Publishing phpMyAdmin by IP is useful for urgent maintenance, but risky if done without controls. This is the process I use to enable temporary access safely.
Use case
- emergency DB maintenance;
- short support windows;
- panel-domain access temporarily unavailable.
Step 1: create dedicated MySQL admin user
mysql
CREATE USER 'admin_pma'@'localhost' IDENTIFIED BY 'STRONG_PASSWORD';
GRANT ALL PRIVILEGES ON *.* TO 'admin_pma'@'localhost' WITH GRANT OPTION;
FLUSH PRIVILEGES;
SHOW GRANTS FOR 'admin_pma'@'localhost';Step 2: enable Apache include
# usually
/etc/apache2/conf.d/IP.confEnsure:
IncludeOptional /etc/apache2/conf.d/*.incValidate and reload:
apache2ctl -t
systemctl reload apache2Step 3: functional validation
curl -I http://YOUR_IP/phpmyadminThen test login with dedicated user.
Hardening
- Restrict source IP in firewall.
- Prefer HTTPS only.
- Keep access temporary.
Rollback
Disable include/public route, reload Apache, block access in firewall, and drop temporary DB user if no longer needed.
Final takeaway
The safe model is temporary exposure with strict controls, not permanent public publication.
This post is licensed under CC BY-NC.
Comments
Join the discussion below.
Comments are not configured yet. Add Cusdis settings in /assets/json/config/blog-comments-config.json.