{"id":1566,"date":"2024-01-17T06:32:49","date_gmt":"2024-01-17T06:32:49","guid":{"rendered":"https:\/\/www.devopsfreelancer.com\/blog\/?p=1566"},"modified":"2024-01-17T06:32:52","modified_gmt":"2024-01-17T06:32:52","slug":"how-to-protect-and-secure-phpmyadmin-in-production-server","status":"publish","type":"post","link":"https:\/\/www.devopsfreelancer.com\/blog\/how-to-protect-and-secure-phpmyadmin-in-production-server\/","title":{"rendered":"How to Protect and Secure PHPMyAdmin in Production Server?"},"content":{"rendered":"\n

1. Disable Root Login<\/h2>\n\n\n\n

Disabling root login is a good security practice as it reduces the risk of unauthorized access to your system. Here are general steps to disable root login on a Linux system:<\/p>\n\n\n\n

Benefits of Disable Root Login<\/h2>\n\n\n\n

1. Reduced Attack Surface:<\/strong><\/p>\n\n\n\n

    \n
  1. The root user possesses immense power within a system, making it a prime target for attackers. Disabling root login eliminates this high-value target, forcing attackers to compromise a regular user account first, significantly raising the difficulty of a successful breach.<\/li>\n<\/ol>\n\n\n\n

    How to Disable Root Login ?<\/h2>\n\n\n\n
    Sample mysql commands:\nmysql\nwhich mysql\nmysql -u root -p\nshow databases;\ncreate user 'user_name'@'localhost' identified by 'password';\nGRANT ALL PRIVILEGES ON * . * TO 'user_name'@'localhost';\nFLUSH PRIVILEGES;\nSHOW GRANTS user_name;\ncreate database database_name;<\/code><\/pre>\n\n\n\n
    \"\"<\/figure>\n\n\n\n
    \"\"<\/figure>\n\n\n\n
    2. Use Fail2ban to Secure Your Server<\/h2>\n\n\n\n
    What is fail2ban ?<\/h2>\n\n\n\n
    Fail2Ban is like a bouncer for your server. It\u2019s a security tool that helps protect your system from brute-force attacks by monitoring log files for malicious activity. When it detects multiple failed login attempts or other suspicious behavior from an IP address, it dynamically updates firewall rules to block that address and prevent further access.<\/p>\n\n\n\n
    \"\"<\/figure>\n\n\n\n
    Security thread using of fail2ban<\/strong><\/h2>\n\n\n\n
    Fail2ban is a powerful tool that can be used to protect Linux servers from a variety of attacks. Here are some of the benefits of using Fail2ban:<\/p>\n\n\n\n
      \n
    1. Improved security:<\/strong> Fail2ban can help to improve the security of your Linux server by blocking malicious IP addresses. This can help to protect your server from brute-force login attempts, denial-of-service (DoS) attacks, and port scans.<\/li>\n\n\n\n
    2. Reduced load on your server:<\/strong> Fail2ban can help to reduce the load on your server by blocking malicious traffic. This can improve the performance of your server and make it less vulnerable to attack.<\/li>\n\n\n\n
    3. Compliance:<\/strong> Fail2ban can help you to comply with a variety of security regulations, such as PCI DSS and HIPAA.<\/li>\n\n\n\n
    4. Easy to use:<\/strong> Fail2ban is a relatively easy to use tool. It can be installed and configured with a few simple commands.<\/li>\n\n\n\n
    5. Flexible:<\/strong> Fail2ban is a flexible tool. It can be configured to meet the specific needs of your server.<\/li>\n<\/ol>\n\n\n\n
      Insallation process<\/strong><\/h3>\n\n\n\n
      sudo apt-get install fail2ban<\/code><\/pre>\n\n\n\n
      \"\"<\/figure>\n\n\n\n
      2nd step go to below path<\/strong> and add below code<\/h2>\n\n\n\n
      cd \/etc\/fail2ban<\/code><\/pre>\n\n\n\n
      [sshd]\nenabled = true\nport = ssh\nfilter = sshd\nlogpath = \/var\/log\/auth.log\nmaxretry = 3\nfindtime = 300\nbantime = 86400\nignoreip = 127.0.0.1<\/code><\/pre>\n\n\n\n
      \"\"<\/figure>\n\n\n\n
      After adding save and exit.<\/strong><\/h2>\n\n\n\n
      Restart the server<\/p>\n\n\n\n
      sudo systemctl restart fail2ban<\/code><\/pre>\n\n\n\n
      \"\"<\/figure>\n\n\n\n
      Once Fail2ban is enabled and running, it will start monitoring the SSH service for malicious activity. If Fail2ban detects malicious activity, it will ban the IP address that is responsible for the activity.<\/p>\n\n\n\n
