phpMyAdmin is an free web software to work with MySQL on the web—it provides a convenient visual front end to the MySQL capabilities. Many website administrator have set up phpmyadmin to manage the mysql database.
However, by default, anyone can get access to your phpmyadmin through the url <your_hostname>/phpmyadmin. It is necessary to restrict the access to phpmyadmin to protect your website.
This post describes three ways to protect your phpmyadmin.
- change the url of your phpmyadmin into a private name using the alias method.
- Protect your phpmyadmin by allowing visit from known IP address
- Protect your phpmyadmin by using ssh tunnel ( this is much safer)