Security issue on PhpMyadmin
First unread post • 1 post • Page 1 of 1
Security issue on PhpMyadmin
by admin » Fri Mar 09, 2012 6:37 pm
Recently we have found that the phpmyadmin version installed by Artica (if you have ordered to install PhpMyAdmin) have a security hole.
When you install PhpMyadmin with Artica, it create a symbolic folder that allows you to access to phpmyadmin by typing https://yourserver:9000/mysql
If your server is installed directly on Internet we strongly suggest you to upgrade your Artica version to 1.6.030919 or above.
This version allows you to enforce security by define only IP addresses that are allowed to access to the phpmyadmin area.
After upgrading your Artica version, click on the "Mysql items" on the left pan.
You will find a new item called "Protect the phpmyadmin application", click on it
A new popup display IP addresses that will be allowed tu use the phpmyadmin section.
If the table is empty, everyone is allowed to open the PhpMyAdmin console.
Click on New Item in order to add a new IP address ad define IP adresses that you using (your public router IP address for example).
You can set 10.10 or 10.10.10 or 10.10.10.1 for example.
Click on Restart Web console in order to restart the Web service and make rules in production mode.
When you install PhpMyadmin with Artica, it create a symbolic folder that allows you to access to phpmyadmin by typing https://yourserver:9000/mysql
If your server is installed directly on Internet we strongly suggest you to upgrade your Artica version to 1.6.030919 or above.
This version allows you to enforce security by define only IP addresses that are allowed to access to the phpmyadmin area.
After upgrading your Artica version, click on the "Mysql items" on the left pan.
- 09-03-2012 19-25-37.png (117.32 KiB) Viewed 373 times
You will find a new item called "Protect the phpmyadmin application", click on it
- 09-03-2012 19-27-23.png (166.58 KiB) Viewed 373 times
A new popup display IP addresses that will be allowed tu use the phpmyadmin section.
If the table is empty, everyone is allowed to open the PhpMyAdmin console.
Click on New Item in order to add a new IP address ad define IP adresses that you using (your public router IP address for example).
You can set 10.10 or 10.10.10 or 10.10.10.1 for example.
- 09-03-2012 19-28-27.png (50.92 KiB) Viewed 373 times
Click on Restart Web console in order to restart the Web service and make rules in production mode.
- 09-03-2012 19-29-42.png (15.83 KiB) Viewed 373 times
Materials:
- Youtube videos: http://www.youtube.com/user/articaproject?feature=guide
Mail Docs: http://mail-appliance.org
Proxy Docs: http://proxy-appliance.org
NAS Docs: http://nas-appliance.org
-
admin - Site Admin
- Posts: 11288
- Joined: Wed Oct 17, 2007 7:59 am
- Location: France
1 post • Page 1 of 1
Who is online
Users browsing this forum: No registered users and 2 guests