DB-008 critical general

DB admin tools on-demand and Zero Trust protected

Database admin tools (phpMyAdmin, Adminer, pgAdmin) must be on-demand only (not always running) and protected behind Cloudflare Zero Trust when active.

Question to ask

"Is phpMyAdmin running 24/7 somewhere, exposed to the internet?"

Verification guide

Severity: Critical

This is a guided manual check.

Prompt user:

How do you manage database admin tools (phpMyAdmin, Adminer, pgAdmin)?

Please provide:

  1. What tool is used (if any)
  2. How it's deployed (always-on, on-demand, separate service)
  3. How access is protected (Zero Trust, VPN, IP whitelist)
  4. Who can spin it up and when it's turned off

Verify:

  • Tool is not always running in production
  • Protected behind Cloudflare Zero Trust when active
  • Clear process for spinning up and down

Pass criteria:

  • No DB admin tool used, OR
  • Tool is on-demand only AND behind Zero Trust

Fail criteria:

  • DB admin tool running 24/7 in production
  • No access protection when active

Evidence to capture:

  • Tool used
  • Deployment method
  • Zero Trust policy or equivalent protection
  • Access procedure

Cross-reference with:

  • Section 04 (Environments) - Zero Trust for dev/staging

Section

05. Database & Connections

Database & Data

← Previous

DB-007

Redis documented if storing critical data

 Next →

DB-009

Admin password restricted to critical people