The Complete Illustrated Step by Step Guide to Creating an Ubuntu LAMP Server Part 3

Tuesday, July 27th, 2010 | How-To, Linux

Part 3 – Secure and Update your installation.

We are now going to secure and update your server through webmin. Also we are going to add a firewall.

  1. Login to your server from another browser https://[hostname/ipaddress]:10000 (by default only SSL is supported, also you will probable get a message to accept the certificate.)
  2. We are first going to update all the packages installed. Go to System -> Software Package Updates -> Scroll down and select Select all -> then Update Selected Packages.
  3. Click Install Now. You can now watch as it updates.
  4. Now it’s time to restrict who can access webmin. Go to Webmin -> Webmin Configuration -> IP Access Control
  5. Change the setting to “Only allow from listed addresses”. In the box put in your IP addresses you will be managing the server from. Here I have my local LAN and using no-ip’s dynamic DNS server I have a laptop that will allow me to manage the server from outside the network (My laptop will update that DNS address and my server will grab the latest address when I login to verify). If you are using a system like mines (Dynamic DNS) you would also want “Resolve hostnames on every request?” enabled. Then Click Save.
  6. Now that Webmin is secure let’s now add a firewall. Go to Network -> Linux Firewall -> Then select “Allow all traffic”, Checkmark “Enable firewall at boot time?”, and Finally Setup Firewall.
  7. This will enable the firewall. Now it’s time to make some rules. First under “Incoming packets (INPUT)” click Add Rule.
  8. The first rule is for Webmin Then make another one for the Web Server. You will need to do something like this.
    Rule Comment: “Webmin”
    Action to take: “Accept”
    Network protocol: “Equals” “TCP”
    Destination TCP or UDP port: “Equals” “Port(s) 10000”

    Rule Comment: “Web Server”
    Action to take: “Accept”
    Network Protocol: “Equals” “TCP”
    Destination TCP or UDP Port “Equals” “Port(s) 80”

  9. Repeat 7-8 for other ports you will need like Port 80 for the web. Then change the default action for “Incoming Packets (INPUT)” to “Drop” and Click “Set Default Action To:”
  10. Click Apply Configuration at the bottom. If you did everything right you should not be clicked out of your server. We are also done, continue on to configure install the LAMP components.

 

 

Tags: , ,

No comments yet.

Leave a comment