Control Web Panel
Developers => Suggestions => Topic started by: Automata on June 06, 2019, 01:53:29 AM
-
Hi,
First of all i wish to congratulate all the programmers of both CWP (Centos Web Panel) and CWP (Centos Web Panel) PRO for the excellent work they do and for the excellent product they have created, truly excellent from all points of view.
Having said that, i ask you to consider the implementation in CWP (Centos Web Panel) of Two-Factor Authentication (2FA) - Google Authenticator both for the Administrative part and for the User side.
I know you are always very busy developing CWP but i hope you can consider this suggestion of mine which i believe would be appreciated by all users of CWP (Centos Web Panel) and CWP (Centos Web Panel) PRO !
Thanks.
-
suggestion noted.
The development team will look into this
-
suggestion noted.
The development team will look into this
Hi "evansa" and thanks for the support.
-
You are welcome :)
-
Hello and thank you for the awesome development of this product! I specifically registered to 2nd this suggestion. I use Authy for all my high priority logins and this would be an appreciated addition.
Thank you
-
Any idea if 2FA is already developed?
-
suggestion noted.
The development team will look into this
Hi "evansa", you have any news for this request ?
Thanks in advance for the support.
-
Hi, just registered to support this suggestion
-
suggestion noted.
The development team will look into this
:) Hi "evansa", you have any news for this request ?
Thanks in advance for the support.
-
Hi all. All the best for the new year.
Just adding my voice to this request - yes please. No longer a luxury, I think.
-
I released a module of you all would like to try it out. Check the modules board.
-
This will be very soon in the user panel and admin!
-
Seen that for almost 2 years. No offense.
-
This will be very soon in the user panel and admin!
How soon is this very soon from February?
-
Any news on this one chaps/chap-ettes? ;D
This would be highly beneficial....
Regards
-
How I will enable 2FA for admin ( root)?
-
I too am interested in a 2FA option for admin. I realize it is available for the user panel. A bit surprised not for the admin, which I would have lot to be a higher priority.
Thanks for all you do, I am very new to the CWP world, but really appreciating what I see so far.
-
Is this still not possible for the CWP admin panel?
-
If you truely want to secure your CWP Admin interface, do the following.
Setup DDNS somewhere (No-ip is a good free version)
edit /etc/csf/csf.dyndns and add your ddns hostname there
edit /etc/csf/csf.conf
find DYNDNS set it to a value of 600 (10 minutes) DYNDNS="600";
find DYNDNS_IGNORE = "0" and change it to 1
On TCP_IN and TCP6_IN, remove port 2086,2087,2030,2031.
then restart csf. csf -r
You can still login to CWP as long as your match your dyndns, as it allows you through the firewall on all ports.
-
If you truely want to secure your CWP Admin interface, do the following.
Setup DDNS somewhere (No-ip is a good free version)
edit /etc/csf/csf.dyndns and add your ddns hostname there
edit /etc/csf/csf.conf
find DYNDNS set it to a value of 600 (10 minutes) DYNDNS="600";
find DYNDNS_IGNORE = "0" and change it to 1
On TCP_IN and TCP6_IN, remove port 2086,2087,2030,2031.
then restart csf. csf -r
You can still login to CWP as long as your match your dyndns, as it allows you through the firewall on all ports.
I've done all of the above EXCEPT remove ports 2086, 2087, 2030, and 2031 (playing it cautious). The system is giving me "Not Found" when I go to HTTPS://<hostname>/login/index.php
Any quick advice?
-
Use https://hostname:2031
It's possible the proxy get's broken.
YOu can also add your hostnames IP to the /etc/csf/csf.allow, but I believe that will open up the system to the possibility of brute force attacks again
-
Use https://hostname:2031
It's possible the proxy get's broken.
Pardon my ignorance but isn't port 2031 supposed to be closed? Isn't that the idea for using DynDNS?
-
2031 is closed to all traffic not "ALLOWED" through the firewall. By having a DDNS address in the allow list, you are bypassing the firewall.
Ports 443, and 80 are run by different software than all of the other ports. Therefor, if you don't add the port on the end of the URL, those softwares don't know how to route them to cwpsrv.
-
Noted with thanks!
-
Long time I see nobody posted but I have a bit of an issue that seems to have started after centos7 updates.
had errors so I found the uninstaller you made yo remove cwp_2fa but not xxx:2087/login/index.php not found.