Security issue on PhpMyadmin

Some questions about managing server and products with artica.... Ask here...
First unread post • 1 post • Page 1 of 1

Security issue on PhpMyadmin

New postby admin » Fri Mar 09, 2012 6:37 pm

Recently we have found that the phpmyadmin version installed by Artica (if you have ordered to install PhpMyAdmin) have a security hole.
When you install PhpMyadmin with Artica, it create a symbolic folder that allows you to access to phpmyadmin by typing https://yourserver:9000/mysql

If your server is installed directly on Internet we strongly suggest you to upgrade your Artica version to 1.6.030919 or above.

This version allows you to enforce security by define only IP addresses that are allowed to access to the phpmyadmin area.

After upgrading your Artica version, click on the "Mysql items" on the left pan.
09-03-2012 19-25-37.png
09-03-2012 19-25-37.png (117.32 KiB) Viewed 6019 times


You will find a new item called "Protect the phpmyadmin application", click on it
09-03-2012 19-27-23.png
09-03-2012 19-27-23.png (166.58 KiB) Viewed 6019 times


A new popup display IP addresses that will be allowed tu use the phpmyadmin section.
If the table is empty, everyone is allowed to open the PhpMyAdmin console.
Click on New Item in order to add a new IP address ad define IP adresses that you using (your public router IP address for example).
You can set 10.10 or 10.10.10 or 10.10.10.1 for example.
09-03-2012 19-28-27.png
09-03-2012 19-28-27.png (50.92 KiB) Viewed 6019 times


Click on Restart Web console in order to restart the Web service and make rules in production mode.
09-03-2012 19-29-42.png
09-03-2012 19-29-42.png (15.83 KiB) Viewed 6019 times
User avatar
admin
Site Admin
 
Posts: 11702
Joined: Wed Oct 17, 2007 7:59 am
Location: France

1 post • Page 1 of 1

Return to Management console

Who is online

Users browsing this forum: No registered users and 2 guests

cron