I would like to suggest here some simple services that could be included in webmin/virtualmin/cloudmin to differentiate our beloved control panel from servers. It would be great if you could add ideas to expand on this suggestion.
If your list is still empty, you definitely have to put on that list the following (commonly used by bots and hackers) usernames: admin, administrator, manager, editor, user, demo, test .
You can use regular expressions (REGEX) in the list of prohibited usernames.
Ok, are you saying that when an app is removed via Virtualmin’s Script Installer, the default home page should be put back automatically by Virtualmin’s Script Installer?
Again, do you mean the list of alias email addresses?
I think it is never empty when a virtual server is created. The RFC compliant defaults are always created and configured to forward mail to domainname@domainname.tld or to the email address of the administrator, if it is specified.
Of importance here is your inclusion of the admin alias. Some countries, including mine, have stumbled upon (decided we would be incorrect, bureaucrats tend to stumble upon such things) the idea of using admin@domainname.tld as the email address to use, rather than postmaster@domainname.tld or other RFC compliant email addresses defaults that the rest of the world uses, for things such as authorising domain transfers from registrars which have gone under during the pandemic, e.g. Net4India, causing its own little chaos.
So, yes, could the admin mailbox alias be included in Virtualmin’s defaults to safeguard one sixth of the human population from bureaucratic whim? Please?
Edit: the following email aliases are created by Virtualmin automatically:
abuse
hostmaster
postmaster
webmaster
I have requested admin be added to the list
You, @li9-hst_web-services have requested:
admin
administrator
manager
editor
user
demo
test
Here is what I do to block lay users from usurping the suddenly important admin@domainname.tld mailbox. I go to Virtualmin → Mail Options → Edit Mail Aliases and manually add admin to the list.
Perhaps you could do the same for the others which you wish to reserve, @li9-hst_web-services
1 Like
Yes, I’ve been having this problem when I install an app for a client so they can view. Since we don’t have a staging option in development and distant clients, I don’t send screenshots of my offline development to give you a full idea of the navigation. So I install the app, offer the link for him to come in and check it out. When I uninstall the page does not return the default home page.
cannot this be simply done by your own “management”? As it depends on what is by now the default home page. Or do you mean return it to the default Virtualmin page. This also depends on what the application is - a NodeJS, Python, PHP app will potentially have different impacts on the website and its settings
Simply return it to the default home (default page) after deleting the app.
One of the goals here is to allow access to the set (webmin-virtualmin-cloudmin) to more users of various standards, aiming to grow revenues to provide more facilities and services to existing users. This “our” system is the one that REALLY allows the control of applications, servers, emails, etc., while the others are packages with few effective controls. Who knows, standards could be created for use as professionals, agencies and developers, close to the big players.
- Could Google Authenticator be automated after including the code, with Ajax?
- Could the user ID and password in the apps when the app page with this information is generated be highlighted in bold? I even see some with a dot at the end, which doesn’t belong to the password.
Another example of a product that could be installed and that the user could choose from is ConfigServer Security & Firewall (CSF).
It is excellent for server security with many configuration options, as is the webmin - virtualmin - cloudmin.
Many detail the information on their own forum.
Installation is not difficult, but offering ease in optional services facilitates the purposes of expansion / sale of the products that we all use and like very much.
Seems very CPanel orientated, and anything that thinks Ubuntu 22 and later is so new not to be supported seems like not worth the effort.
It’s available already:
it is not quite a 1 click install, though not hard to install.
I get mixed messages from the Devs about CSF. They say it is very good and they do use it but does not give much more features or security that fail2ban so you should stick with fail2ban that comes with Virtualmin.
Does this mean it is not available on Ubuntu 22.xx + ?
Slightly off topic:
Maybe Virtualmin website could have a uservoices style thing where new features could be asked for and then people could vote on them.
1 Like
It is. It’s operating on my machine sporting Ubuntu 22.04.xx
I don’t want the additional support burden of having a bunch of different firewall options, and I don’t like how complicated the resulting CSF firewall is. CSF is fine for routers and edge devices, but it’s overkill for a web server, IMHO.
Ilia uses it and likes it, and so the CSF module is well-maintained, AFAIK.
from what I read it only listed Ubuntu 20.xx (which is already a bit lame) but at least Ubuntu was on the list so there is some hope - perhaps the pages I was looking at are just out-of-date.
like your comment I too was having a mental problem of finding something worth the effort. (I simply have too many VMs to be worth using my (free) time)
CSF has profiles to facilitate security implementation. This makes installation simple. For advanced users, one can analyze each item and adjust as needed.
I believe that the efficiency is much higher.
Consider adding a feature to clean temporary files across distros in Webmin/Virtualmin/Cloudmin, and restoring the Virtualmin homepage automatically after app installations.
Do Nothing as Webmin seems to do everything it needs to when deleting, however I have no clue with cloudmin
Is it possible, in the face of several demands that I see, to have in the portfolio, migrations from other control panels?
This would make it easier for beginners, who would migrate more easily.
currently supported migrations
- cpanel
- plesk
- DirectAdmin
1 Like