Question
How to secure phpmyadmin using localhost and ssh tunneling.
- Posted February 15, 2014
I want to secure phymyadming using ssh tunnels by allowing only from localhost 127.0.0.1. I have followed the tutorial on http://deanbarrow.co.uk/the-quick-and-easy-way-to-secure-phpmyadmin/ but it is not working for me. Help is required
My vps server root login is not permitted
Using Putty, under SSH > Tunnels, set the source port as 8080 and destination as localhost:8080 with the local and auto options selected, then connected as usual as xyz as user name. xyz user has sudo root permission.
I have already installed phpmyadmin in my server
So I created a new directory using mkdir -p /var/www/localhost/html
Then I moved my phpmyadmin directory to /var/www/localhost/html using mv /usr/share/phpmyadmin /var/www/localhost/html
Then I Created the configuration file as follows: nano /etc/nginx/sites-available/localhost
This is the localhost configuration file content
server { listen 127.0.0.1:8080; server_name localhost; access_log /var/www/localhost/logs/access.log; error_log /var/www/localhost/logs/error.log;
Allow connections from localhost only allow 127.0.0.1; deny all;
location / { root /var/www/localhost/html; index index.html index.htm index.php; }
location ~ .php$ { if (!-f $request_filename) { return 404; } fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /var/www/localhost/html$fastcgi_script_name; include fastcgi_params; } }
Then I enabled my new localhost configuration with the following command:
sudo ln -s /etc/nginx/sites-available/localhost /etc/nginx/sites-enabled
Then restarted Nginx: using
sudo /etc/init.d/nginx restart
Then in my browser I navigated to http://localhost:8080
But I am getting 403 Forbidden Message but the PMA favicon icon is visible.
Then as per your advice I change permission of folder using chmod 775 -R /var/www/localhost/html
But still not working
The following is the error.log report
[error] 2345#0: *1 directory index of “/var/www/localhost/html/” is forbidden, client: 127.0.0.1, server: localhost, request: “GET /HTTP/1.1”, host: “localhost:8080”
This is the output of namei -om /var/www/localhost/html/phpmyadmin
f: /var/www/localhost/html/phpmyadmin
drwxr-xr-x root root /
drwxr-xr-x root root / var
drwxr-xr-x www-data www-data www
drwxrwxr-x root root localhost
drwxr-xr-x root root html
drwxr-xr-x root root phpmyadmin
Then I again test with changing permission as follows
drwxr-xr-x root root /
drwxr-xr-x root root / var
drwxrwxr-x www-data www-data www
drwxrwxr-x root root localhost
drwxrwxr-x root root html
drwxrwxr-x root root phpmyadmin
Still not working. Kind help is welcome.
Please note that I have another website running on port 80.
Thanks in advance.
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Sorry for the long question. I just want to secure my phymyadmin using nginx. I have followed a tutorial on “http://deanbarrow.co.uk/the-quick-and-easy-way-to-secure-phpmyadmin/” but it is not working. I like your all tutorials because by following your tutorial i could setup everything for my vps. There is no a single tutorial explaining “How to secure phpmyadmin on nginx by allowing access only from localhost through ssh tunnel”. Please help nginx user on your digital ocean by writing a good tutorial about “Secure phymyadmin using nginx”. Thanks in advance. There is another tutorial for nginx phpmyadmon in your article and tutorial section but it is not secureway. https://www.digitalocean.com/community/articles/how-to-install-phpmyadmin-on-a-lemp-server/
your question is full of things… <br> <br>simply post a snapshot of your server config and will can check what went wrong… <br> <br>now it doesn’t look easy to figure out what your settings are as your question is a little messy… <br> <br>so would you mind plz to show you a snapshot of your server config for the site you want to deal with? <br> <br>