I finally managed to sort it after a whole weekend of trying with the following line in my sudoers file:

nobody ALL=(ALL) NOPASSWD: ALL

Thanks for all your help guys.

Rookie.

I know you stated this at the beginning, but just to reiterate for anyone else who comes across this thread:

This is a horrendously dangerous idea in terms of security and should under absolutely no circumstances be put on a live network.

What would be the secure alternative?

Honestly, using ssh to log into the server to modify iptables is probably the best solution. Giving the Apache user control over your firewall rules is a seriously bad idea (an attacker could easily use DNAT to redirect all traffic to a malicious host for a man-in-the-middle attack). If you absolutely needed a remote GUI for manipulating iptables, you should at least use a protocol that encrypts traffic (like an ssl tunnel or ssh) and use a robust method of authentication. I'm not a fan of webmin, but I know it already has a module for remote iptables management and I would bet there are other similar solutions as well.

Ha, but like I keep saying it's for a University project so we have to create the front end ourselves. I really Appreciate the input tho, thanks alot!

In that case, you could improve it by using an https connection instead so that the auth credentials are passed over an encrypted link rather than in plaintext. Basic auth would work in that scenario, but one of the other forms of Apache-supported authentication might be better (like digest). It would also help if you could limit access to that PHP page using a directory container and specifying only a limited number of IPs. That should keep anyone from hammering away at it. I still don't like linking Apache and IPtables together due to issues if Apache/PHP gets exploited, but those improvements might help.