Secure phpMyAdmin

Jaydul Islam добавил(а) 3 года назад
В рассмотрении

Anyone can busy server Any ISPmanager system login by phpMyAdmin.So secure it like cpanel phpMyAdmin Please review and fix.from china we go massive login so we block CN country and uninstall phpMyAdmin But End user getting the problem they working via SSH.I think it need better security for phpMyAdmin

Комментарии (2)

фото
1

True! Need to upgrade phpmyadmin to 4.8 at least. Because since 4.8 phpmyadmin can save false login attempts to log file. It means you can use fail2ban to block all bots automaticly.


But current version of phpmyadmin is 4.4 :(

фото
1

It'd be much better to move access to phpmyadmin into ISPmanager panel. Where only users loggined into panel could use phpmyadmin.

It is possible! It'll cut access for all bots, because they are not users of ISPmanager panel. I've seen that solution in some hostings panel.

Put iframe with phpmyadmin into ISPmanager user interface. Then block external access to phpmyadmin (allow only from panel). And most security probles will gone.