Access fobidden phpmyadmin

Problems with the Windows version of XAMPP, questions, comments, and anything related.

Access fobidden phpmyadmin

Postby gatsu » 28. April 2010 13:16

Hello guy,

Sorry for my bad english but I'm from Italy.

My problem is that I can't access phpMyAdmin from another computer or from my domain, but locally it's all great.

Example: http://localhost/phpmyadmin WORK!
http://mysite.eu/phpmyadmin Don't WORK! P.S: Even if I try to access the server where I installed xammp, with the domain is wrong.

This is my httpd-xammp.conf:
Code: Select all
#
# XAMPP settings
#

<IfModule env_module>
    SetEnv MIBDIRS "/xampp/php/extras/mibs"
    SetEnv MYSQL_HOME "\\xampp\\mysql\\bin"
    SetEnv OPENSSL_CONF "/xampp/apache/bin/openssl.cnf"
    SetEnv PHP_PEAR_SYSCONF_DIR "\\xampp\\php"
    SetEnv PHPRC "\\xampp\\php"
    SetEnv TMP "\\xampp\\tmp"
    UnsetEnv PERL5LIB
</IfModule>

#
# PHP-Module setup
#
LoadFile "/xampp/php/php5ts.dll"
LoadModule php5_module modules/php5apache2_2.dll

<IfModule php5_module>
    <FilesMatch "\.php$">
        SetHandler application/x-httpd-php
    </FilesMatch>
    <FilesMatch "\.phps$">
        SetHandler application/x-httpd-php-source
    </FilesMatch>

    PHPINIDir "/xampp/php"
</IfModule>

#
# PHP-CGI setup
#
<IfModule !php5_module>
    <FilesMatch "\.php$">
        SetHandler application/x-httpd-php-cgi
    </FilesMatch>
    <IfModule actions_module>
        Action application/x-httpd-php-cgi "/php-cgi/php-cgi.exe"
    </IfModule>
</IfModule>


<IfModule mime_module>
    AddType text/html .php .phps
</IfModule>

ScriptAlias /php-cgi/ "/xampp/php/"
<Directory "/xampp/php">
    AllowOverride None
    Options None
    Order deny,allow
    Deny from all
    <Files "php-cgi.exe">
        Allow from all
    </Files>
</Directory>

<Directory "/xampp/cgi-bin">
    <FilesMatch "\.php$">
        SetHandler cgi-script
    </FilesMatch>
    <FilesMatch "\.phps$">
        SetHandler None
    </FilesMatch>
</Directory>

<Directory "/xampp/htdocs/xampp">
    <IfModule php5_module>
       <Files "status.php">
          php_admin_flag safe_mode off
       </Files>
    </IfModule>
    AllowOverride AuthConfig
</Directory>

<IfModule alias_module>
    Alias /security "/xampp/security/htdocs/"
    <Directory "/xampp/security/htdocs">
        <IfModule php5_module>
          <Files "xamppsecurity.php">
             php_admin_flag safe_mode off
          </Files>
        </IfModule>
        AllowOverride AuthConfig
   </Directory>

    Alias /licenses "/xampp/licenses/"
    <Directory "/xampp/licenses">
        Options +Indexes
        <IfModule autoindex_color_module>
            DirectoryIndexTextColor  "#000000"
            DirectoryIndexBGColor "#f8e8a0"
            DirectoryIndexLinkColor "#bb3902"
            DirectoryIndexVLinkColor "#bb3902"
            DirectoryIndexALinkColor "#bb3902"
        </IfModule>
   </Directory>

    Alias /phpmyadmin "/xampp/phpMyAdmin/"
    <Directory "/xampp/phpMyAdmin">
        AllowOverride AuthConfig
    </Directory>

    Alias /webalizer "/xampp/webalizer/"
    <Directory "/xampp/webalizer">
        <IfModule php5_module>
          <Files "webalizer.php">
             php_admin_flag safe_mode off
          </Files>
        </IfModule>
        AllowOverride AuthConfig
    </Directory>
</IfModule>

#
# New XAMPP security concept
#
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
    Order deny,allow
    Deny from all
    Allow from ::1 127.0.0.0/8 \
               fc00::/7 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 \
               fe80::/10 169.254.0.0/16

    ErrorDocument 403 /error/HTTP_XAMPP_FORBIDDEN.html.var
</LocationMatch>



Screen:
Image
Last edited by gatsu on 28. April 2010 21:03, edited 1 time in total.
gatsu
 
Posts: 3
Joined: 28. April 2010 12:56

Re: Access fobidden phpmyadmin

Postby Altrea » 28. April 2010 13:32

you had to
- remove "phpmyadmin" from the list in the LocationMatch directive
- and assign a new Directory permission for the phpmyadmin folder in the apache\conf\httpd.conf file (or with htaccess)
We don't provide any support via personal channels like PM, email, Skype, TeamViewer!

