Restrict PHPMyAdmin to IP Address

Would you like to restrict PHPMyAdmin from being accessible to the whole world?

Firstly you need to SSH into your box if you are not on the local machine where PHPMyAdmin is installed along with Apache.

cd /etc/phpmyadmin/ vi apache.conf

You will need to look for the following text “<Directory /usr/share/phpmyadmin>” and add in the below code:

Remember that you need to press “i” in order to start editting text if using VI.

AllowOverride All Order Deny,Allow Deny from all Allow from 127.0.0.1 Allow from xxx.xxx.xxx.xxx
Code language: CSS (css)

Obviously you will need to replace your IP Address where the xxx.xxx.xxx.xxx is.
If you don’t know what you IP Address is then you can get it here.

So the <Directory /> block should look something like this:

<Directory /usr/share/phpmyadmin> Options FollowSymLinks DirectoryIndex index.php <IfModule mod_php5.c> AddType application/x-httpd-php .php php_flag magic_quotes_gpc Off php_flag track_vars On php_flag register_globals Off php_value include_path . </IfModule> AllowOverride All Order Deny,Allow Deny from all Allow from 127.0.0.1 Allow from xxx.xxx.xxx.xxx </Directory>
Code language: HTML, XML (xml)

Now you need to save your changes, to do this press ESC and then type “: x” (without quotes or a space inbetween) and hit ENTER. You should now be back at a command prompt.

Once you have completed this you will need to restart the apache webserver, you can do this as follows.

sudo /etc/init.d/apache2 restart

You have now restricted public access to your PHPMyAdmin install and you can feel safe again 🙂

Tags:
Subscribe
Notify of
guest
3 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
gtr
gtr
9 years ago

Ok, I tried the changes on /etc/apache2/sites-available/default and it worked. Thanks.

gtr
gtr
9 years ago

Hi, I did exactly as in your tutorial, and several others, but I cannot get to restrict phpmyadmin. Do I need to enable something else on apache’s conf file? If so, can you please tell how?