littlebizzy
SS_ADMINER_PUBLIC="false" does not work as intended.
Issue
On version APR2023K, SS_ADMINER_PUBLIC set to "false" still exposes Adminer to the public web.
Perhaps this is another feature that could be moved to our new Nginx includes approach, like:
/var/www/sites/includes/adminer.conf
If we end up doing something like:
https://wordpress.org/plugins/db-access-adminer/
Where it requires WP Admin authentication, the entire issue might be moot.
Some patches:
https://github.com/littlebizzy/slickstack/commit/fd74e7a4f9c295b406b84dd2d896aafa10868c9c
https://github.com/littlebizzy/slickstack/commit/865024f88242e64f941f0fba5e561130126abf83
These patches (above) are temporary, because they delete the adminer.php file in case SS_ADMINER_PUBLIC is set to false in your ss-config. Later on, we should consider a separate Nginx file for Adminer too.
New sub-module in progress:
https://github.com/littlebizzy/slickstack/blob/master/modules/nginx/includes/adminer-conf.txt
We could probably also hide the Database tab in the SlickStack WP Admin Dashboard if this is set to false, that's something that a few developers had asked about.
Okay, Adminer is now officially a submodule for Nginx for SlickStack purposes... if ADMINER_PUBLIC="true" in your ss-config then the file adminer.conf will be installed to /var/www/sites/includes going forward, otherwise that file will be deleted if set to false for that option.
New script: https://github.com/littlebizzy/slickstack/blob/master/bash/ss-install-nginx-adminer.txt
I've also removed the temporary fix in ss-clean-files which deleted /var/www/meta/adminer.php if ADMINER_PUBLIC was set to false... so that is no longer going to happen going forward.
Notes:
We could make this even stronger by adding a 403 denied or something to the Adminer URL, however, now that the URL is a randomized string it's probably not a concern.