In this article, AZDIGI will show you how to restrict access to phpMyAdmin DirectAdmin, making the database much more secure. The only condition to get this way is that you must use CustomBuild 2.0 version 2221.
By default, DirectAdmin servers always allow access to the path http://IP/phpmyadmin (remember to change the IP to your VPS/Server IP address) for users to access phpMyAdmin to manage their databases. However, this also carries the risk of being attacked in the form of “Brute Force“. Below is the image when trying to access thephpmyadmin.
2. Restrict access to phpMyAdmin DirectAdmin
To restrict access to phpMyAdmin DirectAdmin, follow these 3 steps:
Step 1: SSH into your DirectAdmin system
To restrict access to phpMyAdmin DirectAdmin, we need to do SSH or access your VPS or server as root first. If you do not know how to SSH into your VPS/Server, you can refer to the following tutorial:
After successfully SSHing, we continue with step 2 to start the process of activating the phpMyAdmin DirectAdmin access restriction mechanism.
Step 2: Enable the phpMyAdmin DirectAdmin access restriction mechanism with CustomBuild 2.0
The only condition to do this is that you must use CustomBuild 2.0 version 2221, so first we need to see if the version of CustomBuild we are using is 2.0 or not.
In case your CustomBuild version is lower than 2.0 then you need to upgrade CustomBuild 1.x to 2.0 , you can check out the following tutorial:
Here is my CustomBuild version after the latest update:
Once we have CustomBuild 2.0, we use the following commands to enable the phpMyAdmin DirectAdmin access restriction mechanism:
cd /usr/local/directadmin/custombuild ./build update ./build set phpmyadmin_public no ./build phpmyadmin
Explanation of the above commands:
- Command 1: Move to
- Command 2: Update custombuild script.
- Command 3: Adjust the
phpmyadmin_publicconfig to “
no” (No free access allowed).
- Command 4: Reinstall the latest phpMyAdmin to get a new configuration.
Here are the pictures in the process of activating this feature of mine:
So my VPS has been successfully enabled to restrict access to phpMyAdmin DirectAdmin.
3. Recheck access through phpMyAdmin
When you try to reaccess the http://IP/phpmyadmin link (remember to change the IP to your VPS/Server IP address), you will receive the message: Access to phpMyAdmin is only allowed from control panel.
To use this feature, you need to log in to DirectAdmin and use it through Extra Features > phpMyAdmin.
To use this phpMyAdmin feature more conveniently, you can refer to the following article:
This article has shown you how to quickly activate the phpMyAdmin DirectAdmin access restriction mechanism with CustomBuild 2.0 as well as manipulate the DirectAdmin interface to be able to use phpMyAdmin to manage your databases. Hope this article will be of help to you.
Wishing you success.
If you need assistance, you can contact support in the ways below:
- Hotline 247: 028 730 24768 (Ext 0)
- Ticket/Email: You use the email to register for the service and send it directly to: firstname.lastname@example.org