AWS Monster | Your Technical Partner

The hostname is used by many of the networking programs (such as sendmail, Apache servers) to identify the machine. By default, your server is started with the server’s given name as the hostname. Some software, such as cPanel, CWP , VestaCP requires a valid Fully Qualified Domain Name (FQDN) for the hostname. Types of hostnames (The hostname can be configured as follows): Static host name assigned by sysadmin. For example, “server1”, “wwwBot2”, or “host.datahead.biz”. Transient/dynamic host name assigned by DHCP or mDNS server at run time. Pretty host name assigned by sysadmin/end-users and it is a free-form UTF8 host name for presentation to the user. For example, “Rubel’s netbook”. On a CentOS Linux 7 server you can use any one of the following tool to manage hostnames: hostnamectl command : Control the system hostname. This is a recommended method. nmtui command : Control the system hostname using text user interface (TUI). nmcli command : Control the system hos

CentOS 7 comes with firewalld by default. So disable firewalld because VestaCP uses IPtables & with Fail2ban. Here Firewall - Iptables Intrusion Detection  - Fail2ban # systemctl stop firewalld.service # systemctl disable firewalld.service Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service. Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. # systemctl mask firewalld.service Created symlink from /etc/systemd/system/firewalld.service to /dev/null. Reboot your server so that all updates can take affect and then check your Firewalld Status. # reboot # systemctl status firewalld

To run VestaCP on your server, SELinux must remain disabled. SELinux in enforcing mode does not allow VestsCP to function properly. For more information about SELinux modes, read the SELinux Mode documentation. While VestaCP can function with SELinux in permissive mode, we recommend that you do not use it. Permissive mode generates a large number of log entries.To check the status of SELinux on your server, run the sestatus command. Environment Details: CPU Model: Intel(R) Xeon(R) CPU X3440 @ 2.53GHz CPU Details: 2 Core (2527 MHz) Distro Name: CentOS Linux release 7.6.1810 (Core) Kernel Version: 3.10.0-957.1.3.el7.x86_64 RAM: 8 GB Type: VPS (VmWare) At first we will disable the selinux then reboot the machine . # sestatus # vi /etc/selinux/config OR # vi /etc/sysconfig/selinux # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux print

Usermin is a web-based interface for webmail, password changing, mail filters, fetchmail and much more. It is designed for use by regular non-root users on a Unix system, and limits them to tasks that they would be able to perform if logged in via SSH or at the console. See the standard modules page for a list of all the functions built into Usermin. Follow the Process for Usermin installation : 1.Login Webmin >> Un-used Modules >> Usermin Configuration >> Install Usermin RPM package

1.Restrict IP Access Goto Webmin >> Webmin Configuration >> IP Access Control 2.Setup Auto-Logout for session Inactivity Goto Webmin >> Webmin Configuration >> Authentication 3. Change the webmin Port  Goto Webmin >> Webmin Configuration >> Post & Addresses Don't forget to allow new port on CSF Firewall.

By default, Webmin uses a self-signed SSL certificate so your web browser will warn you that the connection is not secure. You can accept the self-signed SSL certificate and proceed to the log in screen. Let's replace it with a valid certificate from Let's Encrypt. We have already generated Lets Encrypt SSL certificate for our Server FQDN using certbot. Please check the Let's Encrypt section for How to install Let's Encrypt for Server FQDN?  Click Here Open the configuration file and add the following : # systemctl stop webmin # vi /etc/webmin/miniserv.conf ssl=1 server=MiniServ/1.900 userfile=/etc/webmin/miniserv.users keyfile=/etc/letsencrypt/live/host.datahead.biz/privkey.pem certfile=/etc/letsencrypt/live/host.datahead.biz/fullchain.pem For CWP: keyfile=/etc/pki/tls/private/hostname.key certfile=/etc/pki/tls/certs/hostname.bundle # This will redirect from http to https ssl_redirect=1 Restart the Webmin Service: # systemctl restart webmin # systemctl

The Webmin is running smoothly but getting error when I'm checking the webmin status using systemctl command.  The New Issue is # systemctl status webmin -l pam_unix(webmin:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=root I'm looking for solution on web but didn't get the proper solution. Someone said that delete the "webmin" file from /etc/pam.d/ and Somebody said that Try editing /etc/webmin/miniserv.conf and removing the line ipv6=1 or just renew the self-sign certificate But I already have Let's Encrypt certificate with validity.    Just Follow this Steps: Goto Webmin >> Webmin Configuration >> Authentication >> Use "Never use PAM for Unix authentication "  OR # vi /etc/webmin/miniserv.conf no_pam=0 :x (save & close) Now Restart the Webmin and check the log , There is no warning . # systemctl restart webmin # tail -f /var/webmin/miniserv.error # tail -f /var/log/secure | gr