How do I restrict access to phpmyadmin?
By default, the phpMyAdmin interface is accessible from any IP address. You can restrict access to the application through the settings:
- network services in the control panel;
- Apache or Nginx web server.
Configuring network services
Note
With this setting, access will be restricted to all web server websites.
- Enter Monitoring and logs → Network services.
- Select the web server service:
- Press Add rule.
- Specify the rule settings:
- Press Ok.
Web server configuration
Apache
- Connect to the server with ISPmanager via SSH.
- Open the phpMyAdmin configuration file:
- CentOS — /etc/httpd/conf.d/phpmyadmin.conf;
- Debian, Ubuntu — /etc/apache2/conf.d/phpmyadmin.conf.
- CentOS — /etc/httpd/conf.d/phpmyadmin.conf;
- Replace the strings with
Order allow,deny Allow from allOrder deny,allow Deny from all Allow from <permitted IP address or subnet>NoteFor the authentication settings to work correctly, add the IP address of the control panel to the list of permitted IP addresses. - Restart Apache:
CentOS
systemctl restart httpdDebian, Ubuntu
systemctl restart apache2
Nginx
- Connect to the server with ISPmanager via SSH.
- Open the phpMyAdmin configuration file /etc/nginx/vhosts-includes/phpmyadmin.conf.
- Add the following strings to the location /phpmyadmin section
allow <permitted IP address or subnet>; deny all;NoteFor the authentication settings to work correctly, add the IP address of the control panel to the list of permitted IP addresses.Example of settings
location /phpmyadmin { alias /usr/share/phpMyAdmin; index index.php; allow 192.0.2.142; allow 192.168.1.0/24; deny all; } - Restart Nginx:
systemctl restart nginx