Rocky Linux 8.6, Linux 4.18.0-372.26.1.el8_6.x86_64 on x86_64
| Virtualmin Version 7.2
Hello, everybody!
Thank you for reading.
I heavily used Virtualmin on my servers since long time ago and I am enthusiast about this administration interface. And now, after years of inactivity, I wished to run again my own new server. I thought, now, that I could secure, challenging, the login pages at :10000 and :20000 through the use of .htaccess and .htpasswd.
Do you think is that all possible? If yes, what directories should I target? This, I am missing
Webmin does not run under Apache, it has its own web server. .htaccess and .htpasswd are Apache features.
You could proxy to Webmin, but I’m not really recommending it…it’s complicated and people often get it wrong several times before they get it right.
Webmin already has password-based authentication, it also has brute-force protection (enabled by default), and supports 2FA (you have to enable and configure this one).