phpmyadmin: securing web console

I installed PHPMyadmin to check my help manage my database, eventhough I also use the desktop program MySQL Workbench, I fell sometimes its important to use the webconsole.

Recently, upon checking my MySQL Logs (/var/logs/mysql/error.log) I encountered that everyday I had thousands of failed logins to the PHPMyAdmin. I sure enough have a very strong password (over 30 characters letter, numbers and special characters), it made me nervous that at some point hackers could just enter my DB and my site would be compromised.

So I decided to add another layer of security to this application, securing the application with an Apache application. Now to be able to access the PHPMyAdmin login page they have to pass the Apache login and then pass whe PHPMyAdmin login.

Everything is possible, but definitely harder.

Attached are the instructions I followed from Digital Ocean

https://www.digitalocean.com/community/tutorials/how-to-install-and-secure-phpmyadmin-on-ubuntu-16-04

Worked like a charm.

Leave a Reply

Your email address will not be published. Required fields are marked *