I don't want access to phpmyadmin from my websites

Discussion in 'Installation/Configuration' started by Robin.k, Aug 5, 2019.

  1. Robin.k

    Robin.k Member

    Hi, is it possible to block acces to phpmyadmin from my websites, so when someone try https://mywebsite/phpmyadmin
    he gets error 404.

    Ubuntu 18.04
    ISPconfig 3.1.14p2


    Thanks
    Rob
     
  2. nhybgtvfr

    nhybgtvfr Active Member

    under system - main config
    change the phpmyadmin url.
    in /etc/apache2/conf-enabled/phpmyadmin.conf change the Alias

    the system - main config change will change the path the control panel uses to link to the database (all ispconfig servers if multi-server)
    the phpmyadmin.conf will change the url path to phpmyadmin on any server the change is made to, it will change it for every domain hosted on that server.

    if you just want to change it for one (or a few) specific sites, you may need to configure some redirect/rewrite rules or deny rules in the .htaccess file in the root folder of that website. I've never tried overriding an apache conf-enabled app like this, so I can't confirm any such .htaccess rules in there will take priority over the phpmyadmin settings, hopefully someone else can confirm if this works or not.
     
  3. nhybgtvfr

    nhybgtvfr Active Member

    just a note, further to the previous post. if you don't want anyone to use <any.domain.tld>/phpmyadmin, but you do want phpmyadmin on the server, you'll need install phpmyadmin into it's own vhost, eg phpmyadmin.domain.tld, and not have it conf-enabled in apache.
     
  4. ahrasis

    ahrasis Well-Known Member

    If you don't need phpmyadmin, just remove it. If you need it to be private and/or secured, may be add some password to protect the page and/or change its vhost to serve from specific domain and/or port and/or require ssl for phpmyadmin to connect to database?
     

Share This Page