Forum

Hello,

my logfile is full with rtying to finde a phpmyadmin and, so, I would like to bann everyone, they try to find phpmyadmin, except my IP.
How does one do this?

Many thanks in advance.

Hiawatha version: 7.3
Operating System: Debian 5

Please include the following at the Virtualhost section :

AccessList = allow 192.168.0.0/24 , deny all

or

AccessList = allow 192.168.0.100, deny all

BanlistMask don't work for me
This must work only for a certain Vhost

You can try the following configuration:

VirtualHost {
  ...
  UseToolkit = ban_scanner
}

UrlToolkit {
  ToolkitID = ban_scanner
  Match ^/phpmyadmin/.* Ban 300
}

Hi Hugo,

this works, but my ip is also baned.

In that case, you can use a simple AccessList, as Samiux also suggested.

AccessList = allow <your ip address>, deny all

I have AccessList already since long time, it is a matter for me to ban the idiots who sniff phpmyadmin and bombard my logfiles.

A ban is also logged. So, that won't change the amount of log entries. What you better can do in your case is to block them in your firewall.

Do you use an IP address or a hostname in the phpmyadmin URL?

thanks Hugo,

1) Firewall is not possible on my Hoster, its a vServer without loadable kernel module
2) both.

1) Then I seriously suggest you find a better hoster. Even a VPS should have the iptables firewall available.
2) I advice that you use your ip address as the hostname of the default host (the one NOT inside VirtualHost { } ) and give that website a blank page. Use a separate hostname in your domain (for example pma.domain.com) for phpMyAdmin. Use an AccessList for that virtual host. Of course, use a separate logfile for each virtual host. That should keep your pma secure and your logfiles clean. Most vulnerablility scanners do their scanning by IP address, not by hostname.

ok Hugo,
for such weak Hoster, is to be recommended hiawatha urgently
thanks.