Posted by joe10001 on 11/23/05 21:27

Hi all,

I'm presently working on a web server. I just installed phpmyadmin and
I would like to secure it. I already put some basics securities rules
but I would like that my phpmyadmin to be only accessible from my LAN
(192.168.0.0) .... and not from my domain name (for example :
http://www.mydomain.com/phpmyadmin)

I made some research and read a lot on the matter and I noticed that I
must make the change on this file /etc/phpmyadmin/config.inc.php

more precisely on those options
######################################################
$cfg['Servers'][$i]['AllowDeny']['order'] // Host authentication
order, leave blank to not use
= 'deny,allow';
$cfg['Servers'][$i]['AllowDeny']['rules'] // Host authentication
rules, leave blank for defaults
= array(
'deny % from all',
'allow % from localhost',
'allow % from 192.168.0.0/24',
);

######################################################
Those modifications seem not to work since I'm still accessing it via
http://www.mydomain.com/phpmyadmin. Must I restart apache or something
??

I also read that this option $cfg['Servers'][$i]['auth_type'] should
be set to http instead of cookie. I tried it too but same result.

Are the file config.inc.php and htaccess (from the same folder) are
related ? So maybe it would be better if I make the change in it
(instead of config.inc.php)

any help would be greatly appreciated

• Next in forum: Re: Extracting part of a string
• Prev in forum: Re: Parse error with php/java script
• Thread view: Secure PHPMYADMIN (accessible only by LAN)

[Reply to this message]