It's like porn for programmers 8)
User avatar
Altrea
AF Moderator
 
Posts: 8286
Joined: 17. August 2009 13:05
XAMPP version: several
Operating System: Windows 10 Pro x64

Re: Access fobidden phpmyadmin

Postby gatsu » 28. April 2010 21:05

I didn't understand.
Can you explain better?

Thanks.
gatsu
 
Posts: 3
Joined: 28. April 2010 12:56

Re: Access fobidden phpmyadmin

Postby Altrea » 29. April 2010 05:26

In your httpd-xammp.conf file (nearly at the end of the file) is a list of folders which defines the XAMPP security concept.
All of these folders are restricted to be accessable only from localhost (127.0.0.1).

If you have a static IP, you can simply add this in the allow rule.
If not, you must remove phpmyadmin from this list.

After that there is no other rule defined for phpmyadmin, so the default rule gets active which means all access is denied.
To change that, you had to define a rule for the phpmyadmin directory. You can do that in the httpd-xammp.conf file too (some lines before the new XAMPP security concept is already a directory record block for phpmyadmin, where you simply add your access rule), or in the httpd.conf file, where the other access rules are defined.

more about access control can be found in the Apache documentation
User avatar
Altrea
AF Moderator
 
Posts: 8286
Joined: 17. August 2009 13:05
XAMPP version: several
Operating System: Windows 10 Pro x64

Re: Access fobidden phpmyadmin

Postby gatsu » 01. May 2010 11:33

Thank you, I resolved.
gatsu
 
Posts: 3
Joined: 28. April 2010 12:56

Re: Access fobidden phpmyadmin

Postby josepuib » 04. August 2010 12:17

¿Could you please provide a copy of the config files to let us see what they look like after the changes?

Thank you very much.
josepuib
 
Posts: 2
Joined: 04. August 2010 12:12

Re: Access fobidden phpmyadmin

Postby Altrea » 04. August 2010 12:38

josepuib wrote:¿Could you please provide a copy of the config files to let us see what they look like after the changes?

Thank you very much.


This way you never learn yourself how to do that and what this all means.
We don't provide any support via personal channels like PM, email, Skype, TeamViewer!

It's like porn for programmers 8)
User avatar
Altrea
AF Moderator
 
Posts: 8286
Joined: 17. August 2009 13:05
XAMPP version: several
Operating System: Windows 10 Pro x64

Re: Access fobidden phpmyadmin

Postby josepuib » 04. August 2010 12:58

Actually, my real interest is not learning how it works but getting it working the earlier the better. Furthermore, seeing an example of a well done work gives me ideas to improve my own.

However, if you think that giving me the edited files is not a proper way to help me, other kinds of help you can provide will be appreciated.

Thanks in advance.
josepuib
 
Posts: 2
Joined: 04. August 2010 12:12

Re: Access fobidden phpmyadmin

Postby Altrea » 04. August 2010 13:18

You need to know:
- How to define a <Directory> Directive in your httpd.conf file (Basic Example for this is the htdocs Block already existing in your httpd.conf)
- What the AllowOverride Directive does and which value it had to be setted to for your needs.
- What a .htaccess file is and how to implement a authentication function in it
- How to create a .htpasswd file with the htpasswd function

You can simply read the first half of the Authentication, Authorization and Access Control HowTo which combines most of this.
We don't provide any support via personal channels like PM, email, Skype, TeamViewer!

It's like porn for programmers 8)
User avatar
Altrea
AF Moderator
 
Posts: 8286
Joined: 17. August 2009 13:05
XAMPP version: several
Operating System: Windows 10 Pro x64


Return to XAMPP for Windows

Who is online

Users browsing this forum: No registered users and 56 guests