LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
LinkBack Search this Thread
Old 04-26-2013, 02:50 PM   #1
Rupadhya
Member
 
Registered: Sep 2012
Location: Hoffman Estates, IL
Distribution: Fedora
Posts: 167

Rep: Reputation: Disabled
Trying to configure LAMP stack - failure with Forbidden page


Hello all,
I am going to build a small application to index my photographs. I thought it would be fun to build it with PHP and MySQL/Maria DB as the backend support.

I am getting errors configuring the stack.

I got the Apache HTTP up and configured,
I got the PHP installed,
I installed MySQL and set a root password,

I wanted to make sure I was good with the PHP to MySQL linkage, so I am installing PHPMyAdmin.

I test it out and I get a Forbidden from the browser.

Code:
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /phpmyadmin/
on this server.</p>
</body></html>

Looking at the log, I have this error.
Quote:
[Fri Apr 26 14:27:34.076641 2013] [mpm_prefork:notice] [pid 8919] AH00163: Apache/2.4.4 (Fedora) PHP/5.4.13 configured -- resuming normal operations
[Fri Apr 26 14:27:34.076712 2013] [core:notice] [pid 8919] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
[Fri Apr 26 14:27:41.776158 2013] [authz_core:error] [pid 8922] [client 192.168.1.39:58443] AH01630: client denied by server configuration: /usr/share/phpMyAdmin/
What am I doing wrong? I thought I had a permissions problem with /usr/share/phpMyAdmin, so I changed phpMyAdmin.conf like this.
Code:
<Directory /usr/share/phpMyAdmin/>
   <IfModule mod_authz_core.c>
     # Apache 2.4
     <RequireAny>
       Require ip 127.0.0.1
       Require ip ::1
     </RequireAny>
   </IfModule>
   <IfModule !mod_authz_core.c>
     # Apache 2.2
      Order Deny,Allow
      Deny from all
      Allow from 192.168.1.0/24
      Allow from 192.168.1.39/24
      Allow from 127.0.0.1
      Allow from ::1
   </IfModule>
</Directory>
...
My IP is 192.168.1.39 from the router, and the workstation is working on the internet. I am using Fedora 18.

Any ideas?
- Raj Upadhyaya
 
Old 04-26-2013, 03:25 PM   #2
sag47
Senior Member
 
Registered: Sep 2009
Location: Philly, PA
Distribution: Kubuntu x64, RHEL, Fedora Core, FreeBSD, Windows x64
Posts: 1,328
Blog Entries: 33

Rep: Reputation: 328Reputation: 328Reputation: 328Reputation: 328
Do you have SELinux enabled? Run the getenforce command and it should either be: Permissive or Enforcing. If so then you'll need to set up a context so that the apache user is allowed to access the phpmyadmin content.

See man httpd_selinux.
Code:
#check the context of the contents in /usr/share/phpMyAdmin
ls -Z /usr/share/phpMyAdmin
#if they don't have the context httpd_sys_content_t then it will need to be set
chcon -R -t httpd_sys_content_t /usr/share/phpMyAdmin
You can temporarily stop SELinux enforcement.
Code:
setenforce 0
Also, I do not recommend running phpMyAdmin at all. It's a common attack vector so it is best to just maintain MySQL using the cli utility mysql.

SAM
 
1 members found this post helpful.
Old 04-26-2013, 03:45 PM   #3
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,772

Rep: Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294Reputation: 1294
Hi,
Quote:
[Fri Apr 26 14:27:41.776158 2013] [authz_core:error] [pid 8922] [client 192.168.1.39:58443] AH01630: client denied by server configuration: /usr/share/phpMyAdmin
Since you're running apache-2.4.x you need to use:
Code:
   <IfModule mod_authz_core.c>
     # Apache 2.4
     <RequireAny>
       Require ip 127.0.0.1
       Require ip ::1
       Require ip 192.168.1.39/24
       Require ip 192.168.1.0/24
     </RequireAny>
   </IfModule>
Cheers
 
1 members found this post helpful.
Old 04-26-2013, 06:36 PM   #4
Rupadhya
Member
 
Registered: Sep 2012
Location: Hoffman Estates, IL
Distribution: Fedora
Posts: 167

Original Poster
Rep: Reputation: Disabled
Bathory your changes fixed it!!! I am up and running, as I have created a test table and it looks like it works for me.

I ran getenforce and it came back as Enforcing.
Code:
# getenforce
Enforcing
Sag47, I checked the context by doing the below command, but I didn't change it as of yet. I will probably remove PhpMyAdmin after I am sure everything is up and running. It poses a big security hole (as you know).

Code:
# ls -Z /usr/share/phpMyAdmin
-rw-r--r--. root root system_u:object_r:usr_t:s0       browse_foreigners.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       bs_disp_as_mime_type.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       bs_play_media.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       changelog.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       chk_rel.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       config.sample.inc.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       db_create.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       db_datadict.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       db_events.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       db_export.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       db_import.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       db_operations.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       db_printview.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       db_qbe.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       db_routines.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       db_search.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       db_sql.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       db_structure.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       db_tracking.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       db_triggers.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       docs.css
-rw-r--r--. root root system_u:object_r:usr_t:s0       Documentation.html
-rw-r--r--. root root system_u:object_r:usr_t:s0       enum_editor.php
drwxr-xr-x. root root system_u:object_r:usr_t:s0       examples
-rw-r--r--. root root system_u:object_r:usr_t:s0       export.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       favicon.ico
-rw-r--r--. root root system_u:object_r:usr_t:s0       file_echo.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       gis_data_editor.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       import.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       import_status.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       index.php
drwxr-xr-x. root root system_u:object_r:usr_t:s0       js
drwxr-xr-x. root root system_u:object_r:usr_t:s0       libraries
-rw-r--r--. root root system_u:object_r:usr_t:s0       license.php
drwxr-xr-x. root root system_u:object_r:usr_t:s0       locale
-rw-r--r--. root root system_u:object_r:usr_t:s0       main.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       navigation.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       phpinfo.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       phpmyadmin.css.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       phpunit.xml.nocoverage
-rw-r--r--. root root system_u:object_r:usr_t:s0       pmd_display_field.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       pmd_general.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       pmd_pdf.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       pmd_relation_new.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       pmd_relation_upd.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       pmd_save_pos.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       prefs_forms.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       prefs_manage.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       print.css
-rw-r--r--. root root system_u:object_r:usr_t:s0       querywindow.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       schema_edit.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       schema_export.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       server_binlog.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       server_collations.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       server_databases.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       server_engines.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       server_export.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       server_import.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       server_plugins.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       server_privileges.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       server_replication.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       server_sql.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       server_status.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       server_synchronize.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       server_variables.php
drwxr-xr-x. root root system_u:object_r:usr_t:s0       setup
-rw-r--r--. root root system_u:object_r:usr_t:s0       show_config_errors.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       sql.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       tbl_addfield.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       tbl_alter.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       tbl_change.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       tbl_chart.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       tbl_create.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       tbl_export.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       tbl_get_field.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       tbl_gis_visualization.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       tbl_import.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       tbl_indexes.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       tbl_move_copy.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       tbl_operations.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       tbl_printview.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       tbl_relation.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       tbl_replace.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       tbl_row_action.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       tbl_select.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       tbl_sql.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       tbl_structure.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       tbl_tracking.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       tbl_triggers.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       tbl_zoom_select.php
drwxr-xr-x. root root system_u:object_r:usr_t:s0       themes
-rw-r--r--. root root system_u:object_r:usr_t:s0       themes.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       transformation_overview.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       transformation_wrapper.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       url.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       user_password.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       version_check.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       view_create.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       view_operations.php
-rw-r--r--. root root system_u:object_r:usr_t:s0       webapp.php
#
Thank you both!
- Raj Upadhyaya
 
  


Reply

Tags
apache, fedora 18, lamp, mysql, phpmyadmin


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] X-server on a LAMP stack Cyrolancer Linux - General 5 01-24-2012 03:54 PM
LAMP stack for Windoze resetreset General 3 08-18-2010 09:46 AM
Bootable LAMP Stack? Which Distro? Descentlvr Linux - Server 1 03-06-2009 03:55 AM
LXer: How high is the LAMP stack? LXer Syndicated Linux News 0 08-01-2007 12:01 AM
tuning my LAMP stack... sneakyimp Linux - Software 2 11-01-2006 03:41 PM


All times are GMT -5. The time now is 09:12 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration