-2

What do I need to do in order to restrict the access to my wamp server to certain ip addresses.

Just imagine that the my ip address is the ip address that I only want to have access I tried to edit the .htaccess 

# This folder does not require access over HTTP
# (the following directive denies access by default)
Order allow,deny
Allow from 112.203.229.44

and the phpmyadmin.conf:

Alias /phpmyadmin "E:/wamp/apps/phpmyadmin3.2.0.1/" 

# to give access to phpmyadmin from outside 
# replace the lines
#
#        Order Deny,Allow
#   Deny from all
#   Allow from my ip address
#
# by
#
#        Order Allow,Deny 
#   Allow from my ip address
#

<Directory "E:/wamp/apps/phpmyadmin3.2.0.1/">
    Options Indexes FollowSymLinks MultiViews
    AllowOverride all
        Order Deny,Allow
    Deny from all
    Allow from my ip address
</Directory>
Pierre.Vriens
  • 1,159
  • 34
  • 15
  • 19
user28233
  • 125
  • 1
  • 3
  • 12

3 Answers3

1

You don't need the .htaccess file as you have access to the phpmyadmin.conf file.

If you change the phpmyadmin.conf to Allow from my.ip.address then you have denied access from 127.0.0.1 which is the address you are probably accessing the server from.

To acccess /phpmyadmin via the Allowed my.ip.address you need to use http://my.ip.address/phpmyadmin and not http://localhost/phpmyadmin

user9517
  • 114,104
  • 20
  • 206
  • 289
0

Depends on the specifics of your environment, and what resources you have available.

If this is a public facing web server, you should look at locking down access at a lower level than the scripting engine, or the Apache server - i.e. some sort of firewall. That could be a firewall running on the OS, or between the server and the internet.

If the server is not available from the public internet, then you are probably good with Iain's suggestion.

If this was a *nix box, I'd set up iptables to restrict access to everything, then open up specific ports to specific IP addresses/subnets as required. You can then layer further security on top of that - but if you want to restrict on IP address, IMO the best place to do it is at the point the traffic hits the server, not the HTTP service.

dunxd
  • 9,482
  • 21
  • 80
  • 117
0

I'm a user form Malaysia, sorry if my English not very well... To use an IP address without using localhost IP, you must add new user.

Using this method:

Open your PhpMyAdmin, and login as username: root; password: yourpassword, then, at your phpmyadmin interface, choose "Privilege tab", and click "Add a new User".

At the "have a 5 row" to fill that form. Like this:

User name:
Host:
Password:
Re-Type:
Generate Password:

Fill that like this:

User name: anyusername
Host:198.162.0.12 (this ip for example)
Password: anypassword
Re-Type: retypeanypassword
Generate Password:.....

Then choose the Global privilege, and then click "go". Try that host (the row named "host"), that's it.

I just tried that and it worked.

slm
  • 7,355
  • 16
  • 54
  • 72
UserFromMalaysia
  • 1