Web GUI location and how to protect it?

N

nttec

Well-Known Member
Jun 1, 2016
95
0
46
41
may I asked the location of proxmox web gui? I am thinking of putting an .htpassword on it, is that possible to do that? I am worried that someone might get an interest on it and try to hack it. is there a better way to protect it?
 
Hey,

it runs on port 8006. Is your instance on a public IP, or can it only be accessed from within the same network? The only way someone might hack it, is by guessing the password, and the best protection against that is choosing a strong one. However, if you'd like to prevent others from even trying you can restrict the IP addresses that can access the GUI in the first place. One way to do that is with a reverse proxy, it forwards(or doesn't) requests arriving the port to the server, https://docs.nginx.com/nginx/admin-guide/security-controls/controlling-access-proxied-tcp/ or ttps://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/ might be something to take a look at.
 
Hannes Laimer said:
Hey,

it runs on port 8006. Is your instance on a public IP, or can it only be accessed from within the same network? The only way someone might hack it, is by guessing the password, and the best protection against that is choosing a strong one. However, if you'd like to prevent others from even trying you can restrict the IP addresses that can access the GUI in the first place. One way to do that is with a reverse proxy, it forwards(or doesn't) requests arriving the port to the server, https://docs.nginx.com/nginx/admin-guide/security-controls/controlling-access-proxied-tcp/ or ttps://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/ might be something to take a look at.
Click to expand...
Yes my instance is on public IP.
 
Hannes Laimer said:
Hey,

it runs on port 8006. Is your instance on a public IP, or can it only be accessed from within the same network? The only way someone might hack it, is by guessing the password, and the best protection against that is choosing a strong one. However, if you'd like to prevent others from even trying you can restrict the IP addresses that can access the GUI in the first place. One way to do that is with a reverse proxy, it forwards(or doesn't) requests arriving the port to the server, https://docs.nginx.com/nginx/admin-guide/security-controls/controlling-access-proxied-tcp/ or ttps://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/ might be something to take a look at.
Click to expand...
I'm thinking of putting that .htpassword. but I am not sure which is the default httpd service is being use by proxmox. I am seeing lighthttpd and apache2 on /etc. would you know which one is being used by the default HTTP service of proxmox?
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom