On 7/9/2013 5:21 PM, Jerry K wrote:
Agreed; the default phpmyadmin aliases are a very common attack point. VPN/private address space would absolutely be the best solution, but if that's not possible then on top of htpasswd authentication with strong passwords, some "security through obscurity" in changing the alias is probably not a bad idea to keep out the bot attacks.configure a local VPN, and only allow access from the VPN IP range is one possible "Plan B". Reviewing my own log files, its amazing how many malware hits there are for this particular software product. What ever you do, be as safe/secure as you can. Good Luck Jerry
Jim --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|