Once phpMyAdmin is installed, it's best to deny access to the /phpmyadmin path from the internet as many automated scripts will be scanning your web server for potential routes into your system. I've seen this activity hitting my servers as soon as they are publicly available.
Lock down phpMyAdmin connections to allow from 127.0.0.1 only - we will use an SSH tunnel to connect.
- Type the following command to edit the phpmyadmin apache configuration
- sudo nano /etc/phpmyadmin/apache.conf
- Enter the following in the <directory> configuration
- Order Allow,Deny
- Allow from 127.0.0.1
- ..then save and exit
- Restart Apache
- sudo /etc/init.d/apache2 restart
Configure PuTTY to make an SSH tunnel when you make a connection to your server.
- Browse to 'Connection' -> 'SSH' -> 'Tunnels'
- Add 8080 as the source port and 'localhost:80' as the destination
- Click 'Add'
- This tunnel will be created the next time you connect to the server (click 'Open' now if you want)
Browser URL for accessing phpMyAdmin via the SSH tunnel
- You can now access phpMyAdmin at http://127.0.0.1:8080/phpmyadmin/