From 8aa2f3e16293c2db1e39c9d1b18637baa3f4a3a4 Mon Sep 17 00:00:00 2001 From: Bachir Soussi Chiadmi Date: Fri, 16 Sep 2016 16:36:17 +0200 Subject: [PATCH] secured phpmyadmin with htaccess/htpasswd --- assets/phpmyadmin_htaccess | 4 ++++ install-debian-server.sh | 10 ++++++++++ 2 files changed, 14 insertions(+) create mode 100644 assets/phpmyadmin_htaccess diff --git a/assets/phpmyadmin_htaccess b/assets/phpmyadmin_htaccess new file mode 100644 index 0000000..689e97d --- /dev/null +++ b/assets/phpmyadmin_htaccess @@ -0,0 +1,4 @@ +AuthType Basic +AuthName "Restricted Files" +AuthUserFile /etc/phpmyadmin/.htpasswd +Require valid-user diff --git a/install-debian-server.sh b/install-debian-server.sh index 1a6e00a..cf5eb08 100755 --- a/install-debian-server.sh +++ b/install-debian-server.sh @@ -274,6 +274,13 @@ echo "\033[35;1mInstalling phpMyAdmin \033[0m" apt-get install phpmyadmin # echo "include /etc/phpmyadmin/apache.conf" >> /etc/apache2/apache2.conf ln -s /etc/phpmyadmin/apache.conf /etc/apache2/conf.d/phpmyadmin.conf +echo "\033[35;1msecuring phpMyAdmin \033[0m" +sed -i "s/DirectoryIndex index.php/DirectoryIndex index.php\nAllowOverride all/" +cp "$_cwd"/assets/phpmyadmin_htaccess > /usr/share/phpmyadmin/.htaccess +echo -n "define a user name for phpmyadmin : " +read un +htpasswd -c /etc/phpmyadmin/.htpasswd $un +service apache2 restart echo "\033[92;1mphpMyAdmin installed\033[Om" echo "\033[92;1mYou can access it at yourip/phpmyadmin\033[Om" @@ -425,6 +432,9 @@ echo "\033[92;1mDot files installed for root, you should installed them manually # TODO add warning message on ssh connection if system needs updates +# TODO install and configure tmux + + echo '\033[35m __ ___ ____ ____/ /