phpMyAdmin

/
/
Restrict access to phpMyAdmin

Restrict access to phpMyAdmin

You can restrict access to the phpMyAdmin web app in two ways:

  • through control panel network services;
  • through the Apache or Nginx web server.

Configuring network services

With this method, access to all web server sites will be restricted.

  1. Go to Monitoring and Logs - Network Services;
  2. Select the web server service:
    1. httpd- if using Apache;
    2. nginx- if using Nginx.
  3. Click the Add Rulebutton;
  4. Specify the rule settings:
    1. In the Actionfield - Partially Allow.
    2. Enable the Deny access to alloption.
    3. Enter the IP address or network from which you want to allow access in the Trusted IP Addressesfield.
    4. Click the Okbutton.

Configuring the web server

Configuring Apache

  1. Connect to the server via SSH;
  2. Open the phpMyAdmin configuration file at:
    1. For RHEL-based systems - /etc/httpd/conf.d/phpmyadmin.conf;
    2. For Debian-based systems - /etc/apache2/conf.d/phpmyadmin.conf.
  3. Change the Orderand Allowparameters, and add the Denyparameter as follows:
Order deny,allow
Deny from all
Allow from IP_ADDRESS_OR_SUBNET

After making these changes, reboot the web server:

On RHEL-based systems:

systemctl restart httpd

On Debian-based systems:

systemctl restart apache2

To ensure the authorization settings work correctly, add the control panel IP address to the list of allowed IP addresses.

Configuring Nginx

  1. Connect to the server via SSH;
  2. Open the phpMyAdmin configuration file at /etc/nginx/vhosts-includes/phpmyadmin.conf;
  3. Add the following lines to the location /phpmyadminsection:
allow IP_ADDRESS_OR_SUBNET;
deny all;

After making these changes, reboot the web server:

systemctl restart nginx

To ensure the authorization settings work correctly, add the IP address of the control panel to the list of allowed IP addresses.

In this article