PHPMyAdmin – MySQL administration page

The main admin page for mysql is phpmyadmin. it is secured through a local firewall of sorts in the form of the phpmyadmin.conf file. there are explicit “allow” and “deny” statements for IPs here. I was a firewall guy for many years and this is actually a great security method. Nice and simple. KISS!

Anyway, because of some limitations in Drupal regarding aggregated news items, I need to have access to the sql db itself. I could do this via sql statements from the command line, but for what I need to do I need to see the tables and prefer a nice GUI. And PHPMyAdmin is a pretty nice GUI. Since I have my Drupal servers, (S, Q and Prod) secured via SSL, there is no issue with changing the security from deny to allow for any host other than localhost.

<Directory /usr/share/phpMyAdmin/>
<IfModule mod_authz_core.c>
# Apache 2.4
Require ip
Require ip ::1
<IfModule !mod_authz_core.c>
# Apache 2.2
Order Deny,Allow
# Deny from All
Allow from All
Allow from
Allow from ::1

this reflects the change that I made. Look at the # in front of the deny statement and the addition of the allow all statement. that’s all you need. BUT, make sure to have ssl enabled to protect your mysql password.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: