Menu

RTCXpression

Close

Webmin and ConfigServer Security & Firewall Installation

- July 19, 2013

Webmin If you set up a developer server of any kind, installing the operating system probably won’t include any kind of control panel. The nice thing about that is you get to choose your control panel.

Webmin is an excellent choice because it’s lightweight and secure – it runs on a PERL mini-server and doesn’t need any other application server installed before you can start using it.

What makes Webmin powerful is its modules and you can add more, like ConfigServer Security & Firewall (CSF).

Installing Webmin

While you can install Webmin using APT, it probably won’t be an up-to-date version. If you follow the Webmin developer’s installation instructions, it will be.

I’m not going to tell you how to configure Webmin. I’ve used it as a control panel for more than a couple of years and I only use a fraction of what it’s capable of. More than anything, I set up my cron jobs with it.

If you’re comfortable using the command line, you don’t really need a control panel. Using the command line is tedious, however, and things like CSF will take forever to configure one line at a time.

Installing CSF

Find a directory on your server to work from and run these commands:

wget http://download.configserver.com/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh

Of course, you’re not done yet. Now you need to make sure you log into Webmin and install the CSF module. Go to Webmin/Webmin Configuration/Webmin Modules. Install it from a local file by browsing to /etc/csf/csfwebmin.tgz to do so.

Configuring CSF

You should keep CSF in test mode until you’re positive everything is working correctly. You’ll find “ConfigServer Security & Firewall” under the “System” menu item in Webmin. What you’re looking for after you click that menu item is “Firewall Configuration”, which you also need to click on.

You can read the CSF documentation about what all the options do. For now, we’re concerned with “SECTION:IPv4 Port Settings” and the TCP_IN, TCP_OUT, UDP_IN and UDP_OUT items. You need to make sure you add the port for Webmin and the ports affecting your application servers (web server, FTP server, etc.), including the “pasv” ports used by your FTP server (using a colon to delineate the range, 30000:35000 as a formatting example). You then need to remove the ports you’re not using.

Knowing which ports need to be open or closed is the reason you should install the CSF module after you’ve installed everything else. It’s a good idea to note the port numbers you eventually use while installing everything else. Keeping a list is easier than memorizing. It’s also safer. If you forget a port number, you can easily lock yourself out from a particular application server. While it’s not too difficult to fix your mistakes, fixing them takes time and effort.

Share this:

Categories: Technology

Tags: ,

Previous and Next Articles (if any):

« »

More

You've made it this far down the page. Please read some of my more important pages if you have the time:

Comments Policy           Privacy Policy

RTCXpression established Feb 28, 2011
Copyright © 2013-2017 RT Cunningham
Hosted at Digital Ocean