      3. Limit Access to MySQL Server.<\/strong><\/p>\n\n\n\n
      This is important security measure is to limit access to your MySQL server. By default, MySQL allows remote connections from any host, which can be a security risk. You should only allow connections from trusted hosts or IP addresses.<\/p>\n\n\n\n
      1. Create MySQL Users:<\/strong><\/h3>\n\n\n\n
        \n
      • Use the MySQL command-line tool or a MySQL client like phpMyAdmin to connect to your MySQL server.<\/li>\n<\/ul>\n\n\n\n
        mysql -u root -p<\/code><\/code><\/pre>\n\n\n\n
          \n
        • Create a new MySQL user with a strong password. Replace 'new_user'<\/code> and 'password'<\/code> with your chosen username and password.<\/li>\n<\/ul>\n\n\n\n
          CREATE USER 'new_user'@'localhost' IDENTIFIED BY 'password';<\/code><\/code><\/pre>\n\n\n\n
            \n
          • You can replace 'localhost'<\/code> with the specific IP address or hostname if you want to allow remote access for this user.<\/li>\n<\/ul>\n\n\n\n
            2. Grant Specific Privileges:<\/strong><\/h3>\n\n\n\n
              \n
            • Grant the user the minimum necessary privileges based on your application’s requirements. For example, if the user only needs to read from a specific database:<\/li>\n<\/ul>\n\n\n\n
              GRANT SELECT ON database_name.* TO 'new_user'@'localhost';<\/code><\/code><\/pre>\n\n\n\n
              3. File Permissions<\/strong><\/h2>\n\n\n\n
              File permissions control who can access, modify, or execute files and directories, ensuring data integrity and confidentiality. The chmod<\/code> command is used to change file permissions.<\/p>\n\n\n\n
              Symbolic Notation:<\/strong><\/p>\n\n\n\n
                \n
              • Using symbolic notation to set read, write, and execute permissions. For example, to give read and write permissions to the owner and read-only permission to others:<\/li>\n<\/ul>\n\n\n\n
                chmod u=rw,go=r filename\n<\/code><\/pre>\n\n\n\n
                Numeric Notation:<\/strong><\/p>\n\n\n\n
                Using numeric notation where each digit represents the permissions for the owner, group, and others. The values are calculated by adding the permissions:<\/p>\n\n\n\n
                Read (r) = 4\nWrite (w) = 2\nExecute (x) = 1<\/code><\/pre>\n\n\n\n
                  \n
                • This sets read, write, and execute permissions for the owner and read and execute permissions for others.<\/li>\n<\/ul>\n\n\n\n
                  chmod -R 755 directory\n<\/code><\/pre>\n\n\n\n
                  4. Monitor your MySQL server for suspicious activity<\/strong><\/h2>\n\n\n\n
                  Monitoring your MySQL server for suspicious activity is crucial for identifying potential security threats and taking timely actions to mitigate risks. Here are some steps and tools you can use to monitor MySQL for suspicious activity:<\/p>\n\n\n\n
                  1. MySQL General Query Log:<\/strong><\/h3>\n\n\n\n
                    \n
                  1. Enable the MySQL general query log to record all SQL statements received from clients. Be cautious, as this can generate a large log file:<\/li>\n<\/ol>\n\n\n\n
                    # Add the following to your my.cnf or my.ini file\n[mysqld]\ngeneral_log = 1\ngeneral_log_file = \/path\/to\/general.log<\/code><\/pre>\n\n\n\n
                    5. Securing Local and Remote Database Access<\/strong><\/h2>\n\n\n\n
                    1. Log in to MySQL:<\/strong><\/p>\n\n\n\n
                    mysql -u root -p<\/code><\/pre>\n\n\n\n
                    2. Set or Change Password:<\/strong><\/h3>\n\n\n\n
                    CREATE USER 'wizbrand_learning'@'localhost' IDENTIFIED BY '8789';\nGRANT ALL PRIVILEGES ON *.* TO 'wizbrand_learning'@'localhost';\nFLUSH PRIVILEGES;<\/code><\/pre>\n\n\n\n
                    Security thread if i ignore password for mysql<\/strong> ?<\/strong><\/h2>\n\n\n\n
                    Ignoring or neglecting to set a password for MySQL introduces significant security risks to your database and server. Here are some of the security threats and consequences associated with not having a password for your MySQL database:<\/p>\n\n\n\n
