phpmyadmin access after logging into virtualmin

dave97 · January 13, 2015, 1:22pm

Hey guys,

Its great to have a feature like two factor authentication for virtualmin/webmin login but there is still a weakness when it comes to phpmyadmin which is available at exampledomain.com/phpmyadmin by default and which is protected only by a password.This makes it prone to bruteforce attacks.

I was wondering if it was possible to make access to phpmyadmin available only after logging in to webmin/virtualmin.

2)I was also wondering if it was possible restrict access to phpmyadmin by IP.

Any progress in this direction and and ETA will be greatly appreciated.

Thankyou

Eric · January 13, 2015, 5:09pm

Howdy,

You could always setup a .htaccess file to restrict access to phpMyAdmin to a particular IP address.

You can use a ,htaccess file such as this to accomplish that:


order deny,allow
deny from all
allow from x.x.x.x

dave97 · January 13, 2015, 8:02pm

Thank you