Date:  Fri, 3 Jul 2009 09:42:49 +0100
From:  Steve Howes <steve (at mark) geekinter.net>
Subject:  [coba-e:15782] Re: Restrict phpmyadmin to local machines only
To:  coba-e (at mark) bluequartz.org
Message-Id:  <30D92705-B3D9-42C1-8B88-6E60FD245DDB (at mark) geekinter.net>
In-Reply-To:  <4A4DA97F.4030907 (at mark) nickcr.co.uk>
References:  <4A48FFE9.5070306 (at mark) nickcr.co.uk> <5905ED2E-3353-43F1-848E-F9DAC82F8844 (at mark) geekinter.net> <4A4DA97F.4030907 (at mark) nickcr.co.uk>
X-Mail-Count: 15782

Ok, and the second bit? i.e. what does it do when you do that?

S

On 3 Jul 2009, at 07:47, Linux-Gnome wrote:

> Steve
>
> I used /23 because my home network uses 2 subnets.
>
> Regards
>
>    Gnome
>
> Steve Howes wrote:
>> On 29 Jun 2009, at 18:54, Linux-Gnome wrote:
>>> My server has recently been getting a number of hits of people  
>>> trying to hack into phpmyadmin (version v2.7.0-pl1) and as I do  
>>> not require any external access to it I wanted to restrict access  
>>> to all machines except those on my local network, after a bit of  
>>> searching I added the following to "/home/phpmyadmin/config.inc.php"
>>>
>>> /**
>>> * block root from logging in except from the private networks
>>> */
>>> $cfg['Servers'][$i]['AllowDeny']['order'] = 'deny,allow';
>>> $cfg['Servers'][$i]['AllowDeny']['rules'] = array(
>>> 'deny from all',
>>> 'allow from localhost',
>>> 'allow from 192.168.0.0/23',
>>> );
>> Might want /24 not /23. What did it do in the end?
>>>
>>> Unfortunately this did not work (down to my novice knowledge) so I  
>>> am after some assistance and guidance on how I should proceed.
>>>
>>> As an aside, how do I restart phpmyadmin without bouncing the box ?
>> You can't restart it. Its a website. It doesn't run as a daemon.
>> ------------------------------------------------------------------------
>> No virus found in this incoming message.
>> Checked by AVG - www.avg.com Version: 8.5.375 / Virus Database:  
>> 270.12.94/2208 - Release Date: 06/29/09 05:54:00
>