how to secure phpmyadmin access through .htaccess

Question

Usually, we are getting access to phpmyadmin http://localhost/phpmyadmin and we are pass user name and password.

 1.localhost/phpmyadmin/

for cloud: 2.125.125.14.12/phpmyadmin

so its easy to hacker to crack it. How we can secure phpmyadmin by using .htaccess file?

Note: its for ubuntu

Answer 1

I am assuming that you have installed mysql.

1. Install phpmyadmin:

   sudo apt-get install phpmyadmin
   

2. Copy:

   sudo cp /etc/phpmyadmin/apache.conf /etc/apache2/conf-enabled/phpmyadmin.conf
   

3. Edit:

   sudo nano /etc/apache2/conf-enabled/phpmyadmin.conf
   

   enter following line just after "DirectoryIndex index.php":

   AllowOverride All
   

4. Edit .htaccess

   sudo nano /usr/share/phpmyadmin/.htaccess
   

   Enter following content:

   AuthType Basic
   Authname "Restricted files"
   AuthUserFile /etc/phpmyadmin/.htpasswd
   Require valid-user
   

5. sudo apt-get install apache2-utils

6. sudo htpasswd -c /etc/phpmyadmin/.htpasswd username

7. Enter new password

8. Restart apache

   sudo service apache2 restart
   

Answer 2

Use the order way, ie:

<Directory "/path/to/phpmyadmin">
    order deny,allow
    deny from all
    allow from 127.0.0.1
</Directory>