Linux Today: Linux News On Internet Time.

Securing PostfixAdmin

Feb 12, 2010, 03:03 (0 Talkback[s])

[ Thanks to Andrew Weber for this link. ]

"Securing the PostfixAdmin Directory on Ubuntu

"Many administrators who use Postfixadmin, a web based tool to manage virtual domains on Postfix, would like to secure the transactions between the PostfixAdmin program and the administrator. At the same time often you do not want to add the extra burden of SSL on the whole domain but just want to secure one directory. The solution is to create a certificate for that one directory only and also locking that directory with a password so only administrators can gain access. The example is on an Ubuntu 9.10 server, which will be very similar to most server procedures. Enable the SSL module using the “a2enmod” command. sudo a2enmod ssl

"Module ssl installed; run /etc/init.d/apache2 force-reload to enable.

"SSL Security with Apache

"The next thing you’ll need for this is a server certificate. There are two ways to get one. You can either create your own self-signed certificate, or you can request one from a commercial Certificate Authority. A self-signed one will work fine if you’re just using it for your organization’s internal operations. But, if you’re dealing with the public, you’ll want a commercial certificate that verifies that you are who you say you are."

Complete Story

Related Stories: