Would you like to restrict PHPMyAdmin from being accessible to the whole world?

Firstly you need to SSH into your box if you are not on the local machine where PHPMyAdmin is installed along with Apache.

cd /etc/phpmyadmin/
vi apache.conf

You will need to look for the following text “<Directory /usr/share/phpmyadmin>” and add in the below code:

Remember that you need to press “i” in order to start editting text if using VI.

AllowOverride All
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
Allow from xxx.xxx.xxx.xxx

Obviously you will need to replace your IP Address where the xxx.xxx.xxx.xxx is.
If you don’t know what you IP Address is then you can get it here.

So the <Directory /> block should look something like this:

<Directory /usr/share/phpmyadmin>
Options FollowSymLinks
DirectoryIndex index.php
<IfModule mod_php5.c>
AddType application/x-httpd-php .php
php_flag magic_quotes_gpc Off
php_flag track_vars On
php_flag register_globals Off
php_value include_path .
</IfModule>

AllowOverride All
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
Allow from xxx.xxx.xxx.xxx

</Directory>

Now you need to save your changes, to do this press ESC and then type “: x” (without quotes or a space inbetween) and hit ENTER. You should now be back at a command prompt.

Once you have completed this you will need to restart the apache webserver, you can do this as follows.

sudo /etc/init.d/apache2 restart

You have now restricted public access to your PHPMyAdmin install and you can feel safe again 🙂