/
/
Restrict access to phpMyAdmin

Restrict access to phpMyAdmin

Why

By default, the phpMyAdmin interface is accessible from any IP address, so web access is often restricted.

Instructions

You can restrict access to the phpMyAdmin web app in two ways:

  • through control panel network services;
  • through the Apache or Nginx web server.

Configuring network services

Please note!

With this method, access to all web server sites will be restricted.

  1. Go to Monitoring and Logs - Network Services;
  2. Select the web server service:
    1. httpd - if using Apache;
    2. nginx - if using Nginx.
  3. Click the Add Rule button;
  4. Specify the rule settings:
    1. In the Action field - Partially Allow.
    2. Enable the Deny access to all option.
    3. Enter the IP address or network from which you want to allow access in the Trusted IP Addresses field.
    4. Click the Ok button.

Configuring the web server

Configuring Apache

  1. Connect to the server via SSH;
  2. Open the phpMyAdmin configuration file at:
    1. For RHEL-based systems - /etc/httpd/conf.d/phpmyadmin.conf;
    2. For Debian-based systems - /etc/apache2/conf.d/phpmyadmin.conf.
  3. Change the Order and Allow parameters, and add the Deny parameter as follows:
Order deny,allow
Deny from all
Allow from IP_ADDRESS_OR_SUBNET

 

After making these changes, reboot the web server:

On RHEL-based systems:

systemctl restart httpd

On Debian-based systems:

systemctl restart apache2

 

Please note!

To ensure the authorization settings work correctly, add the control panel IP address to the list of allowed IP addresses.

Configuring Nginx

  1. Connect to the server via SSH;
  2. Open the phpMyAdmin configuration file at /etc/nginx/vhosts-includes/phpmyadmin.conf;
  3. Add the following lines to the location /phpmyadmin section:
allow IP_ADDRESS_OR_SUBNET;
deny all;

After making these changes, reboot the web server:

systemctl restart nginx

 

Please note!

To ensure the authorization settings work correctly, add the IP address of the control panel to the list of allowed IP addresses.