I want to restrict access to the Dashboard / Management Console to only my own IP Address

SMP Debian 5.10.179-1 (2023-05-12) x86_64 GNU/Linux
SMP Debian 5.10.179-1 (2023-05-12) x86_64 GNU/Linux
Virtualmin version 7.7

I want to restrict access to the Webmin server for only my IP-Address. It runs on a VPC Linode, which I can access as root via SSH Key Pair.

I used Plesk before and I could configure MFA, which was secure enough for me. I did some research of how to restrict access and found this:

I could enter my ISP’s IP Address and should have access to the Webmin server with this address. HOWEVER, if my router resets, I will be assigned a new IP address and obv. I cannot know what it will be, so I will lock myself out. I could probably edit some config file if I login via SSH to the Server itself.

How would I do this? Where is this file where this info gets stored?

Or, maybe there’s an even better solution I don’t know of?

Having this open in the internet seems… less than Ideal.

In the minserv.conf file, if you know the range of IP’s your provider uses, then use that. Maybe ask them.

Webmin also supports 2FA, and has for many years.

https://doxfer.webmin.com/Webmin/Enhanced_Authentication

Would this be the module to be activated?
Authen::OATH 2.0.1-16.el8.vm
I’ve read many articles on this 2FA topic and here I have never been able to deploy. I see that there are some threads mentioning the topic, but all of them, to me (Almalinux 9.2, and everything else updated), are not effective.

https://github.polettix.it/ETOOBUSY/2022/06/28/oath-toolkit/

https://metacpan.org/pod/Authen::OATH

https://blogs.perl.org/users/hightowe/2022/07/totp-with-perl-and-authenoath.html

Yes thanks about pointing that out. I see the icon on the Webmin Configuration page and have also setup MFA using the Google Authenticator app. I might have phrased it wrong in my OP.

What I meant was: I used Plesk with MFA, but I find it more convenient (and maybe even more secure?) to grant access only to allowed IP addresses.

You can enable it here, and then you can set it up

On Alma:

dnf install perl-Authen-OATH

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.