Would like a feature to be able to force the randomisation of the install directory for the VM install scripts

Hi VMs

I would to suggest a feature which would enable the randomisation of the install directory for the VM install scripts, so that scripts like phpmyadmin would be installed for example:

domain.com/ahaunk3wiq/phpmyadmin/index.php domain.com/zkji2nwiq/roundcube/index.php

I know this is security by obscurity, however as I am sure you are aware this would instantly mitigate robots and script kiddies which perform probes against the base domain. Greatly reducing the attack surface from automated attacks.

Using a program like pwgen with up to 14 alpha-num characters would be good.

As an administrator, it would be preferred to force this randomisation option so that it could not be disabled or overriden by the domain administrators at install time.

I would have no problem explaining to my users that this was a security measure to prevent attack. And my users would accept this.

What do you think? Doable?

Status: 
Active

Comments

Do-able .. but this would take some work to implement, and hasn't been requested by anyone else before.

Surely keeping phpMyAdmin / etc up to date is the better solution? Virtualmin makes installing updates for scripts pretty easy..

It's not about protecting out of date software, it's about preventing attacks in the first place.

For example: If you host 100 websites hosted on a single server and 1 script kiddy attack submits 100 requests, minimum. Then that's 100x100 probing requests to the server, consuming valuable CPU, Disk I/O, Bandwidth etc. which could be used by legit users.

Now, generally you get more than 1 attack per day. So lets say you conservatively get 20 script kiddy attacks per day. That then becomes 100x100x20 per day probing requests that could be prevented to your server.

Things get more interesting when a scripted attacked receives a response. If the script gets a access denied or basically anything other than 404 to /phpmyadmin then the script changes automatically and literally pounds the server as long as it can.

Simple solution, move the default location and randomise. Problem solved :)

The other benefit is that those initial probing attacks can be neatly blocked using fail2ban since it is now known that any requests to "/phpmyadmin" (as opposed to ".*/phpmyadmin") are script kiddies probing the server and therefore have a higher level of confidence in blocking an invalid user.

So I looked into this, and it is possible .. but due to the way that directory is chosen currently, it won't be possible to implement this until the 3.82 Virtualmin release. I will update this bug when it is ready though.