CentOS 6 phpMyAdmin 访问被拒绝

tag-icon tag-icon centos6
CentOS 6 phpMyAdmin 访问被拒绝

我在使用 phpMyAdmin 设置 VPS 时遇到问题。

我的错误信息:

Forbidden
You don't have permission to access /phpMyAdmin/ on this server.

我的 phpMyAdmin 配置:

    # phpMyAdmin - Web based MySQL browser written in php
#
# Allows only localhost by default
#
# But allowing phpMyAdmin to anyone other than localhost should be considered
# dangerous unless properly secured by SSL

Alias /phpMyAdmin /usr/share/phpMyAdmin
Alias /phpmyadmin /usr/share/phpMyAdmin

<Directory /usr/share/phpMyAdmin/>
   AddDefaultCharset UTF-8

   <IfModule mod_authz_core.c>
     # Apache 2.4
     <RequireAny>
       Require ip 127.0.0.1
     </RequireAny>
   </IfModule>
   <IfModule !mod_authz_core.c>
     # Apache 2.2
     Order Deny,Allow
     Deny from All
     Allow from All
     Allow from 127.0.0.1
  </IfModule>
</Directory>

<Directory /usr/share/phpMyAdmin/setup/>
   <IfModule mod_authz_core.c>
     # Apache 2.4
     <RequireAny>
       Require ip 127.0.0.1
       Require ip ::1
     </RequireAny>
   </IfModule>
   <IfModule !mod_authz_core.c>
     # Apache 2.2
     Order Deny,Allow
     Deny from All
     Allow from 127.0.01
     Allow from ::1
   </IfModule>
</Directory>

# These directories do not require access over HTTP - taken from the original
# phpMyAdmin upstream tarball
#
<Directory /usr/share/phpMyAdmin/libraries/>
    Order Deny,Allow
    Deny from All
    Allow from None
</Directory>

<Directory /usr/share/phpMyAdmin/setup/lib/>
    Order Deny,Allow
    Deny from All
    Allow from None
</Directory>

<Directory /usr/share/phpMyAdmin/setup/frames/>
    Order Deny,Allow
    Deny from All
</Directory>

# This configuration prevents mod_security at phpMyAdmin directories from
# filtering SQL etc.  This may break your mod_security implementation.
#
#<IfModule mod_security.c>
#    <Directory /usr/share/phpMyAdmin/>
#        SecRuleInheritance Off
#    </Directory>
#</IfModule>

我的公网 IP 为 127.0.0.1,但还是不行,

我遵循的教程如下:https://www.digitalocean.com/community/tutorials/how-to-install-and-secure-phpmyadmin-on-a-centos-6-4-vps

提前致谢!

答案1

Require ip 127.0.0.1

在您的上下文中是错误的。通过将对 phpMyAdmin 目录的访问限制为仅本地主机,只有本地客户端(例如从命令行或在本地显示器上运行的 Firefox)才被授予对此目录的访问权限。如果您在 VPS 上运行此服务器,则您可能希望限制较少,例如授予对您家庭 IP 地址(最有可能是 NAT 路由器)或您从中访问 VPS 的地方的访问权限。

大多数人会做的是,只允许通过 SSL 保护的链接访问 phpmyadmin,以确保其访问权限(请参阅https://wiki.apache.org/httpd/NameBasedSSLVHosts例如),那么对目录的限制就没那么严格,比如:

Require group admin

甚至完全放弃 Apache 身份验证

Require all granted

因为 phpMyAdmin 将使用它自己的基于 mysql 的身份验证。

phpMyAdmin 配置部分看起来像这样:

<IfModule mod_ssl.c>
     <VirtualHost _default_:443>
        SSLEngine on
       #   SSLCertificateFile directive is needed. Note that you'd better do with creating your own 
       # private certificates (see any openssl tutorial) and point at them here
       SSLCertificateFile   /etc/ssl/certs/ssl-cert-snakeoil.pem
       SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key

     # additional trick: many robots try to access paths variants to myurl/phpmyadmin
     # a minor trick is to choose an entirely different alias to avoir their clogging your logs 
     # with many break in attempts.

        Alias /mysqladmin /my/path/to/phpmyadmin
        <Directory "/my/path/to/phpmyadmin">
        Options Indexes FollowSymLinks MultiViews
            AllowOverride All
        Require all granted
        </Directory>

相关内容