Never Ending Security

It starts all here

How to install Virtualmin GPL on Ubuntu Server

My installation was done using Ubuntu Server 14.04.1 LTS.

Connect to your fresh install Ubuntu Server using SSH.

ssh -l lab1

I prefer to run the installation process as root for this I will have to create a password for root user on Ubuntu server.  The Virtualmin install script also requires to be run as root.

Create root password.

sudo passwd root

Enter password of lab1 (replace lab1with your account).

Then enter new UNIX password for root.

Then change to root user.

su root

Enter the password of your user account when prompted.

Then move to directory.

How to install Virtualmin GPL on Ubuntu Server

cd /usr/local/src

Make the script executable.

chmod +x

If you OS is among the supported OS listed your good to proceed.

os supported

Enter y.

When asked for a fully qualified hostname enter your hostname.

Depending on how fast your server this could take a few minutes or longer.

When you get this point and see the message Succeeded, your Virtualmin was installed successfully.

install success

Run to see if there are any upgrades for the server.

apt-get update && apt-get upgrade
Enter y.

Check for more upgrades.

apt-get update && apt-get dist-upgrade
Enter y.

Install the following packages after installing Virtualmin.

apt-get install fetchmail unzip zip pbzip2 lvm2 ntpdate curl rsync vim iftop smartmontools libjpeg-turbo-progs pvrg-jpeg atop bsd-mailx mailutils optipng pnqnq

And more.

apt-get install php5-curl php5-dev php5-gd php5-idn php5-imagick php5-imap php5-mcrypt php5-memcache php5-mhash php5-ming php5-mysql php5-ps php5-pspell php5-recode php5-snmp php5-sqlite php5-tidy php5-xmlrpc php5-xsl php5-odbc php5-dev apache2-prefork-dev aspell-en imagemagick make memcached g++ graphicsmagick whowatch zabbix-agent

If you use WordPress like I do there are some plugins which require software which may not be available through the normal Ubuntu or Debian repository.  Like for instance pngout, this can be downloaded from here then upload it to /usr/bin.

Do it one more time.

apt-get update && apt-get upgrade

Then do this to remove no longer needed packages.

apt-get autoremove

When there are no more upgrades proceed below.

To complete installation go to URL of the newly installed Virtualmin GPL.

On Firefox click to add exception to accept self-signed certificate.  Then confirm.

self sign cert

Login using root.

Click Next.
Pre-load Virtualmin Libraries: Y
Run email domain lookup server: Y
Run ClamAV server scanner: Y
Run SpamAssassin server filter: Y
Run MySQL database server: Y
Enter MySQL password. Click next

You can create the MySQL root password using this site.

pass generator

MySQL configuration size: Leave default settings.

Click next.

Skip check for resolvability (If DNS is not yet setup for server’s fully qualified domain name)

Password storage mode: Only store hashed passwords.

Click next, next.

Install updates if Virtualmin shows any.

virtualmin updates

Click System Information menu.

Click re-check and refresh configuration. I got this error after running check.

virtualmin configuration error

Easy enough to fix. I just have to add into list of DNS servers as the error suggest. If you missed that part go to Webmin > Networking > Network Configuration > Host and DNS client. Click save. Then apply configuration.

DNS settings

Another error.

Another error

I don’t need to use mailman so I have this disabled by going to menu Virtualmin > Systems Settings > Features and Plugins then uncheck mailman. Click save.

disable mailman

When you see the Virtualmin status page you’re ready to go.

virtualmin dashboard

At this point Virtualmin should be setup ready for use as indicated by two separate top menus on the left. Virtualmin and Webmin.  Virtualmin is primarily used for managing virtual websites. Webmin is used to manage the Linux server using point and click instead of only using command line tools.

virtualmin and webmin menu

Before I start creating any virtual website accounts I like to tighten up security by doing the following.

Changing the administrator account and deleting the root account created by the install script. Going to Webmin > Webmin Users > click on root > clone. Fill out the account details. I prefer to use a difficult username for the Webmin account on top of a hard password to guess. Also limiting what IP addresses can connect to the admin port.

Note: to find your IP address click here.

Click create.

cloning root

Your user account appears as one of the Webmin users. Clicking on it then switch to user, then refresh page. I am now login as user admin P3p0t.  The next step is to delete the root account. Going to Webmin > Webmin Users > delete root.

Next is to stop brute force attempts directed at Webmin. Under Webmin configuration > Authentication. Limiting failed login attempts to 3 and blocking host and users for 3 hours. Click save.

block failed login attempts

Webmin’s default port uses 10000. I prefer to change this as well to something else. You can come up with your own unused port to use.  In Webmin configuration > Ports and Addresses.

change webmin port

I will also change the default port SSH uses to something else other than 22.  By going to Servers > SSH Server > Networking. Save and Apply changes.

ssh port change

Check my other article to tighten your security here.

Delete Virtualmin GPL install script when everything has been setup.

rm /usr/local/src/

Enjoy the best free Open Source cpanel!

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s