Professional Web Applications Themes

Webmin running under HTTPS - Linux Setup, Configuration & Administration

John Zoetebier wrote: > Somehow Webmin 1.090 refuses to run under HTTP. > It wants to run under HTTPS only. > This is a lot slower than HTTP. I gues up to 5 times slower. > Is there a way I can force it back to run under HTTP ? > Yes, Under the Webmin configuration. But since you are sending root passwords over your local network, I strongly, strongly urge you to switch the default port to 1000 instead of 10000, and to use HTTPS if you're in a remotely public environment. That, or restrict it to access only ...

  1. #1

    Default Re: Webmin running under HTTPS

    John Zoetebier wrote:
    > Somehow Webmin 1.090 refuses to run under HTTP.
    > It wants to run under HTTPS only.
    > This is a lot slower than HTTP. I gues up to 5 times slower.
    > Is there a way I can force it back to run under HTTP ?
    >
    Yes, Under the Webmin configuration. But since you are sending root
    passwords over your local network, I strongly, strongly urge you to
    switch the default port to 1000 instead of 10000, and to use HTTPS if
    you're in a remotely public environment. That, or restrict it to access
    only from localhost and run your web browsers only on the server with
    webmin on them.

    If you wouldn't trust rsh and bare telnet to handle your local root
    password, you shouldn't trust webmin to handle your local root
    passwords, either.

    Nico Kadel-Garcia Guest

  2. #2

    Default Re: Webmin running under HTTPS

    In article <O5gLa.27112$Kg7.11722nwrdny01.gnilink.net>, Nico Kadel-Garcia
    wrote:
    > Yes, Under the Webmin configuration. But since you are sending root
    > passwords over your local network, I strongly, strongly urge you to
    > switch the default port to 1000 instead of 10000, and to use HTTPS if
    I always run Webmin and Usermin using https, but why the port change? I'm
    interested because I have the Usermin port (but not Webmin) open to the
    world.

    --
    Juha Siltala
    Juha Kustaa Siltala Guest

  3. #3

    Default Re: Webmin running under HTTPS

    John Zoetebier wrote:
    > Somehow Webmin 1.090 refuses to run under HTTP.
    > It wants to run under HTTPS only.
    > This is a lot slower than HTTP. I gues up to 5 times slower.
    > Is there a way I can force it back to run under HTTP ?
    .... have you even checked the webmin configuration? it's there.
    also, you might want to consider continuing the secure connection.

    --
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~
    Michael J. Tobler: motorcyclist, surfer, # Black holes result
    skydiver, and author: "Inside Linux", # when God divides the
    "C++ HowTo", "C++ Unleashed" # universe by zero

    mjt Guest

  4. #4

    Default Re: Webmin running under HTTPS

    Juha Kustaa Siltala wrote:
    > In article <O5gLa.27112$Kg7.11722nwrdny01.gnilink.net>, Nico Kadel-Garcia
    > wrote:
    >
    >
    >>Yes, Under the Webmin configuration. But since you are sending root
    >>passwords over your local network, I strongly, strongly urge you to
    >>switch the default port to 1000 instead of 10000, and to use HTTPS if
    >
    >
    > I always run Webmin and Usermin using https, but why the port change? I'm
    > interested because I have the Usermin port (but not Webmin) open to the
    > world.
    Users can typicall open ports above 1024 themselves without special
    privileges, and many firewalls don't block ports above 1024. (It takes a
    stateful firewall to really block those properly, and those aren't that
    common yet!)

    So keeping it at 1000 restricts the startup of webmin to the root user,
    and makes the casual setup of password sniffing fake webmin sites much
    less likely. It also helps keep casual scans from detecting the presence
    of your webmin server if you are exposed to the outside world,
    deliberately or by accident.

    I suspect the webmin authors used 10000 because it could, in fact, be
    setup to allow access past most casual firewall installations, but I'd
    have to ask them to be sure. Also, the ports less than 1024 are getting
    a bit crowded with registered services....

