Managing Access to phpMyAdmin on AccuWeb.Cloud
Managing access to the phpMyAdmin panel is crucial for ensuring the security of your MySQL, MariaDB, and PerconaDB database servers.
By default, all connections to phpMyAdmin are allowed. However, you can modify this behavior by adjusting the /etc/httpd/conf.d/phpMyAdmin-jel.conf file.
This guide will walk you through the process step by step to restrict access to phpMyAdmin to specific IP addresses.
Step by Step Guide to Manage phpMyAdmin Access
Step 1. To change the default behavior that allows all connections, you need to edit the phpMyAdmin-jel.conf file. You can do this using the file configuration manager or via Web SSH. Locate the following section in the file:
<Directory /usr/share/phpMyAdmin/>
##REMOVE THE "Require all granted" STRING BELOW TO RESTRICT THE ACCESS FROM ANY IP EXCEPT SPECIFIED IN THE SECTION BELOW
Require all granted
###UNCOMMENT THE FOLLOWING LINES TO ALLOW ACCESS FROM THE SPECIFIED IP
###REPLACE THE xxx.xxx.xxx.xxx WITH THE IP ADDRESS FROM WHICH THE ACCESS IS ALLOWED
#SetEnvIf X-Forwarded-For ^xxx\.xxx\.xxx\.xxx env_allow_1
#Require env env_allow_1
#Require ip xxx.xxx.xxx.xxx
#Require all denied
</Directory>
Step 2. Comment out or remove the Require all granted line to restrict access from any IP, not specified.
Example:
<Directory /usr/share/phpMyAdmin/>
## REMOVE THE "Require all granted" STRING BELOW TO RESTRICT THE ACCESS FROM ANY IP EXCEPT SPECIFIED IN THE SECTION BELOW
#Require all granted
### UNCOMMENT THE FOLLOWING LINES TO ALLOW ACCESS FROM THE SPECIFIED IP
### REPLACE THE xxx.xxx.xxx.xxx WITH THE IP ADDRESS FROM WHICH THE ACCESS IS ALLOWED
#SetEnvIf X Forwarded For ^xxx\.xxx\.xxx\.xxx env_allow_1
#Require env env_allow_1
#Require ip xxx.xxx.xxx.xxx
#Require all denied
</Directory>
List the Allowed IPs:
If your database node has a public IP, specify the allowed IP addresses using the Require ip directive.
Example for public IP:
<Directory /usr/share/phpMyAdmin/>
#Require all granted
# Allow access from a specific public IP
Require ip 123.456.789.000
# Deny access from all other IPs
Require all denied
</Directory>
If your database node has an internal IP only, use the SetEnvIf X Forwarded For directive to specify the allowed IP address.
Example for internal IP:
<Directory /usr/share/phpMyAdmin/>
#Require all granted
# Allow access from a specific internal IP
SetEnvIf X Forwarded For ^123.456.789.000 env_allow_1
Require env env_allow_1
# Deny access from all other IPs
Require all denied
</Directory>
Step 3. After specifying the allowed IP addresses and ensuring all other IPs are denied, save the phpMyAdmin-jel.conf file.
Step 4. For the changes to take effect, restart the nodes of your database server. This can be done from the AccuWeb.Cloud dashboard.
After completing the steps above, any connection attempt to the phpMyAdmin panel from an IP address not listed in the allowed IPs will be denied and resulting in a 403 Forbidden error page.
By following these steps, you can ensure that your phpMyAdmin panel is protected from unauthorized access, increasing the security of your database servers.
Conclusion
Managing access to the phpMyAdmin panel on AccuWeb.Cloud is a straightforward process that significantly increases the security of your MySQL, MariaDB, and PerconaDB servers.
By restricting access to specific IP addresses, you can prevent unauthorized connections and protect your sensitive database information.
Remember to regularly review and update the allowed IP addresses as necessary to maintain secure and flexible access to your phpMyAdmin panel.
Save $100 in the next
5:00 minutes?