Hi All,
First of all, thanks everybody for helping me out every single time. Great forum, and great product (virtualmin & webmin)!
I`m tuning the security of my server and I wonder if there are any recommendations / other users experiences with the use of Webmin > Networking > Firewall.
I see it comes with a default set of rules. Is this a safe list and is this good for basic security, or are there other ways to improve this? For example, I see rules for ports FTP and FTP-data but I only use SFTP and SSH, should I delete those rules to improve security?
Also a question about how ip tables works, if I want to block a specific port, do I need to add a rule for that port and set action to reject, or will it block everything by default except for the rules with action allowed?
Thanks a lot!
Howdy,
Most servers don't actually have a firewall enabled by default, so I'm not sure what settings you have set on yours at the moment.
However, I'll offer that if you aren't using a service, you may want to stop it altogether (and you can still block it with the firewall if you want).
You can disable services by going into Webmin -> System -> Bootup and Shutdown.
-Eric
Also a question about how ip tables works, if I want to block a specific port, do I need to add a rule for that port and set action to reject, or will it block everything by default except for the rules with action allowed? You should block all ports and open only what you need. In this way you are sure that only incoming connection will be over the ports you are using and monitoring.
- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.
Thanks both for your help!
@Andreycheck:
Furthermore, I don`t really understand what you mean with this: "However, I'll offer that if you aren't using a service, you may want to stop it altogether " What service are you talking about?
Do you say this is not added by Webmin, but maybe by my host when creating the VPS and installing their linux package on it? It could be both. Best would be to change that rules to something what you need on your server. But please if you dont know what are you doing dont touch anything as there is 50:50 chance you will lock yourself out and then only console, fresh OS install or direct help from your host can unlock your server. What service are you talking about? For example if you are not using FTP go to Webmin -> System -> Bootup and Shutdown and change it so it will not start with the server and then you can restart your server so the changes can take effect or just turn it off in the same menu.
- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.
Hi Diabolico,
Thanks again for your help, highly appreciated!
I know a little bit about networking and firewalls. I know I login to Virtualmin over port 10000 so If I at least allow that port then I could login to virtualmin and change things from there like allow SSH, IMAP etc.
Thanks for the tip about disabling modules! I indeed do not use FTP so I disabled that. I now get what you mean :) But there are still rules in my firewall to allow FTP protocol, but I think I should delete that manually to tighten up the security.
But I'll going to read a few articles about IP tables first before I do anything crazy and lock myself out ;) So I'll just play around carfefully a little bit and I think I'll figure it out.
One last question though, is there some option in webmin to disable firewall entirely (just in case of emergency or something)? I only see the button 'apply configuration', 'revert configuration' and 'activate at boot' but I don`t see something like 'disable firewall'.