Well, my question, is this:
Does phpMyAdmin have any security against bruteforce in the password? That is, at the end of x attempts, the IP gets blocked or something like that?
Thank you.
phpMyAdmin is secure against bruteforce?
9
asked by anonymous 09.02.2017 / 01:27
3 answers
13
2
Friend, I would not recommend leaving PHPMyAdmin exposed on the Web. It is a tool with many vulnerabilities and not only brute force, which can put your applications at risk. I looked for the vulnerabilities that the tool had on the CVE Details site, and found 223 vulnerabilities available. There are ways to only release PHPMyAdmin for your IP, or leave it on the server in idle mode, and you can only turn it on when you use it. I hope I have helped!
16.02.2017 / 16:05
1
One option is to use fail2ban to block certain access patterns.
With fail2ban installed, the configuration is more or less so, it may vary depending on your server:
/etc/apache2/conf.d/phpmyadmin.conf:
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %{userID}n %{userStatus}n" pma_combined
CustomLog /var/log/apache2/phpmyadmin_access.log pma_combined
fail2ban filter:
/etc/fail2ban/filter.d/phpmyadmin.conf
[Definition]
denied = mysql-denied|allow-denied|root-denied|empty-denied
failregex = ^<HOST> -.*(?:%(denied)s)$
ignoreregex =
Add a jail:
/etc/fail2ban/jail.local
[phpmyadmin]
enabled = true
port = http,https
filter = phpmyadmin
logpath = /var/log/apache2/phpmyadmin_access.log
And to end apache and fail2ban restart:
service apache2 reload
service fail2ban reload
Source: link
15.02.2017 / 19:04