0

I'm trying to limit which IP's can access example.com/adminer.php which is used to manage my system's MySQL server.

I've been trying to achieve this using apache's conf files, settings, or tools so that I can later apply this method to other files or directories.

I've installed Adminer per the instruction on the site and everything seems to be working perfect except the inability to limit it to localhost.

I've tried making the below addition to the apache2 security.conf file, with no luck after a restart.

System: Debian 8.1

<Files /adminer.php>
   Order Deny,Allow
   Deny from all
   Allow from localhost
</Files>
T. Thomas
  • 660
  • 3
  • 10
  • 25
  • its not safe to use IP only to secure a file\directory –  Mar 16 '16 at 03:15
  • in the above you want to use an IP not localhost –  Mar 16 '16 at 03:17
  • Here already have a solution for you. http://stackoverflow.com/a/13938692/1297615 – BobGao Mar 16 '16 at 03:37
  • @BobGao not exactly what I'm looking for, uses .htaccess and doesn't explain how to limit access to a specific file in my case adminer.php. I'd like to see a full apache security.conf file with ip based black listing. – T. Thomas Mar 18 '16 at 22:55

1 Answers1

2

One fast way I can think to do this is to insert some code into the php file.

<?php
if ( ! ($_SERVER['HTTP_HOST'] == 'localhost' || $_SERVER['REMOTE_ADDR'] == '127.0.0.1') ) {
    header("HTTP/1.1 404 Not Found");   
    exit();
}

http://php.net/manual/en/function.header.php

ryantxr
  • 4,119
  • 1
  • 11
  • 25