On Aug 21, 2009, at 4:17 PM, Ray Van Dolson wrote: > - Keep phpMyAdmin up to date. Best way to do this is to use a > package from a well known repository like EPEL that keeps the > package at the latest version for you. > - Run with SELinux Enforcing > - Protect phpMyAdmin with Basic HTTP authentication instead of > relying only on phpMyAdmin's authentication which does nothing to > prevent the exploitation of many URL-based vulnerabilities. What he said, plus change the URL to something other than the default / phpmyadmin/ --Chris