Enable PhpMyAdmin ONLY for localhost access

Problems with the Windows version of XAMPP, questions, comments, and anything related.

Enable PhpMyAdmin ONLY for localhost access

Postby bruce2012 » 08. February 2014 13:23

Team, I have tried to do this for last 24 hours. I tried different methods and I can not make it working. I also made lots of error messages on the server. :( I found the following 2 posts :
1) http://community.apachefriends.org/f/viewtopic.php?f=17&t=51854&sid=e52c3dd3cd297810d24a0804fd42cd82
2) http://community.apachefriends.org/f/viewtopic.php?f=3&t=50969

I am using XAMPP 1.8.1 . I think that this is right solution. But I do not understand the solution very well.
1: German Language
2: what are the following IPs mean? I know that localhost is 127.0.0.1 but why there are other IPs? I just want open phpmyadmin from local server/localhost ONLY. no access allow from outside my local network/local xampp server. do I need other Ips?

1 127.0.0.0/8 \
fc00::/7 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 \
fe80::/10 169.254.0.0/16

here is my current New XAMPP security concept

Code: Select all

<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
   Order deny,allow
   Deny from all
   Allow from all
   Allow from ::1 127.0.0.0/8 \
      fc00::/7 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 \
      fe80::/10 169.254.0.0/16

   ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>



Do I need to use the following codes as the replacement?

Code: Select all

#
# New XAMPP security concept
#
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
   <RequireAny>
    Require ip ::1 127.0.0.0/8 \
      fc00::/7 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 \
      fe80::/10 169.254.0.0/16
   </RequireAny>
   ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>



Thank you for helping?
bruce2012
 
Posts: 12
Joined: 12. November 2012 00:49
XAMPP Version: 5.6.3
Operating System: window 7

Re: Enable PhpMyAdmin ONLY for localhost access

Postby bruce2012 » 08. February 2014 13:33

FYI - here are codes that you may need to see.

Code: Select all

   </Directory>

    Alias /phpmyadmin "C:/xampp/phpMyAdmin/"
    <Directory "C:/xampp/phpMyAdmin">
        AllowOverride AuthConfig
        Require all granted
    </Directory>



Thank you!
bruce2012
 
Posts: 12
Joined: 12. November 2012 00:49
XAMPP Version: 5.6.3
Operating System: window 7

Re: Enable PhpMyAdmin ONLY for localhost access

Postby Altrea » 08. February 2014 15:19

Hi bruce2012,

bruce2012 wrote:2: what are the following IPs mean? I know that localhost is 127.0.0.1

localhost is just a domain name and can be anything, but by default it will resolve to ::1 (IPv6) and 127.0.0.1 (IPv4)

bruce2012 wrote:but why there are other IPs?

The other IPs define the private areas of IPv4 and IPv6 local networks.

bruce2012 wrote:I just want open phpmyadmin from local server/localhost ONLY. no access allow from outside my local network/local xampp server. do I need other Ips?

All this IPs are INSIDE your local network, but maybe you don't need them. That depends if you want to access the sensitive XAMPP sites from other local network devices or not.

bruce2012 wrote:here is my current New XAMPP security concept

Code: Select all

<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
   Order deny,allow
   Deny from all
   Allow from all
   Allow from ::1 127.0.0.0/8 \
      fc00::/7 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 \
      fe80::/10 169.254.0.0/16

   ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>


That is very bad. That "Allow from all" rule will grant access for ANY request. That is not what you want to (and not recommend to leave it at this setting).
if you just want to access from your very local computer, there is an easy setting you can use.
Change the whole new security concept part to this:

Code: Select all
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
   <RequireAny>
      Require local
   </RequireAny>

   ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>


That will grant access from 127.0.0.1, ::1 and the LAN IP of your XAMPP server, nothing else.

best wishes,
Altrea
We don't provide any support via personal channels like PM, email, Skype, TeamViewer!

It's like porn for programmers 8)
User avatar
Altrea
AF Moderator
 
Posts: 6607
Joined: 17. August 2009 13:05
XAMPP Version: 5.5.19
Operating System: W7Ux64

Re: Enable PhpMyAdmin ONLY for localhost access

Postby bruce2012 » 08. February 2014 20:25

Good morning Altrea, It is working perfectly now! :) I was desperate because I made lots of Apache/SQL error msgs yesterday. you saved my day! Thank you Again!
bruce2012
 
Posts: 12
Joined: 12. November 2012 00:49
XAMPP Version: 5.6.3
Operating System: window 7

Re: Enable PhpMyAdmin ONLY for localhost access

Postby bruce2012 » 12. February 2014 08:17

Hello, I did some tests and working great! thank you. here is error msg that I got when I try to access from non-local network.

Access Forbidden!
___________________________
New XAMPP security concept:

Access to the requested object is only available from the local network.

This setting can be configured in the file "httpd-xampp.conf".
__________________________

I only want to show "Access Forbidden!" . I would like to hide the rest in the warning message. Could you please tell me how can I do this? Thank you!!
bruce2012
 
Posts: 12
Joined: 12. November 2012 00:49
XAMPP Version: 5.6.3
Operating System: window 7

Re: Enable PhpMyAdmin ONLY for localhost access

Postby Altrea » 12. February 2014 10:02

Simply define a different ErrorDocument
We don't provide any support via personal channels like PM, email, Skype, TeamViewer!

It's like porn for programmers 8)
User avatar
Altrea
AF Moderator
 
Posts: 6607
Joined: 17. August 2009 13:05
XAMPP Version: 5.5.19
Operating System: W7Ux64

Re: Enable PhpMyAdmin ONLY for localhost access

Postby bruce2012 » 13. February 2014 04:16

Altrea, thanks for point out the direction. done! have a great day!
bruce2012
 
Posts: 12
Joined: 12. November 2012 00:49
XAMPP Version: 5.6.3
Operating System: window 7

Re: Enable PhpMyAdmin ONLY for localhost access

Postby Altrea » 13. February 2014 05:51

You are welcome 8)
We don't provide any support via personal channels like PM, email, Skype, TeamViewer!

It's like porn for programmers 8)
User avatar
Altrea
AF Moderator
 
Posts: 6607
Joined: 17. August 2009 13:05
XAMPP Version: 5.5.19
Operating System: W7Ux64


Return to XAMPP for Windows

Who is online

Users browsing this forum: Altrea, interloperux, rensonmuthomi and 71 guests