Solved

403 Forbidden access trying to get to phpmyadmin on Centos 7

Posted on 2016-08-11
11
433 Views
Last Modified: 2016-11-15
Please help!

I am trying to setup phpmyadmin on a centos 7 server.

I have installed through yum but before i open it up for external ips i wanted to test it on the server itself but i get

"Forbidden

You don't have permission to access /phpmyadmin on this server."

Apache error log shows the following

[Thu Aug 11 16:21:33.785826 2016] [access_compat:error] [pid 43903] [client 127.0.0.1:56106] AH01797: client denied by server configuration: /usr/share/phpMyAdmin



My phpmyadmin.conf file is as follows:



# phpMyAdmin - Web based MySQL browser written in php
#
# Allows only localhost by default
#
# But allowing phpMyAdmin to anyone other than localhost should be considered
# dangerous unless properly secured by SSL

Alias /phpMyAdmin /usr/share/phpMyAdmin
Alias /phpmyadmin /usr/share/phpMyAdmin

<Directory /usr/share/phpMyAdmin/>
   AddDefaultCharset UTF-8

   <IfModule mod_authz_core.c>
     # Apache 2.4
     <RequireAny>
       Require ip 127.0.0.1
       Require ip ::1
     </RequireAny>
   </IfModule>
   <IfModule !mod_authz_core.c>
     # Apache 2.2
     Order Deny,Allow
     Deny from All
     Allow from 127.0.0.1
     Allow from ::1
   </IfModule>
</Directory>

<Directory /usr/share/phpMyAdmin/setup/>
   <IfModule mod_authz_core.c>
     # Apache 2.4
     <RequireAny>
       Require ip 127.0.0.1
       Require ip ::1
     </RequireAny>
   </IfModule>
   <IfModule !mod_authz_core.c>
     # Apache 2.2
     Order Deny,Allow
     Deny from All
     Allow from 127.0.0.1
     Allow from ::1
   </IfModule>
</Directory>

# These directories do not require access over HTTP - taken from the original
# phpMyAdmin upstream tarball
#
<Directory /usr/share/phpMyAdmin/libraries/>
    Order Deny,Allow
    Deny from All
    Allow from None
</Directory>

<Directory /usr/share/phpMyAdmin/setup/lib/>
    Order Deny,Allow
    Deny from All
    Allow from None
</Directory>

<Directory /usr/share/phpMyAdmin/setup/frames/>
    Order Deny,Allow
    Deny from All
    Allow from None
</Directory>

# This configuration prevents mod_security at phpMyAdmin directories from
# filtering SQL etc.  This may break your mod_security implementation.
#
#<IfModule mod_security.c>
#    <Directory /usr/share/phpMyAdmin/>
#        SecRuleInheritance Off
#    </Directory>
#</IfModule>



thanks
0
Comment
Question by:timb551
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 4
11 Comments
 
LVL 14

Expert Comment

by:Schnell Solutions
ID: 41752571
does it work as root?

If you did not try, execute the following command to work as root:
sudo su
0
 

Author Comment

by:timb551
ID: 41752574
sorry does what work as root?
0
 
LVL 14

Expert Comment

by:Schnell Solutions
ID: 41752603
Ohs, sorry, I thought that it was trying to edit the file.

Can you try changing the order that corresponds tot he directory permission:
 Order Deny,Allow
     Deny from All
     Allow from 127.0.0.1
     Allow from ::1

 Order Allow,Deny
     Deny from All
     Allow from 127.0.0.1
     Allow from ::1
0
The Orion Papers

Are you interested in becoming an AWS Certified Solutions Architect?

Discover a new interactive way of training for the exam.

 

Author Comment

by:timb551
ID: 41753482
Same error

403 Forbidden

You dont have permission to access /phpmyadmin on this server.
0
 
LVL 14

Expert Comment

by:Schnell Solutions
ID: 41754085
Can you make a temporal test specifying 'Allow from All'

With this test you are going to allow any connection (no matter the name, ip, or source location). But at least for completing the Host test that you specify. If it connects like that, it means that your Host server is using a source that we are not including in the file (like the server name, a fixed IP).

