Koozali.org: home of the SME Server
Obsolete Releases => SME 7.x Contribs => Topic started by: cool34000 on September 03, 2006, 03:22:44 AM
-
Hello
I've installed phpmyadmin contrib and I would like to know if it's possible to disable access from outside to it.
Just because I don't like a such thing opened on the www !
Thx in advance !!!
-
As far as I know it's not open to the outside world.
I just tried to access mine at home from work and all is ok .. no access
Regards,
Tib
-
Tib, I can connect to phpmyadmin or myadmin from the outside... As it's not in an ibay, I can't manage access to it. I use the latest rpm...
-
ok ... your right ... I forgot to use https
Still ... someone would have to know the password before they can get in.
But I guess it's one more door they can knock on.
Regards,
Tib
-
It's a big open door to the outside, protected by https of course... Don't know if there are known issues about phpmyadmin, but there must be...
With the multiuser rpm, it's worse : you have to change every password because every user declared in mysql have access to the server (with limited rights).
There must be a way do desactivate wan access to phpmyadmin !
Maybe I should download the latest version and install it in an ibay ?
-
It's a big open door to the outside, protected by https of course... Don't know if there are known issues about phpmyadmin, but there must be...
With the multiuser rpm, it's worse : you have to change every password because every user declared in mysql have access to the server (with limited rights).
There must be a way do desactivate wan access to phpmyadmin !
Maybe I should download the latest version and install it in an ibay ?
Can it be done via the httpd.conf using templates ?
Hmm...
Look at /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/86PhpmyadminmultiAlias
# Administration: phpMyAdmin
Alias /myadmin /opt/administration/phpmyadminmulti
<Directory /opt/administration/phpmyadminmulti>
SSLRequireSSL on
Options -Indexes
AllowOverride None
order deny,allow
deny from all
allow from all
Satisfy all
AddType application/x-httpd-php .php .php3
php_flag magic_quotes_gpc on
php_flag track_vars on
</Directory>
<Directory /opt/administration/phpmyadminmulti/scripts>
SSLRequireSSL on
Options -Indexes
AllowOverride None
order deny,allow
deny from all
allow from { "$localAccess $externalSSLAccess"; }
AuthName "phpMyadmin Scripts (Admin)"
AuthType Basic
AuthExternal pwauth
require user admin
Satisfy all
AddType application/x-httpd-php .php .php3
php_flag magic_quotes_gpc on
php_flag track_vars on
</Directory>
I'm sure the 'allow from' line could be altered.
-
William,
First of all, thanks trying to help me !
I don't have the file you specified... I tryed to locate the template but it's not even on my hard drive !
I have this rpm installed : smeserver-phpmyadmin-2.6.4-pl4.dmay.noarch.rpm
phpmyadmin is stored in /opt/phpmyadmin
I've also found templates in this file : /etc/e-smith/templates/opt/phpmyadmin/config.inc.php/10config but i didn't found anything interesting in it.
-
William,
First of all, thanks trying to help me !
I don't have the file you specified... I tryed to locate the template but it's not even on my hard drive !
I have this rpm installed : smeserver-phpmyadmin-2.6.4-pl4.dmay.noarch.rpm
phpmyadmin is stored in /opt/phpmyadmin
I've also found templates in this file : /etc/e-smith/templates/opt/phpmyadmin/config.inc.php/10config but i didn't found anything interesting in it.
Opps.. my mistake.
I thought you had this one..
http://forums.contribs.org/index.php?topic=32654.0
It should still have the same file, but the contents will be...
# phpMyAdmin
Alias /phpmyadmin /opt/phpmyadmin
<Directory /opt/phpmyadmin>
{
use esmith::util;
my $release = esmith::util::determineRelease();
if ("$release" ge "7.0")
{
$OUT .= " SSLRequireSSL";
}
else
{
$OUT .= " RequireSSL on";
}
}
Options -Indexes
AllowOverride None
order deny,allow
deny from all
allow from all
AuthName "phpMyAdmin"
AuthType Basic
AuthExternal pwauth
require user admin
Satisfy all
AddType application/x-httpd-php .php .php3
php_flag magic_quotes_gpc on
php_flag track_vars on
</Directory>
If you cant find it try..
updatedb
locate 86PhpmyadminAlias
-
Thanks for pointing me on the right file william_syd.
I have the same file described in your last post as I am using phpmyadmin single-user.
Your wonderings were right, I've replaced this line :
allow from allby this one :
allow from { "$localAccess"; }
After restarting my SMEbox I can't access anymore from the outside to phpmyadmin webinterface. From LAN, it's ok ! Great shot !!!
I guess it should work either with phpmyadmin multiuser rpm replacing this line :
allow from { "$localAccess $externalSSLAccess"; }with this line :
allow from { "$localAccess"; }
Great thanks again. ;-)