mirror of
https://github.com/usmannasir/cyberpanel.git
synced 2026-07-05 07:37:26 +02:00
Add PhpMyAdmin access middleware and session check for user authentication
- Updated settings.py to include PhpMyAdminAccessMiddleware for enhanced access control. - Modified phpmyadminsignin.php to check user session and redirect to the login page if not authenticated.
This commit is contained in:
25
phpmyadmin_htaccess
Normal file
25
phpmyadmin_htaccess
Normal file
@@ -0,0 +1,25 @@
|
||||
# CyberPanel phpMyAdmin Access Control
|
||||
# Place this file as /usr/local/CyberCP/public/phpmyadmin/.htaccess
|
||||
|
||||
# Enable rewrite engine
|
||||
RewriteEngine On
|
||||
|
||||
# Check if user is not authenticated and redirect to login
|
||||
RewriteCond %{HTTP_COOKIE} !sessionid=
|
||||
RewriteRule ^(.*)$ /base/ [R=302,L]
|
||||
|
||||
# Additional security headers
|
||||
Header always set X-Frame-Options DENY
|
||||
Header always set X-Content-Type-Options nosniff
|
||||
Header always set X-XSS-Protection "1; mode=block"
|
||||
|
||||
# Prevent direct access to sensitive files
|
||||
<Files "config.inc.php">
|
||||
Order Allow,Deny
|
||||
Deny from all
|
||||
</Files>
|
||||
|
||||
<Files "*.log">
|
||||
Order Allow,Deny
|
||||
Deny from all
|
||||
</Files>
|
||||
Reference in New Issue
Block a user