Submitted by just_me on Thu, 07/26/2018 - 02:07
in the meanwhile a lot of people are running Webmin/Cloudmin/Virtualmin. It is extra manual work, to change all the standard Ports they run on (10000, 20000)
Wouldn't it be more secure, to randomize the port numbers in installation script than using 10000 and 20000 all the time?
Could give extra security,
Thanks and best j_m
Submitted by andreychek on Thu, 07/26/2018 - 10:44 Comment #1
Submitted by andreychek on Thu, 07/26/2018 - 10:55 Comment #2
Howdy -- thanks for contacting us!
Well, the trouble here is that Webmin has been on port 10000 since the mid-90's, it's what folks have come to expect. If we change that, and an admin forgets what port it's been randomly set to, that could be troublesome!
Webmin also has a bunch of anti-password guessing features that are enabled by default, so installations don't end up with a lot of security breaches.
All that said -- I'll pass this along to Joe in case he wishes to explore this. If he likes the idea, perhaps he could explore adding an optional parameter via the Installer.
If Joe does choose to implement your idea, it'd probably be down the road a bit before that's released... in the meantime, I see you're using a Cloudmin 50, one option would be to create a new Cloudmin image where the port is set to a non-default port. You could then use that image when creating a new Virtual Machine, along with any other settings you wanted changed.
Submitted by just_me on Thu, 07/26/2018 - 14:14 Comment #3
I know. If you could make an option within the script and send that information in an email, it wouldn't get lost, right?
Thanks and best
PS: I would like to create containers, but i am not able to adress them with an own subdomain each, see my other issue...
Submitted by andreychek on Thu, 07/26/2018 - 14:39 Comment #4
Thanks for the input! I let Joe know about your request, we'll see what he has to say.
We'll be adding a
webminCLI tool in the near future (probably even before we branch 2.0), and changing any Webmin config value will be one of it's features. So, after install you'd be able to run a single command to change the port and apply the change.
In the meantime, you can run something like:
# sed -i 's/port=10000/port=9999/' /etc/webmin/miniserv.conf
# sed -i 's/listen=10000/listen=9999/' /etc/webmin/miniserv.conf
# service webmin restart
You'll also need to update your firewall if you have one, to allow whatever port you choose. Randomizing is not an option; that'd be a usability nightmare.