Centos 7 Setup Webmin, Virtualmin, Usermin, CSF Firewall and Letsencrypt
useradd weballround
passwd weballround
exit
echo "weballround ALL=(ALL) ALL" >> /etc/sudoers
exit
clear
vi /etc/ssh/sshd_config (Change #PermitRootLogin yes to PermitRootLogin no)
#port 22
Remove # and change 22 to your desired port number
service sshd restart
yum install git -y
git clone git://github.com/webmin/webmin.git /usr/local/webadmin
sudo ln -s `which perl` /usr/local/bin/perl
passwd weballround
exit
echo "weballround ALL=(ALL) ALL" >> /etc/sudoers
exit
clear
vi /etc/ssh/sshd_config (Change #PermitRootLogin yes to PermitRootLogin no)
#port 22
Remove # and change 22 to your desired port number
service sshd restart
yum install git -y
git clone git://github.com/webmin/webmin.git /usr/local/webadmin
sudo ln -s `which perl` /usr/local/bin/perl
cd /usr/local/webadmin/
/usr/local/bin/per ./local-setup.sh
yum install python-argparse -y
git clone git://github.com/webmin/usermin.git /usr/local/useradmin
cd /usr/local/useradmin
sudo ./local-setup.sh
cd /opt
mkdir /usr/local/virtualmin
cd /usr/local/virtualmin
yum install wget -y
wget -O install.sh http://software.virtualmin.com/gpl/scripts/install.sh
/bin/sh install.sh
git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt
systemctl stop firewalld
systemctl disable firewalld
cd /usr/src/
wget https://download.configserver.com/csf.tgz
2. CSF module installation in Webmin
CSF module installation is done through Webmin interface so first you should log in to you Webmin instance. By default the address is:
http://your-server-ip:10000
After successfully login you should select "Webmin" and "Webmin Configuration":
In "Webmin Configuration" select "Webmin Modules":
In "Webmin modules" select "From local files" and specify the path to module archive and isntall module.
NOTE: if you are using "Authentic Theme 18.10" you should remove "csf.min.js" file because of a bug:
3. CSF configuration
After successfully installation you can now configure your ConfigServer Security & Firewall. Select "System" and "ConfigServer Security & Firewall" in your Webmin instance:
You should now see that there is two notices that we need to take care of. So select "ConfigServer Firewall" and then select "Firewall Configuration":
First we will turn of testing mode:
And then we should restrict syslog/rsyslog access:
After these changes press the button "Change" at the bottom of the page and "Restart csf+lfd" afterwards.
That it, now you have fully working ConfigServer firewall. For more information regarding CSF please visit their
git clone git://github.com/webmin/usermin.git /usr/local/useradmin
cd /usr/local/useradmin
sudo ./local-setup.sh
cd /opt
mkdir /usr/local/virtualmin
cd /usr/local/virtualmin
yum install wget -y
wget -O install.sh http://software.virtualmin.com/gpl/scripts/install.sh
/bin/sh install.sh
git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt
systemctl stop firewalld
systemctl disable firewalld
cd /usr/src/
wget https://download.configserver.com/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh
2. CSF module installation in WebminCSF module installation is done through Webmin interface so first you should log in to you Webmin instance. By default the address is:
http://your-server-ip:10000
After successfully login you should select "Webmin" and "Webmin Configuration":
In "Webmin Configuration" select "Webmin Modules":
In "Webmin modules" select "From local files" and specify the path to module archive and isntall module.
/usr/local/csf/csfwebmin.tgz
NOTE: if you are using "Authentic Theme 18.10" you should remove "csf.min.js" file because of a bug:
rm /usr/libexec/webmin/authentic-theme/extensions/csf.min.js -f3. CSF configuration
After successfully installation you can now configure your ConfigServer Security & Firewall. Select "System" and "ConfigServer Security & Firewall" in your Webmin instance:
You should now see that there is two notices that we need to take care of. So select "ConfigServer Firewall" and then select "Firewall Configuration":
First we will turn of testing mode:
And then we should restrict syslog/rsyslog access:
After these changes press the button "Change" at the bottom of the page and "Restart csf+lfd" afterwards.
That it, now you have fully working ConfigServer firewall. For more information regarding CSF please visit their
Comments
Post a Comment