This is an old revision of the document!
phpMyAdmin
Configuration
Setup a new user for PMA:
mysql -e "CREATE USER 'pma'@'localhost' IDENTIFIED BY '';" mysql -e "GRANT ALL PRIVILEGES ON *.* TO pma@localhost WITH GRANT OPTION;"
To setup a configuration that uses the config file for authentication, and ignores the mysql and information_schema tables, here is what to add to config.inc.php
:
$cfg['Servers'][$i]['auth_type'] = 'config'; $cfg['Servers'][$i]['user'] = 'pma'; $cfg['Servers'][$i]['password'] = ''; $cfg['Servers'][$i]['hide_db'] = '^(mysql|information_schema|performance_schema)$'; # $cfg['Servers'][$i]['only_db'] = array('');
Disable version check, which runs over http and breaks the https seal:
$cfg['VersionCheck'] = false;
Lastly, here is the configuration to add to Apache so that it is accessible only to Digital Trike LAN. This can be placed anywhere in the httpd configuration.
Alias /mysql "/var/www/pma" <Directory "/var/www/pma"> AllowOverride None Options None DirectoryIndex index.php Order deny,allow Deny from all Allow from 173.165.130.129 </Directory>
Apache
Here's a sample htaccess file that would apply:
Order deny,allow Deny from all Allow from 192.168.12. # openvpn Allow from 10.117.209. RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} RewriteCond %{HTTP_HOST} !^pma\.digitaltrike\.com$ [NC] <br> RewriteRule .? https://pma.digitaltrike.com [R=301,L] # deny all .htaccess, .DS_Store, .git and ._* (resource fork) files <Files ~ "^(\.|~)([git]|[Hh][Tt]|[Dd][Ss]_[Ss]|[_])"> Order allow,deny Deny from all Satisfy All </Files> AuthName "Super Seekrit Access" AuthType Basic AuthUserFile /var/www/htpasswd/pma Require valid-user