Vesta Control Panel - Forum

Community Forum
https://forum.vestacp.com/

[HowTo] Secure phpMyAdmin From Brute Force Attack on VestaCP Centos with Google recaptcha

https://forum.vestacp.com/viewtopic.php?f=11&t=17594

Page 1 of 1

[HowTo] Secure phpMyAdmin From Brute Force Attack on VestaCP Centos with Google recaptcha

Posted: Tue Sep 11, 2018 8:15 pm
by xorro
Go to google recaptcha page GOOGLE RECAPTCHA in order to retrieve site key and secret key:

Add/Register a new site :
Image

Enter the server ip or hostname, domain you want to access the phpmyadmin with, then hit Register button, now you will see site key and secrect key copy this keys we’ll need this in step 2 :

you can go to Advanced Settings >> Domain Name Validation >>> uncheck Verify the origin of reCAPTCHA solutions for wildcard permission i.e. you can access phpmyadmin with any domain and ip which are in the server, this is useful if you’ve many domains and IP hosted on the server and want to access phpmyadmin from all of them.

Image

After that edit the config.inc.php file and add the lines below mentioned :

Code: Select all

nano /usr/share/phpMyAdmin/libraries/config.default.php
now search this line and add site key and secrect key which you’ll be retrieving from step 2 :

Code: Select all

$cfg['CaptchaLoginPublicKey'] = 'Site Key';
$cfg['CaptchaLoginPrivateKey'] = 'Secret Key';
where :

Code: Select all

$cfg[‘CaptchaLoginPublicKey’] = ‘Site key’
$cfg[‘CaptchaLoginPrivateKey’] = ‘Secret key’
eg :

Code: Select all

/**
 * if reCaptcha is enabled it needs public key to connect with the service
 *
 * @global string $cfg['CaptchaLoginPublicKey']
 */
$cfg['CaptchaLoginPublicKey'] = 'Site Key';

/**
 * if reCaptcha is enabled it needs private key to connect with the service
 *
 * @global string $cfg['CaptchaLoginPrivateKey']
 */
$cfg['CaptchaLoginPrivateKey'] = 'Secret Key';
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/