Is a global DNS record a security risk for phpMyAdmin?

This would qualify as 'Security through Obscurity' and offers little to no protection whatsoever.

The /etc/hosts file is NOT DNS; it's the precursor of DNS and anyone can change their own records in it.

A domain name is mainly for human use... the computer will just convert this to an IP address and use that (and send the hostname with it in HTTP 1.1+). While the domain name has a function in virtual host configurations it is not part of a security defence.

To increase security consider adding one of the following:

IP whitelisting your own IP & blacklist all others
External login provider through oAuth / SAML. (such as Google's login system)
Use client-side certificates to authorize access

All of these would improve security from least to most, but also from easiest to most difficult.

No, it would not increase security. An attacker could still connect to phpMyAdmin if they knew the domain and IP, independent of whether a DNS record for it exists. For example, they could put the information in their own hosts file.

Is a global DNS record a security risk for phpMyAdmin?

Tags:

Dns

Web Application

Network Access Control

Related

Recent Posts