Webmin - Security Warning

Macht Webmin-Referrer Check überhaupt Sinn? Durch FakeReferrer kann man es sowieso umgehen.

Security Warning     



Warning! Webmin has detected that the program https://1.2.3.4:10000/webmin/edit_themes.cgi was linked to from an unknown URL, which appears to be outside the Webmin server. This may be an attempt to trick your server into executing a dangerous command.

Make sure your browser is configured to send referrer information so that it can be verified by Webmin.

Alternately, you can configure Webmin to allow links from unknown referers by :

    Login as root, and edit the /etc/webmin/config file.

    Find the line referers_none=1 and change it to referers_none=0.

    Save the file.

WARNING - this has the side effect of opening your system up to reflected XSS attacks and so is not recommended!!

Webmin

Neuen Kommentar schreiben

Hilfe zum Textformat
CAPTCHA
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.

Suche

Neueste Kommentare

  • Same with Drush 13 + PHP 8.3 and my Solution

    1 month 3 weeks ago
    [preflight] The following restricted PHP modes have non-empty values: {open_basedir}. This configuration is incompatible with drush.

    Same with Drush 13 + PHP 8.3

  • Error : Failed to install the required package 'RPM' by using AP

    1 month 3 weeks ago
    Acronis CyberProtect Agent For Linux (Strato Root Server)

    Initializing...

    Error : Failed to install the required package 'RPM' by using APT. Please install it manually. 

    Exit

    Solution:

  • Installieren & Aktivieren

    1 month 3 weeks ago
    Acronis CyberProtect Agent For Linux (Strato Root Server)

    So habe es installiert und dann mit Hilfe von Key/Code (über Website von Acronis Cyber Protect) aktiviert:

  • I have a view with a path…

    1 month 3 weeks ago
    No route found for the specified format html. Supported formats: csv, json. (Drupal Routing)

    I have a view with a path like /my-content-export to export entivies as JSON or CSV.

  • admin_toolbar 3.5.2 is the…

    2 months ago
    InvalidArgumentException: The controller for URI "/admin/flush" is not callable.

    admin_toolbar 3.5.2 is the reason. Patch coming ...

  • Drupal 10.4, in a custom View

    2 weeks 6 days ago
    PDOException: SQLSTATE[40001]: Serialization failure: 1213 Deadlock found when trying to get lock

    Drupal 10.4:

  • Tools & Settings >> Security…

    2 months 4 weeks ago
    Server install & config : Debian 12 + Plesk + Apache + nginx + MariaDB + Solr

    Tools & Settings >> Security Policy :

     Allow only secure FTPS connections 

  • List config vaiables

    4 months 1 week ago
    MariaDB Server Performance Optimieren

     

    /usr/sbin/mariadbd --help --verbose | grep "query.*size"

  • Restart MariaDB / MySQL

    4 months 1 week ago
    MariaDB Server Performance Optimieren

    Commandline:

    systemctl restart mariadb

  • MariaDB Restart (after changes in /etc/mysql/db-performance.cnf)

    4 months 1 week ago
    MariaDB Server Performance Optimieren

    After my changes in /etc/mysql/db-performance.cnf