Can I stop phpmyadmin from being accessed by IP address?

Post Reply
dle001
Posts: 1
Joined: Wed Feb 08, 2023 9:16 am

Hi

I want to stop access phpmyadmin via ip address. (maybe better for stopping attackers)

How to fix it ?
Thank you
Last edited by dle001 on Wed Feb 08, 2023 9:49 am, edited 1 time in total.

Tags:
User avatar
myVesta
Site Admin
Posts: 924
Joined: Fri Jun 19, 2020 9:59 am
Has thanked: 8 times
Been thanked: 6 times

Currently there is no way to do that.
But you can 'assign' phpmyadmin to some subdomain that is known only to you - viewtopic.php?f=8&t=37
The same way (set 'group=youruser' in fpm conf) you can 'unassign' the phpmyadmin from hostname, to stop bots.
ikheetjeff
Posts: 15
Joined: Tue Jul 20, 2021 4:06 am

I did it this way:

File: /etc/apache2/conf.d/phpmyadmin.conf

Add this code:

Code: Select all

RewriteEngine On
RewriteCond %{HTTP_HOST} !sub.domain.com$ [OR]
RewriteCond %{REMOTE_ADDR} !^00.00.00.00
RewriteRule (.*) - [R=404]
sub.domain.com is the only domain where phpmyadmin works and 00.00.00.00 is only ip.
I use vesta for myself, which allows for this. if you have multiple users this does not work.
Post Reply