Question
How to secure phpmyadmin using localhost and ssh tunneling.
I want to secure phymyadming using ssh tunnels by allowing only from localhost 127.0.0.1. I have followed the tutorial on http://deanbarrow.co.uk/the-quick-and-easy-way-to-secure-phpmyadmin/ but it is not working for me. Help is required
My vps server root login is not
permitted
Using
Putty, under SSH > Tunnels, set the source port as 8080 and
destination as localhost:8080 with the local and auto options
selected, then connected as usual as xyz as user name. xyz user has
sudo root permission.
I have already installed phpmyadmin in
my server
So I created a new directory using
mkdir -p /var/www/localhost/html
Then I moved my phpmyadmin directory to
/var/www/localhost/html using mv /usr/share/phpmyadmin
/var/www/localhost/html
Then
I Created the configuration file as follows:
nano /etc/nginx/sites-available/localhost
This is the localhost configuration
file content
server
{
listen
127.0.0.1:8080;
server_name
localhost;
access_log
/var/www/localhost/logs/access.log;
error_log
/var/www/localhost/logs/error.log;
#
Allow connections from localhost only
allow
127.0.0.1;
deny
all;
location
/ {
root
/var/www/localhost/html;
index
index.html index.htm index.php;
}
location
~ .php$ {
if
(!-f $request_filename) {
return
404;
}
fastcgi_pass
127.0.0.1:9000;
fastcgi_index
index.php;
fastcgi_param
SCRIPT_FILENAME
/var/www/localhost/html$fastcgi_script_name;
include
fastcgi_params; }
}
Then
I enabled my new localhost configuration with the following command:
sudo
ln -s /etc/nginx/sites-available/localhost /etc/nginx/sites-enabled
Then
restarted Nginx: using
sudo
/etc/init.d/nginx restart
Then
in my browser I navigated to http://localhost:8080
But
I am getting 403 Forbidden Message but the PMA favicon icon is
visible.
Then
as per your advice I change permission of folder using chmod 775 -R
/var/www/localhost/html
But
still not working
The
following is the error.log report
[error]
2345#0: *1 directory index of "/var/www/localhost/html/" is
forbidden, client: 127.0.0.1, server: localhost, request: "GET
/HTTP/1.1", host: "localhost:8080"
This
is the output of namei -om /var/www/localhost/html/phpmyadmin
f:
/var/www/localhost/html/phpmyadmin
drwxr-xr-x
root root /
drwxr-xr-x
root root / var
drwxr-xr-x
www-data www-data www
drwxrwxr-x
root root localhost
drwxr-xr-x
root root html
drwxr-xr-x
root root phpmyadmin
Then
I again test with changing permission as follows
drwxr-xr-x
root root /
drwxr-xr-x
root root / var
drwxrwxr-x
www-data www-data www
drwxrwxr-x
root root localhost
drwxrwxr-x
root root html
drwxrwxr-x
root root phpmyadmin
Still
not working. Kind help is welcome.
Please
note that I have another website running on port 80.
Thanks in advance.
Add a comment
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
×