#1
  1. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2016
    Location
    Lakewood, WA
    Posts
    238
    Rep Power
    64

    Installing phpMyAdmin issues


    I have a cloud server with a CentOS image.

    I've installed phpMyAdmin, and edited the cofig file with my server's IP.

    However, I'm getting "Forbidden - You don't have permission to access /phpmyadmin/ on this server."

    Both the dirs at /usr/share/phpMyAdmin and the conf file seem to have the right permissions.

    Any ideas?

    Code:
    Alias /phpMyAdmin /usr/share/phpMyAdmin
    Alias /phpmyadmin /usr/share/phpMyAdmin
    
    <Directory /usr/share/phpMyAdmin/>
       AddDefaultCharset UTF-8
    
       <IfModule mod_authz_core.c>
         # Apache 2.4
         <RequireAny>
           Require ip http:xxx.xxx.xxx.xxx
           Require ip ::1
         </RequireAny>
       </IfModule>
       <IfModule !mod_authz_core.c>
         # Apache 2.2
         Order Deny,Allow
         Deny from All
         Allow from xxx.xxx.xxx.xxx
         Allow from ::1
       </IfModule>
    </Directory>
    
    <Directory /usr/share/phpMyAdmin/setup/>
       <IfModule mod_authz_core.c>
         # Apache 2.4
         <RequireAny>
           Require ip xxx.xxx.xxx.xxx
           Require ip ::1
         </RequireAny>
       </IfModule>
       <IfModule !mod_authz_core.c>
         # Apache 2.2
         Order Deny,Allow
         Deny from All
         Allow from xxx.xxx.xxx.xxx
         Allow from ::1
       </IfModule>
    </Directory>
    
    # These directories do not require access over HTTP - taken from the original
    # phpMyAdmin upstream tarball
    #
    <Directory /usr/share/phpMyAdmin/libraries/>
        Order Deny,Allow
        Deny from All
        Allow from None
    </Directory>
    
    <Directory /usr/share/phpMyAdmin/setup/lib/>
        Order Deny,Allow
        Deny from All
        Allow from None
    </Directory>
    
    <Directory /usr/share/phpMyAdmin/setup/frames/>
        Order Deny,Allow
        Deny from All
        Allow from None
    </Directory>
    [edit]

    I gained access by commenting out these lines BUT I DON'T THINK THAT'S A GOOD SOLUTION:

    Code:
    # Order Deny,Allow
    # Deny from All
    Last edited by Arty Zifferelli; January 17th, 2017 at 07:36 PM.
  2. #2
  3. No Profile Picture
    Grumpier old Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Jun 2003
    Posts
    14,560
    Rep Power
    4550
    You might try adding require ip 127.0.0.1 as well as the ipv6 localhost you already have. I have both in my centos7 /etc/httpd/conf.d/phpMyAdmin.conf.
    And check your httpd logs, usually the http error log will let you know why apache is rejecting your request.
    ======
    Doug G
    ======
    I've never been able to appreciate the sublime arrogance of folks who feel they were put on earth just to save other folks from themselves .." - Donald Hamilton
  4. #3
  5. Banned (not really)
    Devshed Supreme Being (6500+ posts)

    Join Date
    Dec 1999
    Location
    Caro, Michigan
    Posts
    14,950
    Rep Power
    4554
    I don't know the specifics on the config files, but logically, a "deny from all" is going to trump any ALLOW statements following it.

    Generally, the order should be "allow from <specific>" followed by a default "deny from all" (deny what didn't match, essentially).
    -- Cigars, whiskey and wild, wild women. --
  6. #4
  7. Banned ;)
    Devshed Supreme Being (6500+ posts)

    Join Date
    Nov 2001
    Location
    Woodland Hills, Los Angeles County, California, USA
    Posts
    9,782
    Rep Power
    4301
    Your problem is here:
    Code:
        Order Deny,Allow
        Deny from All
        Allow from None
    The Order means it will process the Deny rules first, followed by Allow. First, all Deny directives are evaluated; if any match, the request is denied unless it also matches an Allow directive. Any requests which do not match any Allow or Deny directives are permitted.
    Now you have Allow from None, which means it will never match an Allow rule. You need to specify the ip address range(s) to allow from (e.g.)
    Code:
        Order Deny,Allow
        Deny from All
        Allow from localhost
        Allow from 192.168.0.0/24
    Up the Irons
    What Would Jimi Do? Smash amps. Burn guitar. Take the groupies home.
    "Death Before Dishonour, my Friends!!" - Bruce D ickinson, Iron Maiden Aug 20, 2005 @ OzzFest
    Down with Sharon Osbourne

    "I wouldn't hire a butcher to fix my car. I also wouldn't hire a marketing firm to build my website." - Nilpo

IMN logo majestic logo threadwatch logo seochat tools logo