Topic: [FIXED] phpMyAdmin single/multiuser...

[cool34000]

Hello

I've installed phpmyadmin contrib and I would like to know if it's possible to disable access from outside to it.

Just because I don't like a such thing opened on the www !


Thx in advance !!!

[Tib]

As far as I know it's not open to the outside world.

I just tried to access mine at home from work and all is ok .. no access

Regards,

Tib

[cool34000]

Tib, I can connect to phpmyadmin or myadmin from the outside... As it's not in an ibay, I can't manage access to it. I use the latest rpm...

[Tib]

ok ... your right ... I forgot to use https

Still ... someone would have to know the password before they can get in.

But I guess it's one more door they can knock on.


Regards,

Tib

[cool34000]

It's a big open door to the outside, protected by https of course... Don't know if there are known issues about phpmyadmin, but there must be...
With the multiuser rpm, it's worse : you have to change every password because every user declared in mysql have access to the server (with limited rights).

There must be a way do desactivate wan access to phpmyadmin !
Maybe I should download the latest version and install it in an ibay ?

[william_syd]

It's a big open door to the outside, protected by https of course... Don't know if there are known issues about phpmyadmin, but there must be...
With the multiuser rpm, it's worse : you have to change every password because every user declared in mysql have access to the server (with limited rights).

There must be a way do desactivate wan access to phpmyadmin !
Maybe I should download the latest version and install it in an ibay ?

Can it be done via the httpd.conf using templates ?

Hmm...

Look at /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/86PhpmyadminmultiAlias

Code: [Select]

# Administration: phpMyAdmin
Alias /myadmin /opt/administration/phpmyadminmulti
<Directory /opt/administration/phpmyadminmulti>
    SSLRequireSSL on
    Options -Indexes
    AllowOverride None
    order deny,allow
    deny from all
    allow from all
    Satisfy all
    AddType application/x-httpd-php .php .php3
    php_flag  magic_quotes_gpc  on
    php_flag  track_vars        on
</Directory>

<Directory /opt/administration/phpmyadminmulti/scripts>
    SSLRequireSSL on
    Options -Indexes
    AllowOverride None
    order deny,allow
    deny from all
    allow from { "$localAccess $externalSSLAccess"; }
    AuthName "phpMyadmin Scripts (Admin)"
    AuthType Basic
    AuthExternal pwauth
    require user admin
    Satisfy all
    AddType application/x-httpd-php .php .php3
    php_flag  magic_quotes_gpc  on
    php_flag  track_vars        on
</Directory>

I'm sure the 'allow from' line could be altered.

[cool34000]

William,

First of all, thanks trying to help me !


I don't have the file you specified... I tryed to locate the template but it's not even on my hard drive !

I have this rpm installed : smeserver-phpmyadmin-2.6.4-pl4.dmay.noarch.rpm

phpmyadmin is stored in /opt/phpmyadmin
I've also found templates in this file : /etc/e-smith/templates/opt/phpmyadmin/config.inc.php/10config but i didn't found anything interesting in it.

[william_syd]

William,

First of all, thanks trying to help me !


I don't have the file you specified... I tryed to locate the template but it's not even on my hard drive !

I have this rpm installed : smeserver-phpmyadmin-2.6.4-pl4.dmay.noarch.rpm

phpmyadmin is stored in /opt/phpmyadmin
I've also found templates in this file : /etc/e-smith/templates/opt/phpmyadmin/config.inc.php/10config but i didn't found anything interesting in it.

Opps.. my mistake.

I thought you had this one..
http://forums.contribs.org/index.php?topic=32654.0

It should still have the same file, but the contents will be...

Code: [Select]

# phpMyAdmin
Alias /phpmyadmin /opt/phpmyadmin
<Directory /opt/phpmyadmin>
{
use esmith::util;
my $release = esmith::util::determineRelease();
if ("$release" ge "7.0")
{
$OUT .= "    SSLRequireSSL";
}
else
{
$OUT .= "    RequireSSL on";
}
}
    Options -Indexes
    AllowOverride None
    order deny,allow
    deny from all
    allow from all
    AuthName "phpMyAdmin"
    AuthType Basic
    AuthExternal pwauth
    require user admin
    Satisfy all
    AddType application/x-httpd-php .php .php3
    php_flag  magic_quotes_gpc  on
    php_flag  track_vars        on
</Directory>


If you cant find it try..

Code: [Select]

updatedb

Code: [Select]

locate 86PhpmyadminAlias

[cool34000]

Thanks for pointing me on the right file william_syd.

I have the same file described in your last post as I am using phpmyadmin single-user.

Your wonderings were right, I've replaced this line :

Code: [Select]

allow from allby this one :

Code: [Select]

allow from { "$localAccess"; }

After restarting my SMEbox I can't access anymore from the outside to phpmyadmin webinterface. From LAN, it's ok ! Great shot !!!

I guess it should work either with phpmyadmin multiuser rpm replacing this line :

Code: [Select]

allow from { "$localAccess $externalSSLAccess"; }with this line :

Code: [Select]

allow from { "$localAccess"; }


Great thanks again.