How to Secure phpMyAdmin With .htaccess


Oke in this tutorial we will learn about phpmyadmin

the last post is we was install phpmyadmin in the server.
then Now is How To Secure phpMyAdmin ?


lets do it :

I am use htacess to secure the phpMyAdmin.

[#] first step is we configure the phpMyAdmin apache configuration.

~ /etc/phpmyadmin/apache.conf

add the code 'AllowOverride All' under 'DirectoryIndex'.
then seem like this:
<Directory /usr/share/phpmyadmin>
        Options FollowSymLinks
        DirectoryIndex index.php
        AllowOverride All

[#] secend is configure .htaccess
create the file .htacces

~ vi /usr/share/phpmyadmin/.htaccess

put this code :
AuthType Basic
AuthName "Restricted Files"
AuthUserFile //usr/share/phpmyadmin/.htpasswd
Require valid-user

Note:
AuthType : refers to the type of authentication that wil be use to check the passwrd
AuthName : text that will be displayed at the password prompt and you can Put anything
AuthUserFile : path for file password / will create next step
Require valid-user : tells the .htaccess file that only users in password file to access it.

[#] third is create .htpasswd
Use the htpasswd command and the place the file in a directory of your choice as long as it is not accessible from a browser.

~ sudo htpasswd -c  /usr/share/phpmyadmin/.htpasswd root

Note :
-c = create new file
/usr/share/phpmyadmin/ = path we will put the file .htpassws
root = username

and you will be ask for new password and type your password there.

[#] and the last step is restart apache webserver

~ sudo service apache2 restart

and Now test your configuration by accessing http://192.168.1.4/phpmyadmin/

- this is before :

- and after configure :

congratulations..
it is protected Now ;)
Thankz..
Title : How to Secure phpMyAdmin With .htaccess
Description : Oke in this tutorial we will learn about phpmyadmin the last post is we was install phpmyadmin in the server. then Now is How To Secure...

5 Responses to "How to Secure phpMyAdmin With .htaccess"

  1. Yeah thankz for visit me :)

    ReplyDelete
  2. Can I do this in cpanel on a shared server. If yes, how can I do it?

    ReplyDelete
  3. You should avoid using .htaccess files completely if you have access to httpd main server config file. Using .htaccess files slows down your Apache http server. Any directive that you can include in a .htaccess file is better set in a Directory block, as it will have the same effect with better performance.

    ReplyDelete