Hi guys, I have just installed a fresh Webmin/Virtualmin on my new Ubuntu server. I see that the FQDN when installing Virtualmin has been SSL signed successfully, but I don’t know whether it is set to auto-renew. I just look at the Webmin → Webmin Configuration → SSL Encryption but I am not sure that I have to set the option Month between automatic renewal to a number or leave it as default. Please help me, thank you guys so much!
Clarify: I installed Virtualmin with the domain name I defined in /etc/hosts (test.domain.com). Then I can access to it via https://test.domain.com:10000 successfully, so now I want to know if this domain is auto renewal.
are you using virtualmin ? if so setup the SSL certificate using virtualmin rather than webmin, you don’t need to set this in webmin if your domain is correctly setup in virtualmin
yes I am using Virtualmin with different domain and Webmin with different one. I see in Virtual the doamain1.xyz.com has auto renewal enable. But in Webmin SSL configuration , domain2.xyz.com I can’t see SSL auto renewal (I access webmin via https://domain2.xyz.com:10000 and create Virtual server in Virtualmin with domain domain1.xyz.com)
I really don’t understand what you are doing, webmin is available to all hosted domains by just adding :10000 to the url
example domain1.xyz.com:10000 or domain2.xyz.com:10000
will navigate you to the same place
webmin & virtualmin are not separate products, they work together
Virtualmin Let’s Encrypt management is independent of the stuff in Webmin. If you have Virtualmin, use Virtualmin for Let’s Encrypt, and login to Webmin on any domain managed by Virtualmin. (If you have an automatically created domain for the system hostname that Virtualmin made during the installation, that’ll also probably work, but you never need to use the system hostname for anything once you have Virtualmin domains).
Currently I have no Virtual servers so I just concern about the “automatically created domain for the system hostname that Virtualmin made during the installation” . Because I use that domain for login to Webmin/Virtualmin to manage the server so I want to make sure its SSL config is auto renew.
You appear to have 2 domains, but as @Joe said you don’t have worry about that just use a domain created by virtualmin to give you a secure connection, I have a server where the system hostname does not resolve and everything works fine
If I have a fresh install Virtualmin and I access to it via https://domain01.xyz.com:10000/ to manage my server or create virtual servers, etc. How to make sure domain01.xyz.com SSL cert is auto renew, I just concern about it now, not the domain of virtual hosts
P/s: just to clarify, the two domains you see above that I created a test server, installed Virtualmin access via https://domain1.xyz.com:10000 and then created a virtual host with domain2.xyz.com on that server so that I can compare the SSL config of each other
If there are something missing, please let me know
Thank you!
Create some domains in Virtualmin and forget about the system hostname. You can use any Virtualmin-managed domain to login to Webmin/Virtualmin. So, do that.
Because I want to use the system hostname as the domain that the admin will access to manage the whole server.
If I create Virtualmin domains, it means that admin can login to Webmin/Virtualmin by any domains on the server.
Is there a way to limit that only the system hostname is used for highest priviledge admin tasks? Like if you have admin account you can only go to system hostname to do things, not other domains.
And like you said, if that the best way to go with Virtualmin/Webmin, I will go with that. Thank you.
It does not matter, if you use the system hostname or any hosted domain to access webmin/virtualmin. If a super user logs on they will have access to the system, unless you just curb their privileges to whatever modules you see fit
yes but if someone have the public domain of a virtual server, they can just put the port 10000 to that url and see the login page of webmin. I just want to mitigate that by allow only the https://:10000 to be the login url of admin.
If I understand wrong, please correct me, thank you
[quote=“vminh, post:13, topic:133353”]
I just want to mitigate that by allow only the https://:10000 to be the login url of admin.
[/quote]mix
what harm can it do ? Webmin is pretty robust with it’s security, but if you also set the fail2ban webmin jail anyone how tries to login with incorrect credentials gets banned from the server.
You can also restrict the IP addresses that can access Webmin by
you can even restrict allowed users to certain times of the day or days of the week that they can access Webmin.
Or add 2fa to the
You will notice that cpanel does exactly the same thing so webmin is not unique in this
Thank all guys, because I see that there are so many url to put the login credential in so I am a bit concerned. As you guys that it’s OK to have that on Webmin/Virtualmin, I think I will go for it and add more security feature to the admin user
