The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Attacks targeting phpMyAdmin?

Discussion in 'Security' started by gkgcpanel, Aug 9, 2010.

  1. gkgcpanel

    gkgcpanel Well-Known Member

    Joined:
    Jun 6, 2007
    Messages:
    217
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    DataCenter Provider
    Ok, fair enough... However we are seeing...

    an enormous DDOS attack from several IP addresses in China that are all attempting to hit phpmyadmin links to determine what the version is.

    This literally brings the server to its knees. Over this past weekend, we saw over 600 thousand connection attempts. It took over 5 hours to firewall all those IP addresses (and I'm sure we got legitimate users too).

    The problem however is that this is happening to all 15+ of our cPanel servers.

    We want to make sure that there is no way for users to access phpmyadmin from outside of cPanel. We are going to require all users to log into their cPanel account first and then access phpMyAdmin.

    Is there a way to do this? Something we can change in WHM to make sure that this is the case?

    Thank you,
    Peter
     
  2. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,557
    Likes Received:
    7
    Trophy Points:
    38
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
  3. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,557
    Likes Received:
    7
    Trophy Points:
    38
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    In order to access the installation of phpMyAdmin that is installed by cPanel you must first be authenticated in cPanel or WHM using a valid login username and password. There is no anonymous "guest" access that would allow unauthenticated users to access the installation of phpMyAdmin that is installed by cPanel.
     
  4. MaraBlue

    MaraBlue Well-Known Member

    Joined:
    May 3, 2005
    Messages:
    335
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Carmichael, CA
    cPanel Access Level:
    Root Administrator
    Continuing on with the OP's question, is there a method you would suggest that could block requests for PHPMyAdmin and yet not block valid users' access? I've thought of writing a rule for mod_security, but wasn't totally sure that valid users wouldn't also be blocked.

    I've seen numerous others having this issue also, but have yet to read any suggested solutions (other than "just ignore it").
     
  5. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,458
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    Are the attacks hitting one of the cPanel ports, or port 80? If they are not targeting the cPanel ports then you could drop all requests for phpMyAdmin hitting port 80.

    If a user has installed phpMyAdmin in his document root then those requests would be dropped as well.
     
  6. Shadyr

    Shadyr Registered

    Joined:
    Oct 16, 2008
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
  7. cPanelDon

    cPanelDon cPanel Quality Assurance Analyst
    Staff Member

    Joined:
    Nov 5, 2008
    Messages:
    2,557
    Likes Received:
    7
    Trophy Points:
    38
    Location:
    Houston, Texas, U.S.A.
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    Please keep in mind that Debian is not an OS supported by cPanel as per the system requirements for cPanel and WHM.

    Please see the following post: cPanel Forums - View Single Post - PHPMyAdmin upgrade to 3.3.0 - Re: Debian Security Advisory (DSA-2034-1)
     
Loading...

Share This Page