Cantech Knowledge Base

Your Go-To Hosting Resource

  1. Linux
  2. How to Install Webmin on Debian 12?

How to Install Webmin on Debian 12?

Introduction

Webmin is a web-based tool with a simple graphical interface that makes managing Linux servers super easy. It allows users to handle various tasks such as user management, software installation, and network configuration.

Debian 12 does not have a control panel installed by default, and Webmin enables smooth management on it. It does not need many complex terminal commands. Also, it offers great security with remote access and proper authentication.

Mainly, you can monitor and manage server performance without deep technical knowledge.

So, let’s get started and learn the step-wise process to install Webmin, secure it, and access it.

Prerequisites

Ensure that you have the following before you get started –

  1. A Debian 12 instance should be up and running on your server like Cantech.
  2. A domain name with an A record pointing to the public IP address of your instance (For example: webmin.example.com)
  3. SSH access to the instance with a non-root user who has sudo privileges.
  4. Your instance should be updated to the latest package versions.

For further information, refer to the Webmin documentation.

Steps to Install Webmin on Debian 12

Webmin is not included by default in Debian repositories, so you will need to add its repository first. Here’s how you can do it –

=> Open your terminal and run the below command to download the Webmin repository setup script.

curl -o setup-repos.sh https://raw.githubusercontent.com/webmin/webmin/master/setup-repos.sh

This command will save the script as setup-repos.sh

=> After the download, run the script to set up the repository.

sudo bash setup-repos.sh

After that, you will be prompted if you want to proceed; type ‘Y’ and hit Enter. This way, the script will automatically configure the Webmin repository for your system.

=> Now, the repository is set up. Next, update your package information (index)

sudo apt update

=> The update is complete. Now, you can install Webmin and other recommended packages with the following command –

sudo apt install webmin --install-recommends -y

=> Run the below command to enable Webmin to start every time your system boots.

sudo systemctl enable webmin

=> Next, start the Webmin service with the below –

sudo systemctl start webmin

=> Lastly, check Webmin’s status to verify if Webmin is running correctly –

sudo systemctl status webmin

You should see something like Active: active (running). This means everything is fine.

How to Secure Webmin

Webmin runs on port 10000 by default and uses HTTP for communication. Further, it is important to secure it with SSL certificates to prevent any security threats.

=> Open HTTP Port for SSL Validation
First, use the below command to allow HTTP traffic on port 80. This way, Let’s Encrypt can validate your domain –

sudo ufw allow 80/tcp

=> Further, restart UFW to apply the changes.

sudo ufw reload

=> Install Certbot client to generate SSL certificates from Let’s Encrypt –

sudo apt install certbot -y

=> Next, run the below command to generate new SSL Certificates for your domain –

sudo certbot certonly --standalone -d webmin.example.com -m webmin@example.com --agree-tos

(You need to use your domain in place of webmin.example.com and your email instead of webmin@example.com)
Now that the process is complete, Certbot will save the certificate and key in the following directories –

  • Certificate: /etc/letsencrypt/live/webmin.example.com/fullchain.pem
  • Private key: /etc/letsencrypt/live/webmin.example.com/privkey.pem

=> Combine the certificate and the private key into a single file and move SSL certificates

sudo cat /etc/letsencrypt/live/webmin.example.com/fullchain.pem /etc/letsencrypt/live/webmin.example.com/privkey.pem > webmin_key_cert.pem

=> Then, move the combined certificate to the Webmin directory with –

sudo mv webmin_key_cert.pem /etc/webmin/

=> Edit the Webmin configuration file to use the new SSL certificate. To update it, open the file using the editor –

sudo nano /etc/webmin/miniserv.conf

=> Set the value to the path of your new certificate: in the place of keyfile directive –

keyfile=/etc/webmin/webmin_key_cert.pem

=> Restart Webmin after making the changes.

sudo systemctl restart webmin

What is the Process to Set Up Webmin Firewall Rules

You must adjust your firewall settings to ensure that your Webmin interface is accessible securely.

  1. Use the below command to check UFW status to see if it is running – 
    sudo ufw status
  2. The next step is to allow Webmin and HTTPS traffic. That is, you need to add rules to allow connections on port 10000 (Webmin) and port 443 (HTTPS). 
    sudo ufw allow 10000/tcp
sudo ufw allow https
  3. Further, run the below to deny HTTP traffic to avoid any unencrypted or insecure connections. 
    sudo ufw deny http
  4. Apply the change by reloading UFW – 
    sudo ufw reload
  5. Lastly, verify the firewall rules by viewing the UFW status with the below – 
    sudo ufw status

You should now see that the necessary ports are open and insecure HTTP traffic is blocked (80/tcp and 80/tcp (v6)).

Access Webmin Interface on Port 10000

Webmin is now set up and secured. So you can access it through your web browser. For that, open your browser and go to –

https://webmin.example.com:10000

Further, log in using your non-root sudo user credentials.

You will be logged in and will be able to see the Webmin dashboard. Here, you will see your system information summary and can manage your server.

Conclusion

You can now access Webmin and get a simple and powerful web-based interface to manage and monitor your system. You can use it to handle a variety of administrative tasks and make server management a lot easier.

April 30, 2025