Apache Friends Support Forum

[gatsu]

Hello guy,

Sorry for my bad english but I'm from Italy.

My problem is that I can't access phpMyAdmin from another computer or from my domain, but locally it's all great.

Example: http://localhost/phpmyadmin WORK!
http://mysite.eu/phpmyadmin Don't WORK! P.S: Even if I try to access the server where I installed xammp, with the domain is wrong.

This is my httpd-xammp.conf:

Code: Select all

#
# XAMPP settings
#

<IfModule env_module>
    SetEnv MIBDIRS "/xampp/php/extras/mibs"
    SetEnv MYSQL_HOME "\\xampp\\mysql\\bin"
    SetEnv OPENSSL_CONF "/xampp/apache/bin/openssl.cnf"
    SetEnv PHP_PEAR_SYSCONF_DIR "\\xampp\\php"
    SetEnv PHPRC "\\xampp\\php"
    SetEnv TMP "\\xampp\\tmp"
    UnsetEnv PERL5LIB
</IfModule>

#
# PHP-Module setup
#
LoadFile "/xampp/php/php5ts.dll"
LoadModule php5_module modules/php5apache2_2.dll

<IfModule php5_module>
    <FilesMatch "\.php$">
        SetHandler application/x-httpd-php
    </FilesMatch>
    <FilesMatch "\.phps$">
        SetHandler application/x-httpd-php-source
    </FilesMatch>

    PHPINIDir "/xampp/php"
</IfModule>

#
# PHP-CGI setup
#
<IfModule !php5_module>
    <FilesMatch "\.php$">
        SetHandler application/x-httpd-php-cgi
    </FilesMatch>
    <IfModule actions_module>
        Action application/x-httpd-php-cgi "/php-cgi/php-cgi.exe"
    </IfModule>
</IfModule>


<IfModule mime_module>
    AddType text/html .php .phps
</IfModule>

ScriptAlias /php-cgi/ "/xampp/php/"
<Directory "/xampp/php">
    AllowOverride None
    Options None
    Order deny,allow
    Deny from all
    <Files "php-cgi.exe">
        Allow from all
    </Files>
</Directory>

<Directory "/xampp/cgi-bin">
    <FilesMatch "\.php$">
        SetHandler cgi-script
    </FilesMatch>
    <FilesMatch "\.phps$">
        SetHandler None
    </FilesMatch>
</Directory>

<Directory "/xampp/htdocs/xampp">
    <IfModule php5_module>
       <Files "status.php">
          php_admin_flag safe_mode off
       </Files>
    </IfModule>
    AllowOverride AuthConfig
</Directory>

<IfModule alias_module>
    Alias /security "/xampp/security/htdocs/"
    <Directory "/xampp/security/htdocs">
        <IfModule php5_module>
          <Files "xamppsecurity.php">
             php_admin_flag safe_mode off
          </Files>
        </IfModule>
        AllowOverride AuthConfig
   </Directory>

    Alias /licenses "/xampp/licenses/"
    <Directory "/xampp/licenses">
        Options +Indexes
        <IfModule autoindex_color_module>
            DirectoryIndexTextColor  "#000000"
            DirectoryIndexBGColor "#f8e8a0"
            DirectoryIndexLinkColor "#bb3902"
            DirectoryIndexVLinkColor "#bb3902"
            DirectoryIndexALinkColor "#bb3902"
        </IfModule>
   </Directory>

    Alias /phpmyadmin "/xampp/phpMyAdmin/"
    <Directory "/xampp/phpMyAdmin">
        AllowOverride AuthConfig
    </Directory>

    Alias /webalizer "/xampp/webalizer/"
    <Directory "/xampp/webalizer">
        <IfModule php5_module>
          <Files "webalizer.php">
             php_admin_flag safe_mode off
          </Files>
        </IfModule>
        AllowOverride AuthConfig
    </Directory>
</IfModule>

#
# New XAMPP security concept
#
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
    Order deny,allow
    Deny from all
    Allow from ::1 127.0.0.0/8 \
               fc00::/7 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 \
               fe80::/10 169.254.0.0/16

    ErrorDocument 403 /error/HTTP_XAMPP_FORBIDDEN.html.var
</LocationMatch>


Screen:

[Altrea]

you had to
- remove "phpmyadmin" from the list in the LocationMatch directive
- and assign a new Directory permission for the phpmyadmin folder in the apache\conf\httpd.conf file (or with htaccess)

[gatsu]

I didn't understand.
Can you explain better?

Thanks.

[Altrea]

In your httpd-xammp.conf file (nearly at the end of the file) is a list of folders which defines the XAMPP security concept.
All of these folders are restricted to be accessable only from localhost (127.0.0.1).

If you have a static IP, you can simply add this in the allow rule.
If not, you must remove phpmyadmin from this list.

After that there is no other rule defined for phpmyadmin, so the default rule gets active which means all access is denied.
To change that, you had to define a rule for the phpmyadmin directory. You can do that in the httpd-xammp.conf file too (some lines before the new XAMPP security concept is already a directory record block for phpmyadmin, where you simply add your access rule), or in the httpd.conf file, where the other access rules are defined.

more about access control can be found in the Apache documentation

[gatsu]

Thank you, I resolved.

[josepuib]

¿Could you please provide a copy of the config files to let us see what they look like after the changes?

Thank you very much.

[Altrea]

¿Could you please provide a copy of the config files to let us see what they look like after the changes?

Thank you very much.

This way you never learn yourself how to do that and what this all means.

[josepuib]

Actually, my real interest is not learning how it works but getting it working the earlier the better. Furthermore, seeing an example of a well done work gives me ideas to improve my own.

However, if you think that giving me the edited files is not a proper way to help me, other kinds of help you can provide will be appreciated.

Thanks in advance.

[Altrea]

You need to know:
- How to define a <Directory> Directive in your httpd.conf file (Basic Example for this is the htdocs Block already existing in your httpd.conf)
- What the AllowOverride Directive does and which value it had to be setted to for your needs.
- What a .htaccess file is and how to implement a authentication function in it
- How to create a .htpasswd file with the htpasswd function

You can simply read the first half of the Authentication, Authorization and Access Control HowTo which combines most of this.