Re: MySQL Curses interface

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Yeah, you probably don't want your phpMyAdmin installation accessible from just anywhere. Making it accessible only from localhost was just an idea I had predicated on the assumption that you weren't already running a web server.
Volumes can and have been written on securing apache. I haven't putzed with phpMyAdmin for a while and I don't recall what security features it offers. But some of the things you could do via apache are: 

1. Make the phpMyAdmin site accessible only to certain IP addresses
2. Require a user ID and password to connect
Point #1 above would include making it accessible only from the localhost. Or you could tell apache to allow access only from the localhost and some static IP address like that of your workstation. Here is how I restrict access to server status reports on an apache server to computers at the University of Wisconsin Math Department and to my machine at home: 


<Location /server-status>
   Order deny,allow
   Deny from all
   Allow from .math.wisc.edu lambeau.johnheim.com
</Location>#
----- Original Message ----- From: "Tony Baechler" <tony@xxxxxxxxxxxx> 
To: "Linux for blind general discussion" <blinux-list@xxxxxxxxxx>
Sent: Tuesday, April 08, 2008 11:46 AM
Subject: Re: MySQL Curses interface
Actually, that wouldn't work unless I install another copy of Apache. It's a business server with active sites. If Apache only listens on localhost, those sites go down. If I can set phpmyadmin to only respond to connections from localhost, that would help. I definitely don't want it available to the outside world because I've seen too many security advisories for both MySQL and phpmyadmin to take a chance. 

John G. Heim wrote:
You could get around the security problem by configuring the web server to listen only on the localhost address, 127.0.0.1. Then ssh to the server and run lynx connecting to the localhost. 

_______________________________________________
Blinux-list mailing list
Blinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/blinux-list




_______________________________________________
Blinux-list mailing list
Blinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/blinux-list
[Index of Archives]     [Linux Speakup]     [Fedora]     [Linux Kernel]     [Yosemite News]     [Big List of Linux Books]