If it does not connect, we might be configuring the incorrect location.
0
 

Author Comment

by:timb551
ID: 41756149
So to confirm i should change it to

<Directory /usr/share/phpMyAdmin/>
   AddDefaultCharset UTF-8

   <IfModule mod_authz_core.c>
     # Apache 2.4
     <RequireAny>
       Require ip 127.0.0.1
       Require ip ::1
       Allow from All
     </RequireAny>
   </IfModule>
   <IfModule !mod_authz_core.c>
     # Apache 2.2
     Order Allow,Deny
     Deny from All
     Allow from 127.0.0.1
     Allow from ::1
   </IfModule>
</Directory>

<Directory /usr/share/phpMyAdmin/setup/>
   <IfModule mod_authz_core.c>
     # Apache 2.4
     <RequireAny>
       Require ip 127.0.0.1
       Require ip ::1
       Allow from All
     </RequireAny>
   </IfModule>
   <IfModule !mod_authz_core.c>
     # Apache 2.2
     Order Allow,Deny
     Deny from All
     Allow from 127.0.0.1
     Allow from ::1
   </IfModule>
</Directory>
0
 
LVL 14

Expert Comment

by:Schnell Solutions
ID: 41756808
Yeah.

Doesn't it use the other Apaches?
0
 

Author Comment

by:timb551
ID: 41757979
Still get forbidden with the below conf

Alias /phpMyAdmin /usr/share/phpMyAdmin
Alias /phpmyadmin /usr/share/phpMyAdmin

<Directory /usr/share/phpMyAdmin/>
   AddDefaultCharset UTF-8

   <IfModule mod_authz_core.c>
     # Apache 2.4
     <RequireAny>
       Require ip 127.0.0.1
       Require ip ::1
       Require all granted
     </RequireAny>
   </IfModule>
   <IfModule !mod_authz_core.c>
     # Apache 2.2
     Order Allow,Deny
     Deny from All
     Allow from 127.0.0.1
     Allow from ::1
     Allow from All
   </IfModule>
</Directory>

<Directory /usr/share/phpMyAdmin/setup/>
   <IfModule mod_authz_core.c>
     # Apache 2.4
     <RequireAny>
       Require ip 127.0.0.1
       Require ip ::1
       Require all granted
     </RequireAny>
   </IfModule>
   <IfModule !mod_authz_core.c>
     # Apache 2.2
     Order Allow,Deny
     Deny from All
     Allow from 127.0.0.1
     Allow from ::1
     Allow from All
   </IfModule>
</Directory>
0
 

Author Comment

by:timb551
ID: 41784349
Any more advice?
0
 

Accepted Solution

by:
timb551 earned 0 total points
ID: 41882322
All sorted.

Ended up needing the following config:

<Directory /usr/share/phpMyAdmin/>
AddDefaultCharset UTF-8
      Order Deny,Allow
      Deny from All
      Allow from 1.1.1.1
      Allow from 2.2.2.2
</Directory>

<Directory /usr/share/phpMyAdmin/setup/>
   <IfModule mod_authz_core.c>
     # Apache 2.4
     <RequireAny>
      Require ip 127.0.0.1
       Require ip ::1
     </RequireAny>
   </IfModule>
   <IfModule !mod_authz_core.c>
     # Apache 2.2
     Order Deny,Allow
     Deny from All
     Allow from 127.0.0.1
     Allow from ::1
   </IfModule>
</Directory>
0
 

Author Closing Comment

by:timb551
ID: 41887587
I managed to sort myself
0

Featured Post

Containers & Docker to Create a Powerful Team

Containers are an incredibly powerful technology that can provide you and/or your engineering team with huge productivity gains. Using containers, you can deploy, back up, replicate, and move apps and their dependencies quickly and easily.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How many times have you wanted to quickly do the same thing to a list but found yourself typing it again and again? I first figured out a small time saver with the up arrow to recall the last command but that can only get you so far if you have a bi…
Introduction We as admins face situation where we need to redirect websites to another. This may be required as a part of an upgrade keeping the old URL but website should be served from new URL. This document would brief you on different ways ca…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question