phpmyadmin access after logging into virtualmin

3 posts / 0 new
Last post
#1 Tue, 01/13/2015 - 07:22
dave97

phpmyadmin access after logging into virtualmin

Hey guys,

Its great to have a feature like two factor authentication for virtualmin/webmin login but there is still a weakness when it comes to phpmyadmin which is available at exampledomain.com/phpmyadmin by default and which is protected only by a password.This makes it prone to bruteforce attacks.

1) I was wondering if it was possible to make access to phpmyadmin available only after logging in to webmin/virtualmin.

2)I was also wondering if it was possible restrict access to phpmyadmin by IP.

Any progress in this direction and and ETA will be greatly appreciated.

Thankyou

Tue, 01/13/2015 - 11:09
andreychek

Howdy,

You could always setup a .htaccess file to restrict access to phpMyAdmin to a particular IP address.

You can use a ,htaccess file such as this to accomplish that:

order deny,allow
deny from all
allow from x.x.x.x
Tue, 01/13/2015 - 14:02 (Reply to #2)
dave97

Thank you

Topic locked