Webmin - Security Warning

Macht Webmin-Referrer Check überhaupt Sinn? Durch FakeReferrer kann man es sowieso umgehen.

Security Warning     



Warning! Webmin has detected that the program https://1.2.3.4:10000/webmin/edit_themes.cgi was linked to from an unknown URL, which appears to be outside the Webmin server. This may be an attempt to trick your server into executing a dangerous command.

Make sure your browser is configured to send referrer information so that it can be verified by Webmin.

Alternately, you can configure Webmin to allow links from unknown referers by :

    Login as root, and edit the /etc/webmin/config file.

    Find the line referers_none=1 and change it to referers_none=0.

    Save the file.

WARNING - this has the side effect of opening your system up to reflected XSS attacks and so is not recommended!!

Webmin

Neuen Kommentar schreiben

Hilfe zum Textformat
CAPTCHA
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.

Suche

Neueste Kommentare

  • Wildcard

    5 days ago
    How to Renew Let’s Encrypt SSL Certificate on Plesk via Ubuntu Shell

    Let’s Encrypt will only accept a wildcard via DNS challenge. 

    If your Plesk instance can’t create the _acme-challenge.example.com TXT (external DNS), the extension can’t complete validation and will show no success. 

  • Same problem

    1 week 4 days ago
    Warning: Undefined array key "url" in Drupal\Core\Asset\CssCollectionOptimizerLazy->optimizeGroup() 
    Warning: Undefined array key "url" in Drupal\Core\Asset\JsCollectionOptimizerLazy->optimizeGroup()

  • set-timezone Europe/Berlin

    1 week 6 days ago
    Server install & config : Debian 12 + Plesk + Apache + nginx + MariaDB + Solr
    sudo timedatectl set-timezone Europe/Berlin

  • Try this:1. Go to  Tools &…

    2 weeks 6 days ago
    Warning: PHP Startup: Unable to load dynamic library 'apcu.so' ... cannot open shared object file: No such file or directory

    Try this:

  • Alternative (without warnings like "no crontab for user")

    1 month ago
    List Cronjobs for all users (via for + crontab)

    Alternative (without warnings like "no crontab for dovecot") to see all tasks:

  • php 8.3 apcu

    1 month ago
    Install APCu (PHP 8.1, Plesk)

    php 8.3 apcu failed

    über Plesk hat es geklappt.

     

  • phpize failed error?

    1 month ago
    Install APCu (PHP 8.1, Plesk)

     

    install:

    # sudo apt install php-dev

  • phpize
    # sudo apt install…

    1 month ago
    pecl install apcu : phpize: not found / ERROR: `phpize' failed

    phpize

    # sudo apt install php-dev

     

    details

  • Problem:
    /opt/plesk/php/8.3…

    1 month ago
    Install APCu (PHP 8.1, Plesk)

    Problem:

  • Problem:PHP APCu caching…

    2 months 2 weeks ago
    Install APCu (PHP 8.1, Plesk)

    Problem: