Exadra37/secure-phpmyadmin-installation.txt

## secure-phpmyadmin-installation.txt
/**
 * - Securing PhpMyAdmin instalation in Ubuntu server
 *
 * @author  Paulo Silva(Exadra37)     <exadra37ingmailpointcom>
 * @package Exadra37/SecurePhpMyAdmin
 * @version 1.0.1
 * @since   30/01/2014 - v.1.0.0
 *          05/06/2014 - v.1.0.1
 *
 */

1. Open file phpmyadmin config file:
    - sudo vim /etc/phpmyadmin/config.inc.php
    - around line 79 copy and past the following code:
        /*START Secure PhpMyadmin Installation by Exadra37 */

        // put your ip address from where you access phpmyadmin
        $ip_address = '123.456.789';

        // disable root access to phpmyadmin
        $cfg['Servers'][$i]['AllowRoot'] = FALSE;

        // make authentication to be explicit
        //  - this means that you must add each user to the below config rules
        $cfg['Servers'][$i]['AllowDeny']['order'] = 'explicit';

        // Config rules to be applied
        //  - use "allow username from 123.456.789"
        //  - use "allow username from all"
        //      . all means from all ip addresses
        //  - instead of allow you can use deny
        $cfg['Servers'][$i]['AllowDeny']['rules'] = array(
            "allow username1 from {$ip_address}",
            "allow username2 from all",
            "allow username3 from 123.456.789",
            "deny username4 from all",
            "deny username5 from 123.456.789"
            );
        /*END- Secure PhpMyadmin Installation by Exadra37 */

2. Open phpmyadmin apache configuration file:
    - sudo vim /etc/apache2/sites-available/phpmyadmin.conf or sudo vim /etc/apache2/conf-enabled/phpmyadmin.conf
    - around line 3 found:
        . Alias /phpmyadmin /usr/share/phpmyadmin
    - now change it to:
        . Alias /less-obvious-name /usr/share/phpmyadmin
            * less-obvious-name should be replaced by one of your preference

3. Restart Apache:
    - sudo service apache2 graceful
	/**
	* - Securing PhpMyAdmin instalation in Ubuntu server
	*
	* @author Paulo Silva(Exadra37) <exadra37ingmailpointcom>
	* @package Exadra37/SecurePhpMyAdmin
	* @version 1.0.1
	* @since 30/01/2014 - v.1.0.0
	* 05/06/2014 - v.1.0.1
	*
	*/

	1. Open file phpmyadmin config file:
	- sudo vim /etc/phpmyadmin/config.inc.php
	- around line 79 copy and past the following code:
	/START Secure PhpMyadmin Installation by Exadra37 /

	// put your ip address from where you access phpmyadmin
	$ip_address = '123.456.789';

	// disable root access to phpmyadmin
	$cfg['Servers'][$i]['AllowRoot'] = FALSE;

	// make authentication to be explicit
	// - this means that you must add each user to the below config rules
	$cfg['Servers'][$i]['AllowDeny']['order'] = 'explicit';

	// Config rules to be applied
	// - use "allow username from 123.456.789"
	// - use "allow username from all"
	// . all means from all ip addresses
	// - instead of allow you can use deny
	$cfg['Servers'][$i]['AllowDeny']['rules'] = array(
	"allow username1 from {$ip_address}",
	"allow username2 from all",
	"allow username3 from 123.456.789",
	"deny username4 from all",
	"deny username5 from 123.456.789"
	);
	/END- Secure PhpMyadmin Installation by Exadra37 /

	2. Open phpmyadmin apache configuration file:
	- sudo vim /etc/apache2/sites-available/phpmyadmin.conf or sudo vim /etc/apache2/conf-enabled/phpmyadmin.conf
	- around line 3 found:
	. Alias /phpmyadmin /usr/share/phpmyadmin
	- now change it to:
	. Alias /less-obvious-name /usr/share/phpmyadmin
	* less-obvious-name should be replaced by one of your preference

	3. Restart Apache:
	- sudo service apache2 graceful