9
Well, my question is this::
phpMyAdmin has some bruteforce security in the password? That is, at the end of x attempts, the IP gets locked or something like that?
Thank you.
3 answers
13
According to phpMyAdmin documentation here, it is recommended to use logs for controlling access attempts since there is nothing official to "bypass" a brute force attack. This means you need to use apache with access handling settings.
If you use phpmyadmin at a public address I recommend "unusual" directory names, avoiding for example: site/phpmyadmin or site/pma which already somewhat diminishes the enumeration against the system.
-
4
I agree with Turq. If you can, the best thing is not to leave phpMyAdmin public. Devs and administrators should access the internal network with a VNP or something like that. On log control I would recommend the Fail2ban
2
Friend, I wouldn’t recommend leaving Phpmyadmin on the Web. It is a tool with many vulnerabilities and not only Rute force, which can put your applications at risk. I searched for the vulnerabilities that the tool has on the CVE Details site, and found 223 vulnerabilities available. There are ways to free Phpmyadmin only for your IP, or to leave it on the server in idle mode, and you can only turn it on when you use it. I hope I’ve helped!
1
One option is to use fail2ban to block certain access patterns.
Having fail2ban installed, the configuration is more or less like this, it may vary depending on your server:
/etc/apache2/conf. d/phpmyadmin.conf:
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %{userID}n %{userStatus}n" pma_combined
CustomLog /var/log/apache2/phpmyadmin_access.log pma_combined
Filter of the fail2ban:
/etc/fail2ban/filter. d/phpmyadmin.conf
[Definition]
denied = mysql-denied|allow-denied|root-denied|empty-denied
failregex = ^<HOST> -.*(?:%(denied)s)$
ignoreregex =
Add a Jail:
/etc/fail2ban/Jail.local
[phpmyadmin]
enabled = true
port = http,https
filter = phpmyadmin
logpath = /var/log/apache2/phpmyadmin_access.log
And to order restart apache and fail2ban:
service apache2 reload
service fail2ban reload
Browser other questions tagged phpmyadmin
You are not signed in. Login or sign up in order to post.
I recommend limiting Phpmyadmin to access some secret Ips + url, and this does not guarantee much, besides that phpmyadmin is a bad tool (in my view), and very heavy. There are better tools and Desktop.
– Guilherme Nascimento
In other words, the simplest solution is to take out phpmyadmin, there already solves several problems at once ;)
– Bacco
Yeah, I’ve been thinking, and maybe the best thing is to get access to the comic book through Navicat, or some program like that. It’s a risk I’m taking unnecessarily.
– Gonçalo