phpMyAdmin local internet access only

[ssgill]

Hello, i am trying to limit phpMyAdmin access to local internet only. I have read few threads with different options one being .htaccess file but is there another way of doing it. I had already tried updating the config.php file with this code:

$cfg['Servers'][$i]['AllowDeny']['order'] = 'deny,allow';
$cfg['Servers'][$i]['AllowDeny']['rules'] = array(
'deny % from all',
'allow % from localhost',
'allow % from 10.2.1.0/24',
);

but this is not working, i can still access it from outside.

Another question is can i block access to phpmyadmin from site url for all users. e.g: www.<site_url>/phpmyadmin.

So its only available from main directadmin ip as its accessed from the directadmin phpmyadmin link. e.g: https//:<directadmin_ip>/phpmyadmin. This would be a real help thanks.

 

[chatwizrd]

Why wouldnt you just use htaccess it is super easy.

<IfModule mod_access.c>
order deny,allow
allow from 127.0.0.1
allow from 10.2.1.0/24
deny from all
</IfModule>

 

[ssgill]

Why wouldnt you just use htaccess it is super easy.

<IfModule mod_access.c>
order deny,allow
allow from 127.0.0.1
allow from 10.2.1.0/24
deny from all
</IfModule>

But will .htaccess file survive subsequent updates to phpmyadmin or i would have to add this after every update. thanks

 

[chatwizrd]

Not sure if it would work or not but you can try:

http://help.directadmin.com/item.php?id=365

Just put the .htaccess file in

/usr/local/directadmin/custombuild/custom/phpmyadmin/

Then see if it gets copied or not.

 

[zEitEr]

But will .htaccess file survive subsequent updates to phpmyadmin or i would have to add this after every update. thanks

You might want to use this /etc/httpd/conf/extra/httpd-includes.conf part of apache configs for your custom directives.

Related: http://help.directadmin.com/item.php?id=351