These forums are locked and archived, but all topics have been migrated to the new forum. You can search for this topic on the new forum: Search for Simple security & firewall plugin for Webmin on the new forum.
Though it's pretty simple to set up the iptables firewall in Webmin, I've been looking for an "easy button" firewall/security plugin...
Here's one that looks promising: http://www.configserver.com/cp/csf.html
...looks like it has some good features, including warning/reporting.
...anyone have experience with it?
From what I have seen it comes with the ability to block a range of IP's that other organization already blacklists. That would be a nice addition to have with the webmin firewall module where you can enter range of IP's to block. It seemed easy to setup. You might have a problem using it if your server is a VPS. Someone has posted a solution on their forums but I haven't really tried it out.
Firewalls are of limited utility in a hosting environment, but Webmin does provide a comprehensive interface to iptables (and it's not a hacked together pile of shell scripting that most "firewall" products are--it actually parses and manages the standard iptables save file format, so it can build and manage any firewall that Linux can support).
There is a Simple Firewall module that Jamie wrote a while back that is more clicky than the Linux Firewall module, but it's pretty limited (in the same way that most of the other firewall scripts and GUIs out there are), so I don't necessarily recommend it. But if you're really afraid of learning how iptables works, and you will feel better having a firewall running (even if firewalls can't really do much useful on a web server), then it might be a good choice.
Note that logwatch on Red Hat-based systems already reports on all of the stuff mentioned in that CSF web page, if you just make sure your root mailbox aliases correctly to an address that you read regularly. So, reporting can be useful, and your system probably already has those reporting features, and they happen at the application layer where all the interesting data really lives.
Since it comes up a lot here in the forums, I'm going to write up a security and firewall document for the documentation page. There's way too much misinformation out there (often from people that want to sell you some security snake oil). I'll try to get that wrapped up today.
--
Check out the forum guidelines!