phpIPAM contains sensitive network topology and IP assignment data.
¶ Web and Access Security
- Enforce HTTPS and strong authentication for all users.
- Apply role-based permissions by section/subnet.
- Restrict admin UI by source IP/reverse proxy ACL.
¶ Backend and Integration Security
- Protect DB credentials and use least-privilege DB user.
- Secure PowerDNS/API integrations with scoped tokens.
- Audit subnet edits and API-driven changes.