Security Protect the phpmyadmin panel from hacking

Underground Forum

Underground Forum

  • #1

Disable root authorization​


We are looking for a file - /etc/phpMyAdmin/config.inc.php,

Change the line
$cfg['Servers'][$i]['AllowRoot'] =TRUE;
to
$cfg['Servers'][$i]['AllowRoot'] = FALSE;

Set up authorization by ip​

Apache​

/etc/httpd/conf.d/ phpmyadmin.conf
<Directory "/usr/share/phpmyadmin">
  Order Deny,Allow
  Deny from all # deny access to everyone else
  Allow from 127.0.0.1 # allow access from this ip
</Directory>
You can add an unlimited number of addresses.

For the changes to take effect, reload the httpd configuration
sudo systemctl restart httpd

NGINX​

/etc/nginx/vhosts-includes/ phpmyadmin-nginx.conf
location /phpmyadmin {
     alias /usr/share/phpMyAdmin;
     index index.php;
     allow 127.0.0.1; # allow access from this ip
     deny all; # deny access to everyone else
}
You can add an unlimited number of addresses.

For the changes to take effect, reload the nginx configuration
service nginx restart
 
Last edited:
Top