                      \n
                    1. Unauthorized Access:<\/strong>\n
                        \n
                      • Without a password, anyone with access to your server can connect to your MySQL database. This includes malicious actors who may attempt to exploit vulnerabilities or gain unauthorized access to your data.<\/li>\n<\/ul>\n<\/li>\n\n\n\n
                      • Data Breach:<\/strong>\n
                          \n
                        • Lack of authentication allows unauthorized users to read, modify, or delete your database data. This could lead to a data breach, exposing sensitive information and violating privacy regulations.<\/li>\n<\/ul>\n<\/li>\n\n\n\n
                        • Database Manipulation:<\/strong>\n
                            \n
                          • An attacker could modify or delete your database records, disrupting your application\u2019s functionality or causing data loss.<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n\n\n\n
                            6. Enable Network Security<\/strong><\/h2>\n\n\n\n
                            Restrict access to your MySQL server by allowing connections only from trusted IP addresses. Use firewall rules or the bind-address directive in your MySQL configuration file to limit access. Additionally, consider running your MySQL server on a non-default port to reduce the risk of automated attacks.<\/p>\n\n\n\n
                            To change the bind-address and port of the MySQL server, you need to edit the MySQL configuration file. The MySQL configuration file is typically located at<\/p>\n\n\n\n
                            \/etc\/mysql\/mysql.cnf<\/code><\/pre>\n\n\n\n
                            To edit the MySQL configuration file, use a text editor such as nano or vim. For example, to edit the MySQL configuration file using nano, run the following command:<\/p>\n\n\n\n
                            Example :-<\/p>\n\n\n\n
                            [mysqld]\nbind-address = 192.168.1.100\nport = 3307<\/code><\/pre>\n\n\n\n
                            7.  Secure Against Attackers<\/strong><\/h2>\n\n\n\n
                            To make a MySQL system secure, you should maintain the following suggestions :<\/p>\n\n\n\n
                              \n
                            • Require all MySQL accounts to have a password.<\/li>\n\n\n\n
                            • Make sure that the only Unix user account with read or write privileges in the database directories is the account that is used for running mysqld.<\/li>\n\n\n\n
                            • Never run the MySQL server as the Unix root user<\/li>\n\n\n\n
                            • Do not grant the FILE privilege to nonadministrative users<\/li>\n\n\n\n
                            • Do not permit the use of symlinks to tables.<\/li>\n\n\n\n
                            • Stored programs and views should be written using the security guidelines<\/li>\n\n\n\n
                            • If you do not trust your DNS, you should use IP addresses rather than hostnames in the grant tables.<\/li>\n\n\n\n
                            • If you want to restrict the number of connections permitted to a single account, you can do so by setting the max_user_connections variable in mysqld.<\/li>\n<\/ul>\n\n\n\n
                              8. Granting Privileges to User in MysQL<\/strong><\/h2>\n\n\n\n
                              There are multiple types of privileges that can be granted to a user account.<\/p>\n\n\n\n
                              Example :-<\/p>\n\n\n\n
                              Grant All Privileges on a Specific Database:<\/strong><\/h3>\n\n\n\n
                              Suppose you want to grant all privileges to a user named your_user<\/code> on a database named your_database<\/code>. The syntax for granting all privileges on a specific database is as follows:<\/p>\n\n\n\n
