LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 03-08-2014, 08:30 PM   #1
cyberdome
Member
 
Registered: Mar 2014
Distribution: Fedora 23 - MariaDB 10.1 -
Posts: 130
Blog Entries: 2

Rep: Reputation: 8
SECURITY ISSUE, phpMyAdmin, unable to restrict access from externally ?


Hello everyone,

SECURITY ISSUE, phpMyAdmin, unable to restrict access from externally from outside world.

I am having trouble with restricting access to the phpMyAdmin portal from external WAN IP. I have done changing everything in the phpmyadmin.config file, But it is still not restricting access to phpmyadmin.


I want to ONLY access from the SERVER itself localhost or internal LAN. 192.168.1.0


please, help. this is a major security issue.


not sure what to do from or where to go from here.

thanks in advance
 
Old 03-08-2014, 10:33 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,361
Blog Entries: 55

Rep: Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547
Set allow / deny rules for the PMA directory in your web servers configuration file or directory or use a .htaccess file?
 
Old 03-08-2014, 11:18 PM   #3
cyberdome
Member
 
Registered: Mar 2014
Distribution: Fedora 23 - MariaDB 10.1 -
Posts: 130
Blog Entries: 2

Original Poster
Rep: Reputation: 8
Quote:
Originally Posted by unSpawn View Post
Set allow / deny rules for the PMA directory in your web servers configuration file or directory or use a .htaccess file?
what is PMA stand for? I did see the httpd.conf file. that is where I need to make the change?
 
Old 03-09-2014, 05:24 AM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,361
Blog Entries: 55

Rep: Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547
Quote:
Originally Posted by cyberdome View Post
what is PMA stand for?
Sorry, shouldn't have used the TLA for "PHPMyAdmin"


Quote:
Originally Posted by cyberdome View Post
I did see the httpd.conf file. that is where I need to make the change?
Yes, that or a /etc/httpd/conf.d/ inclusion file or a .htaccess. See the apache.org documentation if unsure.
 
Old 03-09-2014, 02:44 PM   #5
cyberdome
Member
 
Registered: Mar 2014
Distribution: Fedora 23 - MariaDB 10.1 -
Posts: 130
Blog Entries: 2

Original Poster
Rep: Reputation: 8
Quote:
Originally Posted by unSpawn View Post
Sorry, shouldn't have used the TLA for "PHPMyAdmin"



Yes, that or a /etc/httpd/conf.d/ inclusion file or a .htaccess. See the apache.org documentation if unsure.
TLA is Three Letter Acronym. LOL cute.

thanks a lot. Thanks to everyone who has helped. This is exactly what I was looking for.


So, now I have access to webpages externally. Now, I can also connect to phpMyAdmin via LAN but not via WAN. This is exactly what I wanted.

This is what I did in my configuration page. Hope this thread will help others in the forum.

Code:
# phpMyAdmin - Web based MySQL browser written in php
# 
# Allows only localhost by default
#
# But allowing phpMyAdmin to anyone other than localhost should be considered
 dangerous unless properly secured by SSL



Alias /phpMyAdmin /usr/share/phpMyAdmin

Alias /phpmyadmin /usr/share/phpMyAdmin



<Directory /usr/share/phpMyAdmin/>
 
 <IfModule mod_authz_core.c>
 
   # Apache 2.4

     <RequireAny>

      Require ip 127.0.0.1
      
 Require ip 192.168.1.0/255.255.255.0
    </RequireAny>

   </IfModule>
 
  <IfModule !mod_authz_core.c>
 
    # Apache 2.2
 
  Order Deny,Allow
  
  Deny from All
 
   Allow from 127.0.0.1

   Allow from 192.168.1.0/255.255.255.0 
  </IfModule>
  
 # Require all granted 

</Directory>



<Directory /usr/share/phpMyAdmin/setup/>


   <IfModule mod_authz_core.c>
 


    # Apache 2.4

     <RequireAny>

       Require ip 127.0.0.1

      require ip 192.168.1.0/255.255.255.0
     </RequireAny>
 
  </IfModule>
  
 <IfModule !mod_authz_core.c>
   
  # Apache 2.2

     Order Deny,Allow

     Deny from All

     Allow from 127.0.0.1

     Allow from 192.168.1.0/255.255.255.0
  </IfModule>

</Directory>

Last edited by cyberdome; 03-09-2014 at 02:46 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Cannot Restrict phpMyAdmin Access andperry Linux - Server 4 07-30-2013 08:19 AM
Unable to access CentOS web server externally rahilmaknojia Linux - Server 4 11-05-2011 06:00 PM
Disk Quota Issue (Exceeded but Unable to restrict) omprakash28 Linux - Server 2 06-18-2010 02:07 AM
Restrict X server access using /etc/security/access.conf anand_kt Linux - General 0 04-22-2005 09:40 AM
phpMyAdmin Security Issue mr_dizzle Linux - Software 2 12-28-2004 01:48 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 01:03 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration