LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (http://www.linuxquestions.org/questions/linux-software-2/)
-   -   Trying to configure LAMP stack - failure with Forbidden page (http://www.linuxquestions.org/questions/linux-software-2/trying-to-configure-lamp-stack-failure-with-forbidden-page-4175459703/)

Rupadhya 04-26-2013 02:50 PM

Trying to configure LAMP stack - failure with Forbidden page
 
Hello all,
I am going to build a small application to index my photographs. I thought it would be fun to build it with PHP and MySQL/Maria DB as the backend support.

I am getting errors configuring the stack.

I got the Apache HTTP up and configured,
I got the PHP installed,
I installed MySQL and set a root password,

I wanted to make sure I was good with the PHP to MySQL linkage, so I am installing PHPMyAdmin.

I test it out and I get a Forbidden from the browser.

Code:

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /phpmyadmin/
on this server.</p>
</body></html>


Looking at the log, I have this error.
Quote:

[Fri Apr 26 14:27:34.076641 2013] [mpm_prefork:notice] [pid 8919] AH00163: Apache/2.4.4 (Fedora) PHP/5.4.13 configured -- resuming normal operations
[Fri Apr 26 14:27:34.076712 2013] [core:notice] [pid 8919] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
[Fri Apr 26 14:27:41.776158 2013] [authz_core:error] [pid 8922] [client 192.168.1.39:58443] AH01630: client denied by server configuration: /usr/share/phpMyAdmin/
What am I doing wrong? I thought I had a permissions problem with /usr/share/phpMyAdmin, so I changed phpMyAdmin.conf like this.
Code:

<Directory /usr/share/phpMyAdmin/>
  <IfModule mod_authz_core.c>
    # Apache 2.4
    <RequireAny>
      Require ip 127.0.0.1
      Require ip ::1
    </RequireAny>
  </IfModule>
  <IfModule !mod_authz_core.c>
    # Apache 2.2
      Order Deny,Allow
      Deny from all
      Allow from 192.168.1.0/24
      Allow from 192.168.1.39/24
      Allow from 127.0.0.1
      Allow from ::1
  </IfModule>
</Directory>
...

My IP is 192.168.1.39 from the router, and the workstation is working on the internet. I am using Fedora 18.

Any ideas?
- Raj Upadhyaya

sag47 04-26-2013 03:25 PM

Do you have SELinux enabled? Run the getenforce command and it should either be: Permissive or Enforcing. If so then you'll need to set up a context so that the apache user is allowed to access the phpmyadmin content.

See man httpd_selinux.
Code:

#check the context of the contents in /usr/share/phpMyAdmin
ls -Z /usr/share/phpMyAdmin
#if they don't have the context httpd_sys_content_t then it will need to be set
chcon -R -t httpd_sys_content_t /usr/share/phpMyAdmin

You can temporarily stop SELinux enforcement.
Code:

setenforce 0
Also, I do not recommend running phpMyAdmin at all. It's a common attack vector so it is best to just maintain MySQL using the cli utility mysql.

SAM

bathory 04-26-2013 03:45 PM

Hi,
Quote:

[Fri Apr 26 14:27:41.776158 2013] [authz_core:error] [pid 8922] [client 192.168.1.39:58443] AH01630: client denied by server configuration: /usr/share/phpMyAdmin
Since you're running apache-2.4.x you need to use:
Code:

  <IfModule mod_authz_core.c>
    # Apache 2.4
    <RequireAny>
      Require ip 127.0.0.1
      Require ip ::1
      Require ip 192.168.1.39/24
      Require ip 192.168.1.0/24

    </RequireAny>
  </IfModule>

Cheers

Rupadhya 04-26-2013 06:36 PM

Bathory your changes fixed it!!! I am up and running, as I have created a test table and it looks like it works for me.

I ran getenforce and it came back as Enforcing.
Code:

# getenforce
Enforcing

Sag47, I checked the context by doing the below command, but I didn't change it as of yet. I will probably remove PhpMyAdmin after I am sure everything is up and running. It poses a big security hole (as you know).

Code:

# ls -Z /usr/share/phpMyAdmin
-rw-r--r--. root root system_u:object_r:usr_t:s0      browse_foreigners.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      bs_disp_as_mime_type.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      bs_play_media.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      changelog.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      chk_rel.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      config.sample.inc.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      db_create.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      db_datadict.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      db_events.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      db_export.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      db_import.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      db_operations.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      db_printview.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      db_qbe.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      db_routines.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      db_search.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      db_sql.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      db_structure.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      db_tracking.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      db_triggers.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      docs.css
-rw-r--r--. root root system_u:object_r:usr_t:s0      Documentation.html
-rw-r--r--. root root system_u:object_r:usr_t:s0      enum_editor.php
drwxr-xr-x. root root system_u:object_r:usr_t:s0      examples
-rw-r--r--. root root system_u:object_r:usr_t:s0      export.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      favicon.ico
-rw-r--r--. root root system_u:object_r:usr_t:s0      file_echo.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      gis_data_editor.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      import.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      import_status.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      index.php
drwxr-xr-x. root root system_u:object_r:usr_t:s0      js
drwxr-xr-x. root root system_u:object_r:usr_t:s0      libraries
-rw-r--r--. root root system_u:object_r:usr_t:s0      license.php
drwxr-xr-x. root root system_u:object_r:usr_t:s0      locale
-rw-r--r--. root root system_u:object_r:usr_t:s0      main.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      navigation.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      phpinfo.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      phpmyadmin.css.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      phpunit.xml.nocoverage
-rw-r--r--. root root system_u:object_r:usr_t:s0      pmd_display_field.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      pmd_general.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      pmd_pdf.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      pmd_relation_new.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      pmd_relation_upd.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      pmd_save_pos.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      prefs_forms.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      prefs_manage.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      print.css
-rw-r--r--. root root system_u:object_r:usr_t:s0      querywindow.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      schema_edit.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      schema_export.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      server_binlog.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      server_collations.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      server_databases.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      server_engines.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      server_export.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      server_import.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      server_plugins.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      server_privileges.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      server_replication.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      server_sql.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      server_status.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      server_synchronize.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      server_variables.php
drwxr-xr-x. root root system_u:object_r:usr_t:s0      setup
-rw-r--r--. root root system_u:object_r:usr_t:s0      show_config_errors.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      sql.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      tbl_addfield.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      tbl_alter.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      tbl_change.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      tbl_chart.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      tbl_create.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      tbl_export.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      tbl_get_field.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      tbl_gis_visualization.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      tbl_import.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      tbl_indexes.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      tbl_move_copy.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      tbl_operations.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      tbl_printview.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      tbl_relation.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      tbl_replace.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      tbl_row_action.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      tbl_select.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      tbl_sql.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      tbl_structure.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      tbl_tracking.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      tbl_triggers.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      tbl_zoom_select.php
drwxr-xr-x. root root system_u:object_r:usr_t:s0      themes
-rw-r--r--. root root system_u:object_r:usr_t:s0      themes.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      transformation_overview.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      transformation_wrapper.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      url.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      user_password.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      version_check.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      view_create.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      view_operations.php
-rw-r--r--. root root system_u:object_r:usr_t:s0      webapp.php
#

Thank you both!
- Raj Upadhyaya


All times are GMT -5. The time now is 12:03 AM.