How to thwart the “GET /phpMyAdmin/scripts/setup.php ” or “POST /phpMyAdmin/scripts/setup.php ” attack

I usually don’t post highly technical stuff on my blog but this one was entertaining in a geek sort of way. I was tired of seeing script kiddies try this brute force attack on my server. I googled the heck out of it and tried some of the suggestions but nothing was working so I engineered my own fix. Here it is.

rename the /usr/share/phpMyAdmin/scripts/setup.php script to something else. Replace it with the following code:

<?PHP
    include("stopit.html");
?>

Create a file in that directory called stopit.html with the following code:

<HEAD>
    <TITLE>Stop It!</TITLE> 
</HEAD> 
<H1 ALIGN=CENTER>Stop It!</H1> 
<P ALIGN=CENTER>
   <IMG SRC="stopit.jpg">
</P>
</BODY> 
</HTML>

Here is my stopit.jpg

large

Leave a Reply

Your email address will not be published. Required fields are marked *