phpMyAdmin on ViciBox v.9.0+

Support forum for the ViciBox ISO Server Install and ISO LiveCD Demo

Moderators: enjay, williamconley, Staydog, mflorell, MJCoate, mcargile, Kumba

phpMyAdmin on ViciBox v.9.0+

Postby Kumba » Fri Jun 05, 2020 4:38 pm

On ViciBox v.9.0 (and v.8.1+ I believe) phpMyAdmin is not setup by default even if you select it during the install. This was done deliberately because phpMyAdmin is a HUGE security hole. I cannot stress enough how much of a security problem phpMyAdmin is if it ever gets exposed to the public internet. It's very likely your box will be compromised within an hour if it is inadvertently exposed.

However, if after reading the above and accepting the potential risk should phpMyAdmin not be properly secured, here's how you enable it:
Code: Select all
ln -s /usr/share/phpMyAdmin /srv/www/htdocs/


Once you run the above code, phpMyAdmin will just start working. The default apache configuration file for phpMyAdmin limits accessibility to local IPs only by default as well. To further secure or grant additional IP access you will need to edit /etc/apache2/conf.d/phpMyAdmin.conf and make the appropriate modifications.
Kumba
 
Posts: 939
Joined: Tue Oct 16, 2007 11:44 pm
Location: Florida

Re: phpMyAdmin on ViciBox v.9.0+

Postby carpenox » Wed Jun 24, 2020 10:00 pm

Perhaps this will help someone looking to make sure they secure there phpMyAdmin:

Code: Select all
####Securing phpMyAdmin#####

nano /etc/apache2/conf.d/phpMyAdmin.conf

###change the following:

<Directory /usr/share/phpMyAdmin>

    Options FollowSymLinks
    AllowOverride All   #This was "None"

    <IfVersion < 2.4>
        Order Deny,Allow
        Allow from all
    </IfVersion>


###save and exit

nano /usr/share/phpMyAdmin/.htaccess

####Enter the following:

AuthType Basic
AuthName "Restricted Files"
AuthUserFile /etc/phpMyAdmin/.htpasswd
Require valid-user

###save and exit

zypper install apache2-utils

htpasswd -c /etc/phpMyAdmin/.htpasswd whatever.username.u.want
Password: enter the password u want

##restart apache
service apache restart or systemctl restart apache

###go to your phpmyadmin

http://server.ip/phpMyAdmin


##Enjoy
Alma Linux 9.3 | Version: 2.14-911a | SVN Version: 3815 | DB Schema Version: 1710 | Asterisk 18.18.1
www.dialer.one -:- 1-833-DIALER-1 -:- https://linktr.ee/CyburDial -:- WhatsApp: +19549477572 -:- Skype: live:carpenox_3
carpenox
 
Posts: 2230
Joined: Wed Apr 08, 2020 2:02 am
Location: Coral Springs, FL

Re: phpMyAdmin on ViciBox v.9.0+

Postby Zaraab » Fri Oct 16, 2020 12:24 am

I want to allow only one IP which can access the phpmyadmin.

How can I do thati?
A VICIDIAL ENTHUSIAST
OS BASED LEARNING : CentOS - openSUSE
INSTALLATION METHODS : MOSTLY SCRATCH & STD INSTALLATION WITH .ISO
HELP - BELIEVE - INNOVATE
Zaraab
 
Posts: 151
Joined: Fri May 22, 2020 1:21 pm

Re: phpMyAdmin on ViciBox v.9.0+

Postby Zaraab » Tue Oct 27, 2020 2:37 am

How to delete access and change password of this phpmyadmin page?

how to allow specific Ip only?
A VICIDIAL ENTHUSIAST
OS BASED LEARNING : CentOS - openSUSE
INSTALLATION METHODS : MOSTLY SCRATCH & STD INSTALLATION WITH .ISO
HELP - BELIEVE - INNOVATE
Zaraab
 
Posts: 151
Joined: Fri May 22, 2020 1:21 pm

Re: phpMyAdmin on ViciBox v.9.0+

Postby carpenox » Tue Oct 27, 2020 7:42 am

htpasswd -c /etc/phpMyAdmin/.htpasswd whatever.username.u.want (will change the pw)

firewall-cmd --zone=trusted --add-source=127.0.0.1 (put your IP obviously) - you need to have youre firewall setup correctly for this to work though
Alma Linux 9.3 | Version: 2.14-911a | SVN Version: 3815 | DB Schema Version: 1710 | Asterisk 18.18.1
www.dialer.one -:- 1-833-DIALER-1 -:- https://linktr.ee/CyburDial -:- WhatsApp: +19549477572 -:- Skype: live:carpenox_3
carpenox
 
Posts: 2230
Joined: Wed Apr 08, 2020 2:02 am
Location: Coral Springs, FL

Re: phpMyAdmin on ViciBox v.9.0+

Postby Zaraab » Wed Nov 04, 2020 8:06 am

Thanks genius
A VICIDIAL ENTHUSIAST
OS BASED LEARNING : CentOS - openSUSE
INSTALLATION METHODS : MOSTLY SCRATCH & STD INSTALLATION WITH .ISO
HELP - BELIEVE - INNOVATE
Zaraab
 
Posts: 151
Joined: Fri May 22, 2020 1:21 pm

Re: phpMyAdmin on ViciBox v.9.0+

Postby carpenox » Sat Oct 02, 2021 8:54 pm

Kumba, whats the deal with phpMyAdmin on v10?
Alma Linux 9.3 | Version: 2.14-911a | SVN Version: 3815 | DB Schema Version: 1710 | Asterisk 18.18.1
www.dialer.one -:- 1-833-DIALER-1 -:- https://linktr.ee/CyburDial -:- WhatsApp: +19549477572 -:- Skype: live:carpenox_3
carpenox
 
Posts: 2230
Joined: Wed Apr 08, 2020 2:02 am
Location: Coral Springs, FL

Re: phpMyAdmin on ViciBox v.9.0+

Postby alo » Sun Oct 03, 2021 4:45 pm

I wouldn't ever use phpMyAdmin, so its not a concern for me.
alo
 
Posts: 187
Joined: Wed Jun 20, 2012 10:21 am

Re: phpMyAdmin on ViciBox v.9.0+

Postby carpenox » Sun Oct 03, 2021 7:08 pm

i had to uninstall the one it came with and do it via zypper to get it working so i was just curious, i had specific tables i had to export for a client and phpmyadmin makes it nice n easy, plus i keep it secure with htpasswd
Alma Linux 9.3 | Version: 2.14-911a | SVN Version: 3815 | DB Schema Version: 1710 | Asterisk 18.18.1
www.dialer.one -:- 1-833-DIALER-1 -:- https://linktr.ee/CyburDial -:- WhatsApp: +19549477572 -:- Skype: live:carpenox_3
carpenox
 
Posts: 2230
Joined: Wed Apr 08, 2020 2:02 am
Location: Coral Springs, FL


Return to ViciBox Server Install and Demo

Who is online

Users browsing this forum: No registered users and 38 guests