I'm trying to secure my web server by changing the url of phpmyadmin (/phpmyadmin).
I have edited the file /etc/phpmyadmin/apache.conf :
Alias /secure-db /usr/share/phpmyadmin
<Directory /usr/share/phpmyadmin>
Options FollowSymLinks
DirectoryIndex index.php
<IfModule mod_php5.c>
AddType application/x-httpd-php .php
php_flag magic_quotes_gpc Off
php_flag track_vars On
php_flag register_globals Off
php_admin_flag allow_url_fopen Off
php_value include_path .
php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/
</IfModule>
Now, I can access phpmyadmin via /secure-db, and also via /phpmyadmin
I do not understand why /phpmyadmin is still available. Of course, I did restart apache. By the way, I'm using ISPConfig 3.0.5.4p1
Any idea? Is there another kind of vhost somewhere?
EDIT : I had another file "phpmyadmin.conf.bak.20140429" in the same folder which contained the alias /phpmyadmin. After removing it I could not go to the url /phpmyadmin. So I guess that this backup file was read by apache.
