Phpmyadmin - htaccess Password protection

Is there a way to password protect the phpmyadmin, even by using just the standard process to make a password protected directory?

htpasswd/htaccess?


I don't feel like the server is secured while this is open. I was hoping to add another layer of security to the databases instead of the username/password of phpmyadmin. The link to the phpmyadmin installation is not in /var and I can't get the htpasswd/htaccess combo to work. Maybe I need to chmod?

Thank you, in advance.

 

Debian Lenny/Ispconfig 3 Perfrect server setup.

When I go to one of the sites that I have set up via IspConfig3, and add the subdomain "phpmyadmin" it resolves to the phpmyadmin login page. But, there is no folder in /var/www/domain.name/web/ for phpmyadmin. I tried to load .htaccess and .htpasswd at /usr/share/phpmyadmin. It didn't work.

Am I in the wrong place?

Thank you for responding.

 

Never got phpmyadmin protected.

Now they are hacking me.

I could never get the htaccess to work for me in the shared folder.

What to do? What to do?

 

Still watching the logs.

Thanks Till,

I am still watching the apache logs. They are going right for the phpmyadmin and mail folders, but they are using several variations of urls (not exact nor specific). I've been blocking ips individually, but they can change ips fairly easily, which is why I'd like to block via htaccess.

I don't know why I can't use htaccess in the shared folder of phpmyadmin.

I just went back and reviewed my access.log - error.log files and they have been getting the 404. So, I did panic a bit much. The attacks are coming from Asia and Latin America.

What scares me is: I don't remember installing open office. I used the Lenny/Ispconfig3 Perfect server setup. I see it in the /etc folder. Am I just paranoid?
UPDATE: The OpenOffice folder is for a dictionary/spell check, it's not the full version.

Thanks Till.