[CentOS] phpmyadmin location

Fri Apr 19 11:01:38 UTC 2013
Arun Khan <knura9 at gmail.com>

On Thu, Apr 18, 2013 at 10:00 PM, Tilman Schmidt
<t.schmidt at phoenixsoftware.de> wrote:
> Am 18.04.2013 08:44, schrieb Arun Khan:
>> On Thu, Apr 18, 2013 at 8:14 AM, SilverTip257 <silvertip257 at gmail.com> wrote:
>>> But at the same time it's not prudent to allow anyone access to a service
>>> (host/port/page/whatever) when they have no need to.
>>> Perfect example being people who let SSH open to the world on production
>>> boxes and do little to nothing to protect it.
>> How do you handle the ACL when multiple users need the ssh access?
>> Use case scenario,  I have setup CentOS based LAMP servers [...] the web
>> developers who keep making changes (per client request) need sftp
>> access to the boxen; their respective ISP service, provide only
>> dynamic IPs (or charge extra which the freelancer will not pay for)
>> At the moment, I have had to leave it open with fail2ban monitoring
>> the ssh port.
> ACLs won't cut it in that scenario,


> but limiting SSH to public key
> authentication (ie. disabling password authentication) and

Agreed but explaining the concept to WAMP web application developers  ....

> disabling
> direct root login should be sufficiently secure.

This is the first thing I do after installation is complete :)

Arun Khan
Sent from my non-iphone/non-android device