[Sublime]

Quote:

Originally Posted by LiamM Debian 7 is one of the GUI OS' isn't it?

yes and no

Quote:

Originally Posted by MD5 I'd put PhpMyAdmin, and set up everything (server wise) for a small fee. (debian 7)

lol go away

Quote:

Originally Posted by MD5 Well that includes a secured installation (block of un-useful ports in the firewall), etc.

ur going to charge for adding like 2-3 rules in iptables?

Quote:

Originally Posted by LiamM Overall, if I was to go down the route of a Linux OS, I'd really need to learn how to operate the OS to it's full potential, I know some of the basics but, uploading, configuring, etc etc. That's where I begin to lose my grasp with regards to knowledge on the matter.

you don't really have to learn everything, just knowing the basics is more than enough

[ChromeAmazing]

Avrin Technologies' has a on going black Friday deal for Enterprise Services (Dedicated Hosting) with Windows and Linux on SSD's, if you're interested.
https://www.avrintech.net/home/enterprise.php

[MD5]

Quote:

Originally Posted by Sublime yes and no lol go away ur going to charge for adding like 2-3 rules in iptables? you don't really have to learn everything, just knowing the basics is more than enough

Lol no. I'm gonna' charge for an overall secured PhpMyAdmin install. (protected directories, ip tables altered, special ht access, and more).

[rymax99]

What's their to secure? The most you'd want to do is throw it in a basic auth protected directory. Other than that, there are no iptables rules that you can create that will affect it, and creating ACL's for it is pointless.

[MD5]

A protected directory, and a fake name'd directory would help. But the real injection protection comes in when you block minority ports to disallow remote connections toward PHPMyAdmin.

[rymax99]

Quote:

Originally Posted by MD5 A protected directory, and a fake name'd directory would help. But the real injection protection comes in when you block minority ports to disallow remote connections toward PHPMyAdmin.

What? No, neither of those will help, keep your install halfway up to date and you'll be fine. If you're talking about blocking remote access to the MySQL daemon itself, that's as easy as an iptables rule and has nothing to do with phpMyAdmin.

[XxxCodyXxx]

Well, Hello I prefer Rootstamp.com it's cheap... And good hosted I pay there I have a server.

[MD5]

Quote:

Originally Posted by rymax99 What? No, neither of those will help, keep your install halfway up to date and you'll be fine. If you're talking about blocking remote access to the MySQL daemon itself, that's as easy as an iptables rule and has nothing to do with phpMyAdmin.

There's tons of vulnerabilities to remote connections with PhpMyAdmin.. MySQL its self is linked to PhpMyAdmin, therefor the daemon would go through the same changes. People use uBuntu exploits to the config file and gain root user and password.

[rymax99]

Quote:

Originally Posted by MD5 There's tons of vulnerabilities to remote connections with PhpMyAdmin.. MySQL its self is linked to PhpMyAdmin, therefor the daemon would go through the same changes. People use uBuntu exploits to the config file and gain root user and password.

Provide some links, some logs, some documentation, something.

phpMyAdmin is a actively developed project that does not inherently need to have anything done to further secure it after it's installed. If anything, add a basic auth layer to it and be done with it. You definitely don't need to create some useless fake directories or anything else you've said.

Remote connections to phpMyAdmin? What are you talking about? phpMyAdmin is a front-end management software for MySQL, it isn't linked in any way, shape, or form.

Ubuntu exploits? What?

[MD5]

Quote:

Originally Posted by rymax99 Provide some links, some logs, some documentation, something. phpMyAdmin is a actively developed project that does not inherently need to have anything done to further secure it after it's installed. If anything, add a basic auth layer to it and be done with it. You definitely don't need to create some useless fake directories or anything else you've said. Remote connections to phpMyAdmin? What are you talking about? phpMyAdmin is a front-end management software for MySQL, it isn't linked in any way, shape, or form. Ubuntu exploits? What?

If you don't know what I'm talking about, I shall not go further.