Cannot Restrict phpMyAdmin Access
I am running Ubuntu 12.04 Server with a LAMP server installation. I want to restrict access to phpMyAdmin so that a root login can only be performed from within my local network. I have put the following lines of code into /etc/phpmyadmin/config.inc.php:-
Code:
$cfg['Servers'][$i]['AllowDeny']['order'] = 'deny,allow'; To test that it works, I changed the allowed address to something NOT matching my local network and restarted the Apache service. Tried logging in expecting to be denied access, but was allowed in. Am I missing something? Thanks, Andrew. |
Only thing I can point out is that your network will allow anything that starts with 192.168.[anything].[anything] and 127.0.0.1
Also in your above example you are missing the ending semi-colon ( ; ) which could be the issue. Hope that gets you started... |
Quote:
|
Many thanks for both replies. Made the suggested changes but still could not get it to work.
I've since discovered that it can be done in the file /etc/phpmyadmin/apache.conf by adding the following directives inside the <Directory /usr/share/phpmyadmin> block:- Code:
Order Deny,Allow |
OK this would be fine, allowing localhost first:
Code:
$cfg['Servers'][$i]['AllowDeny']['order'] = 'deny,allow'; How about checking with one ip address in "allow root from <ip>". Another way which comes is setting up .htaccess file in your phpMyadmin dir: Code:
AuthUserFile /full/path/to/.htpasswd cd to the dir where you want to keep the .htpasswd file : Code:
htpasswd -c .htpasswd [username] |
All times are GMT -5. The time now is 11:48 PM. |