    Nico Kadel-Garcia Guest

  5. #5

    Default Re: Webmin running under HTTPS

    In article <h7iLa.2177$oF.1867nwrdny03.gnilink.net>, Nico Kadel-Garcia wrote:
    > Juha Kustaa Siltala wrote:
    >> I always run Webmin and Usermin using https, but why the port change? I'm
    >> interested because I have the Usermin port (but not Webmin) open to the
    >> world.
    >
    > Users can typicall open ports above 1024 themselves without special
    > privileges, and many firewalls don't block ports above 1024. (It takes a
    > stateful firewall to really block those properly, and those aren't that
    > common yet!)
    You mean iptables doesn't block ports > 1024? I've opened ssh, imaps and
    Usermin. I did it with Bastille, shutting down everything and opening
    these ports only.

    Security Space's scan finds only ssh and imaps so I guess they
    don't check the upper ports. Their nmap service didn't find anything
    either. I'm not worried about local users (two: me and the Lady).

    I guess I could change the ports anyway, it's not that much trouble after
    all.

    --
    Juha Siltala
    Juha Kustaa Siltala Guest

  6. #6

    Default Re: Webmin running under HTTPS

    Juha Kustaa Siltala wrote:
    > In article <h7iLa.2177$oF.1867nwrdny03.gnilink.net>, Nico Kadel-Garcia wrote:
    >
    >>Juha Kustaa Siltala wrote:
    >>
    >>>I always run Webmin and Usermin using https, but why the port change? I'm
    >>>interested because I have the Usermin port (but not Webmin) open to the
    >>>world.
    >>
    >>Users can typicall open ports above 1024 themselves without special
    >>privileges, and many firewalls don't block ports above 1024. (It takes a
    >>stateful firewall to really block those properly, and those aren't that
    >>common yet!)
    >
    >
    > You mean iptables doesn't block ports > 1024? I've opened ssh, imaps and
    > Usermin. I did it with Bastille, shutting down everything and opening
    > these ports only.
    Good job. Not everyone does their firewalls on the Linux box itself:
    setting up NFS and NIS for iptables, for example, is a bit of an
    adventure. Many facilities use the hard cruncy outer shell, soft chewy
    underbelly approach of not running any filter software on their local
    boxes and running an external firewall.

    We won't yze what I think of this in production use, but it does
    ease configuration and lighten the CPU load....
    > Security Space's scan finds only ssh and imaps so I guess they
    > don't check the upper ports. Their nmap service didn't find anything
    > either. I'm not worried about local users (two: me and the Lady).
    >
    > I guess I could change the ports anyway, it's not that much trouble after
    > all.
    Scanners only scan what they know about, scanning every port known would
    take much, much longer. (Say 1-1024 vs. 1-65536).

    Nico Kadel-Garcia Guest

  7. #7

    Default Re: Webmin running under HTTPS

    On Sat, 28 Jun 2003 12:45:34 GMT, Nico Kadel-Garcia <nkadelverizon.net>
    wrote:
    > John Zoetebier wrote:
    >
    >> Somehow Webmin 1.090 refuses to run under HTTP.
    >> It wants to run under HTTPS only.
    >> This is a lot slower than HTTP. I gues up to 5 times slower.
    >> Is there a way I can force it back to run under HTTP ?
    >>
    >
    > Yes, Under the Webmin configuration. But since you are sending root
    > passwords over your local network, I strongly, strongly urge you to
    > switch the default port to 1000 instead of 10000, and to use HTTPS if
    > you're in a remotely public environment. That, or restrict it to access
    > only from localhost and run your web browsers only on the server with
    > webmin on them.
    I do not use Webmin via the Internet.
    Nico, why port 1000 ?

    --
    John Zoetebier
    Web site: [url]http://www.transparent.co.nz[/url]
    John Zoetebier Guest

  8. #8

    Default Re: Webmin running under HTTPS

    John Zoetebier wrote:
    > I do not use Webmin via the Internet.
    > Nico, why port 1000 ?
    >
    Ah, I see you have already given an explanation elsewhere.

    --
    John Zoetebier
    Transparent Systems

    John Zoetebier Guest

Similar Threads

  1. Replies: 2
    Last Post: September 12th, 10:44 PM
  2. Replies: 0
    Last Post: August 23rd, 05:27 PM
  3. webmin
    By NM in forum Sun Solaris
    Replies: 6
    Last Post: September 30th, 01:13 AM
  4. webmin-quota fails
    By Robert C. Mosher II in forum Debian
    Replies: 4
    Last Post: July 22nd, 06:00 PM
  5. Problems with Webmin M4 on Debian 3.0
    By Peter King in forum Linux Setup, Configuration & Administration
    Replies: 0
    Last Post: July 15th, 08:22 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139