httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jim Albert <...@netrition.com>
Subject Re: [users@httpd] phpmyadmin auth
Date Tue, 09 Jul 2013 21:46:43 GMT
On 7/9/2013 5:21 PM, Jerry K wrote:
> configure a local VPN, and only allow access from the VPN IP range is
> one possible "Plan B".
>
> Reviewing my own log files, its amazing how many malware hits there are
> for this particular software product.
>
> What ever you do, be as safe/secure as you can.
>
> Good Luck
>
> Jerry
Agreed; the default phpmyadmin aliases are a very common attack point. 
VPN/private address space would absolutely be the best solution, but if 
that's not possible then on top of htpasswd authentication with strong 
passwords, some "security through obscurity" in changing the alias is 
probably not a bad idea to keep out the bot attacks.

Jim



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message