phpMyAdmin added to Brute Force Monitor (MANUAL CHANGE)

Version 1.46

Feature
Finished

BFM now has the ability to scan the PMA logs, but has a few conditions. Note that CustomBuild 2.0 will apply this patch with a PMA install, so with CB2, you'd need only run: cd /usr/local/directadmin/custombuild ./build update ./build phpmyadmin ----------- Else for CustomBuild 1.1/1.2: 1) The following patch must be applied to phpMyAdmin: cd /var/www/html/phpMyAdmin mkdir -p log chmod 770 log chown webapps:apache log wget http://files1.directadmin.com/services/custombuild/patches/pma_auth_logging.patch patch -p0 < pma_auth_logging.patch Note that CustomBuild 2.0 will apply this patch with a PMA install, so with CB2, you'd need only run: cd /usr/local/directadmin/custombuild ./build update ./build phpmyadmin 2) phpMyAdmin requires write access to disk, to write to: /var/www/html/phpMyAdmin/log/auth.log for CB2, this is already the default, so no need to worry there. This patch support both the default http auth type, but should also work with the cookie auth type, if you use that instead. ----------------------- 2 new lines have been added to the brute_filter.list: phpmyadmin1=ip_after=ip='&ip_until='&text=status='mysql-denied'&user_after=user='&user_until=' phpmyadmin2=ip_after=ip='&ip_until='&text=status='not authenticated'&user_after=user='&user_until=' ----- some sample log entries from the auth.log look like this: Jul 10 22:26:37:: pma auth user='user_dbuser' status='not authenticated' ip='1.2.3.4' Jul 10 23:05:55:: pma auth user='user_dbuser' status='mysql-denied' ip='1.2.3.4'

Interested to try DirectAdmin? Get a 30-day Free Trial!