                              GRANT ALL PRIVILEGES ON your_database.* TO 'your_user'@'localhost' IDENTIFIED BY 'your_password';\n<\/code><\/pre>\n\n\n\n
                              Grant All Privileges on All Databases:<\/h3>\n\n\n\n
                              If you want to grant all privileges to a user on all databases, you can use the wildcard *<\/code> for the database name:<\/p>\n\n\n\n
                              GRANT ALL PRIVILEGES ON *.* TO 'your_user'@'localhost' IDENTIFIED BY 'your_password';\n<\/code><\/pre>\n\n\n\n
                              Security thread if i ignore Privileges<\/strong><\/h2>\n\n\n\n
                              Ignoring privileges and not properly managing user privileges in MySQL can lead to significant security threats. Properly assigning and managing privileges is a crucial aspect of securing your MySQL database. Here are some security risks and considerations if you ignore privileges in MySQL:<\/p>\n\n\n\n
                                \n
                              1. Unauthorized Access:<\/strong>\n
                                  \n
                                • Ignoring privileges may result in granting overly broad access to users. This could lead to unauthorized users gaining access to sensitive data or making unintended modifications to the database.<\/li>\n<\/ul>\n<\/li>\n\n\n\n
                                • Data Exposure:<\/strong>\n
                                    \n
                                  • Users with excessive privileges may have access to confidential or sensitive information, leading to data exposure and potential breaches.<\/li>\n<\/ul>\n<\/li>\n\n\n\n
                                  • Data Manipulation:<\/strong>\n
                                      \n
                                    • Users with excessive privileges can modify or delete data, impacting the integrity of the database. This could result in data loss or unauthorized changes.<\/li>\n<\/ul>\n<\/li>\n\n\n\n
                                    • Security Principle Violation:<\/strong>\n
                                        \n
                                      • Ignoring the principle of least privilege violates a fundamental security principle. Users should only be given the minimum level of access necessary to perform their tasks.<\/li>\n<\/ul>\n<\/li>\n\n\n\n
                                      • SQL Injection Exploitation:<\/strong>\n
                                          \n
                                        • Without proper privilege management, SQL injection vulnerabilities become more severe. An attacker might exploit injection vulnerabilities to gain unauthorized access or manipulate data.<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n\n\n\n
                                          9.  Installing Apache and Updating the Firewall<\/h2>\n\n\n\n
                                          The Apache web server is among the most popular web servers in the world. It\u2019s well documented, has an active community of users, and has been in wide use for much of the history of the web, which makes it a great choice for hosting a website.<\/p>\n\n\n\n
                                          sudo apt update\nsudo apt install apache2\nsudo ufw app list<\/code><\/pre>\n\n\n\n
                                          \"\"<\/figure>\n\n\n\n
                                          Here\u2019s what each of these profiles mean:<\/p>\n\n\n\n
                                            \n
                                          • Apache<\/strong>: This profile opens only port 80<\/code> (normal, unencrypted web traffic).<\/li>\n\n\n\n
                                          • Apache Full<\/strong>: This profile opens both port 80<\/code> (normal, unencrypted web traffic) and port 443<\/code> (TLS\/SSL encrypted traffic).<\/li>\n\n\n\n
                                          • Apache Secure<\/strong>: This profile opens only port 443<\/code> (TLS\/SSL encrypted traffic).<\/li>\n<\/ul>\n\n\n\n
