -> ok thanks a lot


ssl -> did use up2date and here is what I get:

Testing package set / solving RPM inter-dependencies...
RPM conflict error. The message was:
Test install failed because of package conflicts:
package openssl-0.9.6b-8 is already installed


any suggestion? If I try to uninstall this version of openssl I would have to brake all the dependencies :bawling: any idea?

Or, do you suggest me to use an older version (which one?) of Net:SSLeay to get webmin working in SSL?

thanks a lot

I would go ahead and force an uninstall, and go to version C. Dependencies should be okay once you install the new version.

Jake

jake thx i'll try. should it not work I will post again... even if the server should crash ;)

So how did it go?

Jake