Restrict access to phpMyAdmin by IP

Updated on Leave a Comment on Restrict access to phpMyAdmin by IP

Under an Ubuntu system phpMyAdmin adds an Apache vhost that makes it publically available at http://yoursite.com/phpmyadmin . By accessing http://yoursite.com/phpmyadmin have maximum chances to get hacked your database.

Under Ubuntu, the phpMyAdmin apache conf file is located at: /etc/apache2/conf-available/phpmyadmin.conf

Simply add the following order, allow, deny directives to make it available to mentioned ip address only.

#do not allow access from the outside world!
        Order Deny,Allow
        Deny from All
        Allow from 192.168.1.231 192.168.1.60

It will only allow 192.168.1.231 and 192.168.1.60 ip addresses to open phpmyadmin access. All other visitors will receive 403 forbidden.

After editing the file, make sure to restart apache, so the changes take effect.

sudo service apache2 restart

You may also like

Leave a Reply