                                            For now, it\u2019s best to allow only connections on port 80<\/code>, since this is a fresh Apache installation and you don\u2019t yet have a TLS\/SSL certificate configured to allow for HTTPS traffic on your server.<\/p>\n\n\n\n
                                            sudo ufw allow in \"Apache\"<\/code><\/pre>\n\n\n\n
                                            \"\"<\/figure>\n\n\n\n
                                            sudo ufw status<\/code><\/pre>\n\n\n\n
                                            10. Create a Backup<\/h2>\n\n\n\n
                                            systemctl stop mysql<\/code><\/code><\/pre>\n\n\n\n
                                            Locate your database directory. It should be \/var\/lib\/mysql\/<\/code> on most systems but if that directory doesn\u2019t exist, examine \/etc\/mysql\/my.cnf<\/code> for a path to the data directory<\/p>\n\n\n\n
                                            Create a directory to store your backups. This guide will use \/opt\/db-backups<\/code> but you can alter this to suit your needs:<\/p>\n\n\n\n
                                            mkdir \/opt\/db-backups\n<\/code><\/pre>\n\n\n\n
                                            Copy MySQL\u2019s data directory to a storage location. The cp<\/code> command, rsync<\/code>, or other methods will work fine, but we\u2019ll use tar<\/code> to recursively copy and gzip the backup at one time. Change the database directory, backup filename, and target directory as needed; the -$(date +%F)<\/code> addition to the command will insert a timestamp into the filename.<\/p>\n\n\n\n
                                            tar cfvz \/opt\/db-backups\/db-$(date +%F).tar.gz \/var\/lib\/mysql\/*<\/code><\/code><\/pre>\n\n\n\n
                                            \"\"<\/figure>\n\n\n\n
                                            Let’s check the bacup is done or not.<\/h2>\n\n\n\n
                                            \"\"<\/figure>\n\n\n\n
                                            \"\"<\/figure>\n\n\n\n
                                            Thanks for learning… <\/p>\n","protected":false},"excerpt":{"rendered":"
                                            1. Disable Root Login Disabling root login is a good security practice as it reduces the risk of unauthorized access to your system. Here are general steps… <\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[27],"tags":[28,632,500,518],"class_list":["post-1566","post","type-post","status-publish","format-standard","hentry","category-linux","tag-linux","tag-linux-performance","tag-linux-security","tag-mysql-security"],"yoast_head":"\nHow to Protect and Secure PHPMyAdmin in Production Server? - DevOps Freelancer<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.devopsfreelancer.com\/blog\/how-to-protect-and-secure-phpmyadmin-in-production-server\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to Protect and Secure PHPMyAdmin in Production Server? - DevOps Freelancer\" \/>\n<meta property=\"og:description\" content=\"1. Disable Root Login Disabling root login is a good security practice as it reduces the risk of unauthorized access to your system. Here are general steps...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.devopsfreelancer.com\/blog\/how-to-protect-and-secure-phpmyadmin-in-production-server\/\" \/>\n<meta property=\"og:site_name\" content=\"DevOps Freelancer\" \/>\n<meta property=\"article:author\" content=\"https:\/\/www.facebook.com\/amitsthakurs\/\" \/>\n<meta property=\"article:published_time\" content=\"2024-01-17T06:32:49+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-01-17T06:32:52+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.devopsfreelancer.com\/blog\/wp-content\/uploads\/2024\/01\/image-9.png\" \/>\n<meta name=\"author\" content=\"Amit Kumar\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/twitter.com\/amits_thakurs\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Amit Kumar\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"10 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.devopsfreelancer.com\\\/blog\\\/how-to-protect-and-secure-phpmyadmin-in-production-server\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.devopsfreelancer.com\\\/blog\\\/how-to-protect-and-secure-phpmyadmin-in-production-server\\\/\"},\"author\":{\"name\":\"Amit Kumar\",\"@id\":\"https:\\\/\\\/www.devopsfreelancer.com\\\/blog\\\/#\\\/schema\\\/person\\\/22ed4bd82dc04200a2ca541b3e35fc5b\"},\"headline\":\"How to Protect and Secure PHPMyAdmin in Production Server?