Prevent PHPMyAdmin Bruteforcing in DirectAdmin By Restricting Its Access
It is quite common to see automated attempts to locate PHPMyAdmin URLs for the purpose of bruteforcing when perusing the webserver access logs and domain logs. You can eliminate the threat of attacker success by restricting access to PHPMyAdmin to the panel only. This will require that a user is already logged into the DirectAdmin panel before they can access PHPMyAdmin.
This is beneficial for multiple reasons, the primary being that it limits the angle of attack on the phpMyAdmin installation as provided by DirectAdmin. While at the same time, making it easier for you or your users to access phpMyAdmin as it involves enabling SSO (Single Sign On).
We’ll be configuring this with the following. This will be done over SSH so if you need to know how to access your server read our “How to connect with SSH” guide.
cd /usr/local/directadmin/
./directadmin set one_click_pma_login 1 restart
cd custombuild
./build update
./build set phpmyadmin_public no
./build phpmyadmin
With this set, the following is now true:
- phpMyAdmin is no longer publicly accessible
- Single Sign On is enabled
- phpMyAdmin will auto-login for the user
More information on the auto-login feature can be found in our “How to enable auto login for phpmyadmin via directadmin” article.
Conclusion
We’ve gone over how to prevent bruteforcing in phpMyAdmin. Enabling this option will help you eliminate an attack vector and the traditional method to log in to the phpMyAdmin interface using a username and password.
KnownHost offers 365 days a year, 24 hours a day, all 7 days of the week best in class technical support. A dedicated team ready to help you with requests should you need our assistance. You’re not using KnownHost for the best webhosting experience? Well, why not? Check with our Sales team to see what can KnownHost do for you in improving your webhosting experience.