how to block phpmyadmin page

Cyber Ninja
Cyber Ninja used Ask the Experts™
how to block phpmyadmin page to be accessible from external ip
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
nociSoftware Engineer
Distinguished Expert 2018

Using:  allow  and the partner in access provision deny
inside a location block going for  phpmyadmin.
as network address all is allow to have a handy shortcut for the world at large.

Or in a server block only listening on a specific local port.

See also:
Fractional CTO
Distinguished Expert 2018
A more useful approach is this.

Most Distros phpMyAdmin package sets up phpMyAdmin to work under the default domain config, which gives access to everyone, which is very bad.

To fix this.

1) Install phpMyAdmin via Distro's normal package install process.

2) Verify phpMyAdmin works.

3) Remove the global config + restart Apache, so now no one can access phpMyAdmin.

4) Move the config file to a HTTPS wrapped host, so this normally means moving...

Include ./conf-available/phpmyadmin.conf

Open in new window

Into one of your /etc/apache2/sites-enabled/ file for whatever host or domain you'd like to use for accessing phpMyAdmin.

5) Wrap access to your /phpmyadmin behind simple/basic password authentication.

6) At this point you'll secured, password protected, HTTPS access to /phpmyadmin quickly, as it only takes a few minutes to get this working.
Distinguished Expert 2017

As part of your either virtual directory setup /phpmyadmin or within the folder add a restriction for access to nly be permitted from..

Not clear which web server you are using as they have different methodology to achieve this goal.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial