Dear,
I’m new here and it’s my first time I use hestia very nice cp, non I want secure “phpmyadmin”, my target is block load phpmyadmin from https://www.example.com/phpmyadmin.
Is there easy way?
Best reagrds
G.
Dear,
I’m new here and it’s my first time I use hestia very nice cp, non I want secure “phpmyadmin”, my target is block load phpmyadmin from https://www.example.com/phpmyadmin.
Is there easy way?
Best reagrds
G.
You can edit /etc/apache2/conf.d/phpmyadmin.inc and add Apache Basic Auth to it.
For example, find this line:
<Directory /usr/share/phpmyadmin>
Options FollowSymLinks
And insert lines like this, changing the location of AuthUserFile accordingly
<Directory /usr/share/phpmyadmin>
AuthType Basic
AuthName Private
Require valid-user
AuthUserFile /etc/apache2/phpmyadmin.passwd
Options FollowSymLinks
One problem is that the file sometimes gets overwritten, so you have to monitor that and reinsert if it disappears.
Oh, yes, and generate the password file with htpasswd:
htpasswd -c /etc/apache2/phpmyadmin.passwd username
You can add several user/password combinations to the same file
Or just remove that file to prevent phpmyadmin loading .
Or remove it from any template that you don’t want…
For Hestiacp.com I have created “nophpmyadmin” that doesn’t load the template…
#=======================================================================#
# Default Web Domain Template #
# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS #
#=======================================================================#
<VirtualHost %ip%:%web_port%>
ServerName %domain_idn%
%alias_string%
ServerAdmin %email%
DocumentRoot %docroot%
ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
Alias /vstats/ %home%/%user%/web/%domain%/stats/
Alias /error/ %home%/%user%/web/%domain%/document_errors/
#SuexecUserGroup %user% %group%
CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
CustomLog /var/log/%web_system%/domains/%domain%.log combined
ErrorLog /var/log/%web_system%/domains/%domain%.error.log
IncludeOptional %home%/%user%/conf/web/%domain%/apache2.forcessl.conf*
<Directory %home%/%user%/web/%domain%/stats>
AllowOverride All
</Directory>
<Directory %sdocroot%>
AllowOverride All
Options +Includes -Indexes +ExecCGI
</Directory>
<FilesMatch \.php$>
SetHandler "proxy:%backend_lsnr%|fcgi://localhost"
</FilesMatch>
SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
IncludeOptional %home%/%user%/conf/web/%domain%/%web_system%.conf_*
</VirtualHost>
Hi All,
thank you for reply and help. I’m using “ScIT” solution and rename /etc/apache2/conf.d/phpmyadmin.inc
for me is easy solution, but I understand other solutions maybe better ex. I want load phpmyadmin only from my network.
Thank you again.
Best regards
G.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.