Article 15747 at 09/06/30 02:54:51 From: linux-gnome (at mark) nickcr.co.uk Subject: [coba-e:15747] Restrict phpmyadmin to local machines only

Index: [Article Count Order] [Thread]

Date:  Mon, 29 Jun 2009 18:54:49 +0100
From:  Linux-Gnome <linux-gnome (at mark) nickcr.co.uk>
Subject:  [coba-e:15747] Restrict phpmyadmin to local machines only
To:  coba-e (at mark) bluequartz.org
Message-Id:  <4A48FFE9.5070306 (at mark) nickcr.co.uk>
X-Mail-Count: 15747

My server has recently been getting a number of hits of people trying to 
hack into phpmyadmin (version v2.7.0-pl1) and as I do not require any 
external access to it I wanted to restrict access to all machines except 
those on my local network, after a bit of searching I added the 
following to "/home/phpmyadmin/config.inc.php"

/**
 * block root from logging in except from the private networks
 */
$cfg['Servers'][$i]['AllowDeny']['order'] = 'deny,allow';
$cfg['Servers'][$i]['AllowDeny']['rules'] = array(
'deny from all',
'allow from localhost',
'allow from 192.168.0.0/23',
);


Unfortunately this did not work (down to my novice knowledge) so I am 
after some assistance and guidance on how I should proceed.

As an aside, how do I restart phpmyadmin without bouncing the box ?

regards

   Gnome