Control Web Panel
WebPanel => How to => Topic started by: zenben on January 27, 2018, 01:27:20 PM
-
1. Open the PMA config file with your prefered editor
/usr/local/cwpsrv/var/services/pma/config.inc.php
2. add the following lines at the bottom
$cfg['ForceSSL'] = true;
$cfg['Servers'][$i]['AllowDeny']['order'] = 'deny,allow';
$cfg['Servers'][$i]['AllowDeny']['rules'] = array(
// deny everyone by default
'deny % from all',
// allow all users from the local system
'allow % from localhost',
'allow % from 127.0.0.1',
'allow % from ::1',
// allow all users from the server IP (commented out)
'allow % from YOUR_SERVER_ADDRESS.',
// allow user root from local system
'allow root from localhost',
'allow root from 127.0.0.1',
'allow root from ::1',
// allow user root from local network/pc
'allow root from YOUR_IP_ADDRESS/32',
// add more usernames and their IP (or IP ranges) here -
);
3. replace the placeholders with your IP's
YOUR_SERVER_ADDRESS
YOUR_IP_ADDRESS
4. save, close and restart Apache
systemctl restart httpd
5. done.
You can test the setting if you comment out the line: 'allow root from YOUR_IP_ADDRESS/32',
and then try to login as root from your PC, or (leave it and) try to login from another IP as root.
You should then see a red message box saying: "Acces denied"
If your local IP address (http://ipecho.net/plain) is dynamic, I would NOT recommend this setting, otherwise you have to change YOUR_IP_ADDRESS inside config.inc.php every now and then.
All the best,
Ben
Source: https://stackoverflow.com/questions/2631269/how-to-secure-phpmyadmin (https://stackoverflow.com/questions/2631269/how-to-secure-phpmyadmin)
-
That's helpful tutorial, thanks for sharing. :)
-
I have tried but this is not working, can any one suggest a solution as per latest version of CWP.