Secure / Restrict phpMyAdmin access via IP address

A good way of helping to secure phpMyAdmin access is by restricting logon access by IP address.

edit phpmyadmin.conf (which is located in /etc/httpd/conf.d in CentOS)

Whitelist your allowed IP addresses by adding or amending the following lines to your config file. Not forgetting to make sure that you leave 127.0.0.1 with access!

#
#  Web application to manage MySQL
#

<Directory "/usr/share/phpmyadmin">
  Order Deny,Allow
  Deny from all
  Allow from 127.0.0.1
  Allow from 192.168.0.45
  Allow from 65.660.xxx.xxx
 </Directory>

Alias /phpmyadmin /usr/share/phpmyadmin
Alias /phpMyAdmin /usr/share/phpmyadmin
Alias /mysqladmin /usr/share/phpmyadmin

Now restart your apache server to apply the changes.

This just restricts access to phpMyAdmin web interface, it doesn’t prevent other types of access to the MySQL database so make sure that all of you MySQL users have the correct permissions set for their relevant databases. Especially the user “root”!

Print Friendly, PDF & Email

More Like This


Categories


CentOS Linux Security Security Web Hosting

Tags


  • Post a comment