How control acces to /phpmyadmin?

qwxpr · June 23, 2022, 12:32pm

Server version: Apache/2.4.54 (Ubuntu)

I try add to htaccess

<RequireAll>
Require all granted
Require ip 192.168.1.11
</RequireAll>

and

Order Allow,Deny
Deny from all
Allow from 192.168.1.11

no effect, any letter in file get 500error
edit apache conf and nginx conf no effect

eris · June 23, 2022, 1:16pm

Check the error logs why you get an 500 error.

qwxpr · June 23, 2022, 2:13pm

192.168.1.11 - - [23/Jun/2022:19:13:03 +0500] “GET /phpmyadmin/ HTTP/1.0” 500 3651 “-” “Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:101.0) Gecko/20100101 Firefox/101.0”

linkp · June 24, 2022, 12:50am

That’s the access log. You will want to look at the error log.

qwxpr · June 24, 2022, 9:48am

[Fri Jun 24 14:42:50.973553 2022] [core:alert] [pid 86277:tid 139744394598144] [client 192.168.0.11:1] /usr/share/phpmyadmin/.htaccess: <RequireAll not allowed here
[Fri Jun 24 14:43:24.673856 2022] [core:alert] [pid 86277:tid 139745535448832] [client 192.168.0.11:1] /usr/share/phpmyadmin/.htaccess: Require not allowed here
[Fri Jun 24 14:43:43.740775 2022] [core:alert] [pid 86277:tid 139744520423168] [client 192.168.0.11:1] /usr/share/phpmyadmin/.htaccess: order not allowed here

try 3 different content in htaccess

/usr/share/phpmyadmin/phpmyadmin.inc

# phpMyAdmin default Apache configuration

Alias /phpmyadmin /usr/share/phpmyadmin

<Directory /usr/share/phpmyadmin>
        Options FollowSymLinks
        DirectoryIndex index.php

        <IfModule mod_php5.c>
                AddType application/x-httpd-php .php

                php_flag magic_quotes_gpc Off
                php_flag track_vars On
                php_flag register_globals Off
                php_admin_flag allow_url_fopen Off
                php_value include_path .
                php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
                php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmya>
        </IfModule>
    <IfModule mpm_event_module>

        # Use www.conf instead
        <FilesMatch \.php$>
            SetHandler "proxy:fcgi://127.0.0.1:9000"
        </FilesMatch>
    </IfModule>
</Directory>

if i add rule /usr/share/phpmyadmin/phpmyadmin.inc
Order Allow,Deny
Deny from all
Allow from 192.168.0.32

get error
2526976] [client 192.168.0.32:0] AH01797: client denied by server configuration: /usr/share/phpmyadmin/

linkp · June 24, 2022, 1:02pm

The official Apache Documentation has a section on Access Control that should prove useful.

qwxpr · June 24, 2022, 4:28pm

ty
do you know where config to hestia CP web access?

<Directory /usr/share/hestia> for sample

i try
location / {
allow 192.168.0.0/16;
deny all;
expires off;
index index.php;
}
/usr/local/hestia/nginx/conf/nginx.conf
not work

system · July 24, 2022, 4:28pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.