How To Restrict phpMyAdmin By IP Address

[brent]

PhpMyAdmin is a great easy to use web admin interface for your mysql databases. The one down side is it can be a security threat. Seems like many bots on the internet just go looking for phpmyadmin installed on web servers. Then run automated attacks. 

If you have logwatch installed you may often see many failed attempts

To add an extra layer of security you can prevent any one from accessing phpMyAdmin except by defined IP address. We will be setting this up on an Ubuntu 12.04 Server.

Before we begin we will need to know the IP Address that you will be using to connect to phpmyadmin. If the server you are  going to be accessing is hosted or on another network you can use  http://whatismyip.com to find your external address.

 

Login to your server at the console or using SSH to connect to it remotely.

The file we will be editing is /etc/apache2/conf.d/phpmyadmin.conf. In this example I am going to use command line text editor nano to keep things simple. If you preffer to use another text editor like vim or emacs feel free to do so. 

 

sudo nano /etc/apache2/conf.d/phpmyadmin.conf 

 

Add the following code.

Note: Remove the "#" from the from of the thrid line and replace ENTER.YOUR.IP.ADDRESS with the IP address you wish to allow. Also If you are behind a router you may want to use your router IP eg: 192.168.2.1

 

Order Allow,Deny
Allow from 127.0.0.1
#Allow from 192.168.2.106  

 

 

 

Now lets restart apache.

sudo /etc/init.d/apache2 restart