One of my backup servers was recently hacked, which has made all of us a bit nervous about the security situation of the main (virtualmin) server. Aside from firewall and ssh settings, we want to improve security on the services that have to remain open, such as usermin/webmin and ftp for end users.
Usermin is already using ssl, so that leaves ftp, which we can’t turn off, but want to protect better. We already are using ssl, but perhaps it would be nice to have the option of using vsftpd instead of proftpd. Is this possible? I tried removing proftpd (yum remove proftpd) and was informed that virtualmin-base also had to be removed.
Is there a safe way to make this change? Is the change even worth it?