51.2. Restricting Access to Webmin
Webmin will accept connections from any IP address by default. Even though it is password-protected, you should limit access to only legitimate client systems, if possible, so that an attacker from outside your network cannot even attempt to log in. To do this, follow these steps:
1. | Click on IP Access Control on the module's main page to bring up the access control form. |
2. | Select Only allow from listed addresses and enter a list of hostnames, IP addresses, and networks into the adjacent text box. Networks should be entered with a netmask like 192.168.1.0/255.255.255.0. You can allow access from an entire DNS domain by entering something like *.example.com, but be aware that that is not totally secure because ... |
Get Managing Linux® Systems with Webmin™ System Administration and Module Development now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