\",\"datePublished\":\"2024-01-17T06:32:49+00:00\",\"dateModified\":\"2024-01-17T06:32:52+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.devopsfreelancer.com\\\/blog\\\/how-to-protect-and-secure-phpmyadmin-in-production-server\\\/\"},\"wordCount\":1639,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/www.devopsfreelancer.com\\\/blog\\\/how-to-protect-and-secure-phpmyadmin-in-production-server\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.devopsfreelancer.com\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/01\\\/image-9.png\",\"keywords\":[\"linux\",\"linux-performance\",\"linux-security\",\"mysql-security\"],\"articleSection\":[\"linux\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.devopsfreelancer.com\\\/blog\\\/how-to-protect-and-secure-phpmyadmin-in-production-server\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.devopsfreelancer.com\\\/blog\\\/how-to-protect-and-secure-phpmyadmin-in-production-server\\\/\",\"url\":\"https:\\\/\\\/www.devopsfreelancer.com\\\/blog\\\/how-to-protect-and-secure-phpmyadmin-in-production-server\\\/\",\"name\":\"How to Protect and Secure PHPMyAdmin in Production Server? - DevOps Freelancer\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.devopsfreelancer.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.devopsfreelancer.com\\\/blog\\\/how-to-protect-and-secure-phpmyadmin-in-production-server\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.devopsfreelancer.com\\\/blog\\\/how-to-protect-and-secure-phpmyadmin-in-production-server\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.devopsfreelancer.com\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/01\\\/image-9.png\",\"datePublished\":\"2024-01-17T06:32:49+00:00\",\"dateModified\":\"2024-01-17T06:32:52+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.devopsfreelancer.com\\\/blog\\\/#\\\/schema\\\/person\\\/22ed4bd82dc04200a2ca541b3e35fc5b\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.devopsfreelancer.com\\\/blog\\\/how-to-protect-and-secure-phpmyadmin-in-production-server\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.devopsfreelancer.com\\\/blog\\\/how-to-protect-and-secure-phpmyadmin-in-production-server\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.devopsfreelancer.com\\\/blog\\\/how-to-protect-and-secure-phpmyadmin-in-production-server\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.devopsfreelancer.com\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/01\\\/image-9.png\",\"contentUrl\":\"https:\\\/\\\/www.devopsfreelancer.com\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/01\\\/image-9.png\",\"width\":727,\"height\":352},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.devopsfreelancer.com\\\/blog\\\/how-to-protect-and-secure-phpmyadmin-in-production-server\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.devopsfreelancer.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How to Protect and Secure PHPMyAdmin in Production Server?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.devopsfreelancer.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.devopsfreelancer.com\\\/blog\\\/\",\"name\":\"DevOps Freelancer\",\"description\":\"We provide DevOps | SRE | DevSecOps | MLOps Freelancing\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.devopsfreelancer.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.devopsfreelancer.com\\\/blog\\\/#\\\/schema\\\/person\\\/22ed4bd82dc04200a2ca541b3e35fc5b\",\"name\":\"Amit Kumar\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d76fb4d0f15f7a458f1fd91063b44fbb7e7eb9e724b1c465d885054c2540250f?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d76fb4d0f15f7a458f1fd91063b44fbb7e7eb9e724b1c465d885054c2540250f?