My context is such that I must expose Webmin to the www in order to manage my stuff. I created a rule in iptables to restrict port 10000 to my ip, it works fine. But I have 2 questions:
Do administrators commonly restrict port access to mac addresses? (latop, work, home, pda?)
If I ban remote root logins, will I have to create a new user in webmin with root privs? … or does Webmin have a sudo’ish command to change into root administration mode?
For those who wish to restrict the Webmin port, most do it by IP address, I don’t hear of many doing that by MAC address.
You can also edit the root user in Webmin, and tie the root user to a specific IP address (ie, that means you could log in as root, but only from that one IP). I know when using Virtualmin, that it treats a user with sudo rights as a Master Admin. I suspect the same would be true for Webmin – though I’d suggest working out the kinks with that before disabling root
I have webmin/virtualmin on 7 servers and restrict access to a single ip address. If I need to manage anything remotely, I vpn into the network that has access and can manage the servers from there.
