51.18. Referrer Checking

One danger when using a web-based administration interface like Webmin is that a link from another website may point to a program on your Webmin server. For example, a malicious site could include HTML code like:

<a href=http://localhost:10000/proc/run.cgi?cmd=rm+*>click me</a>

Clicking on this harmless-looking link would cause Webmin's Running Processes module to run a command that deletes files on your system! Assuming that you have already logged into Webmin, no password would be required. Worse still, a similar URL could be used in an <img> tag for an image, which is fetched automatically by your browser as soon as you open a page that seems innocuous.

Fortunately, there is a solution. Most browsers send the full URL of the page from which a link came in their HTTP requests. By default, Webmin compares the hostname in this URL with the one used to access the current page and displays a warning if they do not match. This blocks links from other websites to your Webmin server, except for those that do not specify a program, such as http://localhost:10000/cron/, and are therefore harmless.

Sometimes, however, you will want to allow such links, such as from an internal Intranet web server that you maintain and trust. For this reason, Webmin can be configured to allow links where the referrer is from a list of trusted hosts. The following steps explain how.

Webmin does not simply deny links from untrusted sites. Instead, it displays a warning and gives the user a chance to continue with the link. This warning form contains a checkbox labeled Don't show this warning in future, which if selected effectively, changes the Referrer checking enabled? field to No.