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d76fb4d0f15f7a458f1fd91063b44fbb7e7eb9e724b1c465d885054c2540250f?s=96&d=mm&r=g\",\"caption\":\"Amit Kumar\"},\"description\":\"Hi I am Amit Kumar Thakur Experienced as s Software Developer with a demonstrated history of working in the information technology and services industry. Skilled in HTML, CSS, Bootstrap4, PHP, Laravel-9 , REST API,FB API,Google API, Youtube Api, Bitbucket,Github,Linux and jQuery. Strong engineering professional focused in Computer\\\/Information Technology Administration and Management. Currently my profile is to Software Developer, analyze the requirement, creating frame for web application, coding and maintenance.\",\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/amitsthakurs\\\/\",\"https:\\\/\\\/www.instagram.com\\\/amits_thakurs\\\/\",\"https:\\\/\\\/www.linkedin.com\\\/in\\\/amits-thakurs\\\/\",\"https:\\\/\\\/x.com\\\/https:\\\/\\\/twitter.com\\\/amits_thakurs\"],\"url\":\"https:\\\/\\\/www.devopsfreelancer.com\\\/blog\\\/author\\\/amit\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How to Protect and Secure PHPMyAdmin in Production Server? - DevOps Freelancer","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.devopsfreelancer.com\/blog\/how-to-protect-and-secure-phpmyadmin-in-production-server\/","og_locale":"en_US","og_type":"article","og_title":"How to Protect and Secure PHPMyAdmin in Production Server? - DevOps Freelancer","og_description":"1. Disable Root Login Disabling root login is a good security practice as it reduces the risk of unauthorized access to your system. Here are general steps...","og_url":"https:\/\/www.devopsfreelancer.com\/blog\/how-to-protect-and-secure-phpmyadmin-in-production-server\/","og_site_name":"DevOps Freelancer","article_author":"https:\/\/www.facebook.com\/amitsthakurs\/","article_published_time":"2024-01-17T06:32:49+00:00","article_modified_time":"2024-01-17T06:32:52+00:00","og_image":[{"url":"https:\/\/www.devopsfreelancer.com\/blog\/wp-content\/uploads\/2024\/01\/image-9.png","type":"","width":"","height":""}],"author":"Amit Kumar","twitter_card":"summary_large_image","twitter_creator":"@https:\/\/twitter.com\/amits_thakurs","twitter_misc":{"Written by":"Amit Kumar","Est. reading time":"10 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.devopsfreelancer.com\/blog\/how-to-protect-and-secure-phpmyadmin-in-production-server\/#article","isPartOf":{"@id":"https:\/\/www.devopsfreelancer.com\/blog\/how-to-protect-and-secure-phpmyadmin-in-production-server\/"},"author":{"name":"Amit Kumar","@id":"https:\/\/www.devopsfreelancer.com\/blog\/#\/schema\/person\/22ed4bd82dc04200a2ca541b3e35fc5b"},"headline":"How to Protect and Secure PHPMyAdmin in Production Server?","datePublished":"2024-01-17T06:32:49+00:00","dateModified":"2024-01-17T06:32:52+00:00","mainEntityOfPage":{"@id":"https:\/\/www.devopsfreelancer.com\/blog\/how-to-protect-and-secure-phpmyadmin-in-production-server\/"},"wordCount":1639,"commentCount":0,"image":{"@id":"https:\/\/www.devopsfreelancer.com\/blog\/how-to-protect-and-secure-phpmyadmin-in-production-server\/#primaryimage"},"thumbnailUrl":"https:\/\/www.devopsfreelancer.com\/blog\/wp-content\/uploads\/2024\/01\/image-9.png","keywords":["linux","linux-performance","linux-security","mysql-security"],"articleSection":["linux"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.devopsfreelancer.com\/blog\/how-to-protect-and-secure-phpmyadmin-in-production-server\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.devopsfreelancer.com\/blog\/how-to-protect-and-secure-phpmyadmin-in-production-server\/","url":"https:\/\/www.devopsfreelancer.com\/blog\/how-to-protect-and-secure-phpmyadmin-in-production-server\/","name":"How to Protect and Secure PHPMyAdmin in Production Server? - DevOps Freelancer","isPartOf":{"@id":"https:\/\/www.devopsfreelancer.