PhpMyAdmin : 403 forbidden. You don't have permission to access [...] on this server.

User-N@me · 06-21-2011, 12:32 PM

Hello,

Prior to configuration/hardening of apache2, I could access phpmyadmin, but since then I have done a few modifications in conf.d/security like "uncommenting" the following :

<Directory />
AllowOverride None
Order Deny,Allow
Deny from all
</Directory>

But I tried commenting it out again and it didn't solve the problem.

I also chrooted Apache2 with mod_chroot ( like this http://www.howtoforge.com/chrooting-...n-ubuntu-10.04 ).

And now like said in the title I've got the Forbidden error.

The phpmyadmin.conf looks fine to me and probably is since it was working before.

So I believe the problem occurred because of the chrooting with mod_chroot. What should I do to fix this problem ?

( phpmyadmin is in /usr/share/phpmyadmin )

John VV · 06-21-2011, 01:44 PM

it is in the order of things

Quote:

<Directory />
AllowOverride None
Deny from all
</Directory>

this says to DENY first
then DENY from ALL
-- no one has access --

you might want to have a second look as the hppd.conf documentation
http://httpd.apache.org/docs/2.2/mis...rity_tips.html

try
.........
Order Deny,Allow
Allow from 123.456.789.012 ( your ip )
.......

User-N@me · 06-21-2011, 02:06 PM

Hi,

Thanks for your help, I tried but it didn't change anything.

I'm already allowing access to phpmyadmin so it shouldn't be the problem.

<Directory /usr/share/phpmyadmin>
Options FollowSymLinks
DirectoryIndex index.php

<IfModule mod_php5.c>
AddType application/x-httpd-php .php

php_flag magic_quotes_gpc Off
php_flag track_vars On
php_flag register_globals Off
php_value include_path .
</IfModule>

</Directory>

User-N@me · 06-21-2011, 03:25 PM

File does not exist: /usr
or
client denied by server configuration: /usr

Are two different errors I can get (trying different conf) in /var/log/apache2/error.log

Should I do something like create a symlink to /usr/share/phpmyadmin in /var/www ?

Edit : Done but now it complains about symlinks "Symbolic link not allowed or link target not accessible: /var/www/phpmyadmin" but shouldn't it work since I've got : Options FollowSymLinks ?

John VV · 06-21-2011, 05:01 PM

this is a good example of why i have people install the Apache stack from source for the first 12 or so installs
that way you LEARN how to configure everything

i would re go over the
Apache, MySQL, php,and PhpMyAdmin documentation.

make 100% sure that apache is set up right . Files have the correct permissions , and the httpd set up right
then make sure that mysql is up and running with a NEW non default ( user=user , password=password)
that php is set up and configured and the apache php_mod is running
then that the `myadmin config file is set up correctly.

-- edit ---
for convenience you might also want to install mysql,php,phpmyadmin,and the rest
into /var/www
that way Apache docroot /var/www/http
mysql root is /var/www/mysql
and phpmyadmin is /var/www/phpmyadmin

everything is in one place and there is on digging around for files scattered all over the place .

User-N@me · 06-21-2011, 06:56 PM

After a long google session I come to the conclusion that symlinks are not allowed with mod_chroot. I'm going to try to revert this mod_chroot thing now ...

hhh123 · 06-23-2011, 12:04 AM

please provide logs from /var/log/httpd/error.log

User-N@me · 06-23-2011, 07:30 PM

Quote:

Originally Posted by hhh123

please provide logs from /var/log/httpd/error.log

"Symbolic link not allowed or link target not accessible: /var/www/phpmyadmin"

I think that's what I had. As far as I know symlinks are not allowed with mod_chroot so I would advise people to install phpmyadmin and everything needed inside the jail ... or just give up on chrooting apache.

(the phpmyadmin.conf that I posted earlier was wrong too btw ... but now that's good)