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.devopsfreelancer.com\/blog\/how-to-protect-and-secure-phpmyadmin-in-production-server\/#primaryimage"},"image":{"@id":"https:\/\/www.devopsfreelancer.com\/blog\/how-to-protect-and-secure-phpmyadmin-in-production-server\/#primaryimage"},"thumbnailUrl":"https:\/\/www.devopsfreelancer.com\/blog\/wp-content\/uploads\/2024\/01\/image-9.png","datePublished":"2024-01-17T06:32:49+00:00","dateModified":"2024-01-17T06:32:52+00:00","author":{"@id":"https:\/\/www.devopsfreelancer.com\/blog\/#\/schema\/person\/22ed4bd82dc04200a2ca541b3e35fc5b"},"breadcrumb":{"@id":"https:\/\/www.devopsfreelancer.com\/blog\/how-to-protect-and-secure-phpmyadmin-in-production-server\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.devopsfreelancer.com\/blog\/how-to-protect-and-secure-phpmyadmin-in-production-server\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.devopsfreelancer.com\/blog\/how-to-protect-and-secure-phpmyadmin-in-production-server\/#primaryimage","url":"https:\/\/www.devopsfreelancer.com\/blog\/wp-content\/uploads\/2024\/01\/image-9.png","contentUrl":"https:\/\/www.devopsfreelancer.com\/blog\/wp-content\/uploads\/2024\/01\/image-9.png","width":727,"height":352},{"@type":"BreadcrumbList","@id":"https:\/\/www.devopsfreelancer.com\/blog\/how-to-protect-and-secure-phpmyadmin-in-production-server\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.devopsfreelancer.com\/blog\/"},{"@type":"ListItem","position":2,"name":"How to Protect and Secure PHPMyAdmin in Production Server?"}]},{"@type":"WebSite","@id":"https:\/\/www.devopsfreelancer.com\/blog\/#website","url":"https:\/\/www.devopsfreelancer.com\/blog\/","name":"DevOps Freelancer","description":"We provide DevOps | SRE | DevSecOps | MLOps Freelancing","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.devopsfreelancer.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.devopsfreelancer.com\/blog\/#\/schema\/person\/22ed4bd82dc04200a2ca541b3e35fc5b","name":"Amit Kumar","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/d76fb4d0f15f7a458f1fd91063b44fbb7e7eb9e724b1c465d885054c2540250f?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d76fb4d0f15f7a458f1fd91063b44fbb7e7eb9e724b1c465d885054c2540250f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d76fb4d0f15f7a458f1fd91063b44fbb7e7eb9e724b1c465d885054c2540250f?s=96&d=mm&r=g","caption":"Amit Kumar"},"description":"Hi I am Amit Kumar Thakur Experienced as s Software Developer with a demonstrated history of working in the information technology and services industry. Skilled in HTML, CSS, Bootstrap4, PHP, Laravel-9 , REST API,FB API,Google API, Youtube Api, Bitbucket,Github,Linux and jQuery. Strong engineering professional focused in Computer\/Information Technology Administration and Management. Currently my profile is to Software Developer, analyze the requirement, creating frame for web application, coding and maintenance.","sameAs":["https:\/\/www.facebook.com\/amitsthakurs\/","https:\/\/www.instagram.com\/amits_thakurs\/","https:\/\/www.linkedin.com\/in\/amits-thakurs\/","https:\/\/x.com\/https:\/\/twitter.com\/amits_thakurs"],"url":"https:\/\/www.devopsfreelancer.com\/blog\/author\/amit\/"}]}},"_links":{"self":[{"href":"https:\/\/www.devopsfreelancer.com\/blog\/wp-json\/wp\/v2\/posts\/1566","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.devopsfreelancer.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.devopsfreelancer.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.devopsfreelancer.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.devopsfreelancer.com\/blog\/wp-json\/wp\/v2\/comments?post=1566"}],"version-history":[{"count":1,"href":"https:\/\/www.devopsfreelancer.com\/blog\/wp-json\/wp\/v2\/posts\/1566\/revisions"}],"predecessor-version":[{"id":1598,"href":"https:\/\/www.devopsfreelancer.com\/blog\/wp-json\/wp\/v2\/posts\/1566\/revisions\/1598"}],"wp:attachment":[{"href":"https:\/\/www.devopsfreelancer.com\/blog\/wp-json\/wp\/v2\/media?parent=1566"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.devopsfreelancer.com\/blog\/wp-json\/wp\/v2\/categories?post=1566"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.devopsfreelancer.com\/blog\/wp-json\/wp\/v2\/tags?post=1566"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}