i installed phpmyadmin but while accessing i am getting 403 Forbidden Error?

November 9, 2014 21.7k views
[root@delibers conf.d]# cat phpMyAdmin.conf
# phpMyAdmin - Web based MySQL browser written in php
#
# Allows only localhost by default
#
# But allowing phpMyAdmin to anyone other than localhost should be considered
# dangerous unless properly secured by SSL

Alias /phpMyAdmin /usr/share/phpMyAdmin
Alias /phpmyadmin /usr/share/phpMyAdmin

<Directory /usr/share/phpMyAdmin/>
   AddDefaultCharset UTF-8

   <IfModule mod_authz_core.c>
     # Apache 2.4
     <RequireAny>
       Require ip 104.131.90.178
       Require ip 127.0.0.1
       Require ip ::1
     </RequireAny>
   </IfModule>
   <IfModule !mod_authz_core.c>
     # Apache 2.2
     Order Deny,Allow
     Deny from All
     Allow from 104.131.90.178
     Allow from ::1
     Allow from localhost
   </IfModule>
</Directory>

<Directory /usr/share/phpMyAdmin/setup/>
   <IfModule mod_authz_core.c>
     # Apache 2.4
     <RequireAny>
       Require ip 104.131.90.178
       Require ip 127.0.0.1
       Require ip ::1
     </RequireAny>
   </IfModule>
   <IfModule !mod_authz_core.c>
     # Apache 2.2
     Order Deny,Allow
     Deny from All
     Allow from 104.131.90.178
     Allow from ::1
     Allow from localhost
   </IfModule>
</Directory>

# These directories do not require access over HTTP - taken from the original
# phpMyAdmin upstream tarball
#
<Directory /usr/share/phpMyAdmin/libraries/>
    Order Deny,Allow
    Deny from All
    Allow from None
</Directory>

<Directory /usr/share/phpMyAdmin/setup/lib/>
    Order Deny,Allow
    Deny from All
    Allow from None
</Directory>

<Directory /usr/share/phpMyAdmin/setup/frames/>
    Order Deny,Allow
    Deny from All
    Allow from None
</Directory>

# This configuration prevents mod_security at phpMyAdmin directories from
# filtering SQL etc.  This may break your mod_security implementation.
#
#<IfModule mod_security.c>
#    <Directory /usr/share/phpMyAdmin/>
#        SecRuleInheritance Off
#    </Directory>
#</IfModule>
[root@delibers conf.d]#

COuld you please help me to get rid of this?

1 Answer

Where are you trying to connect to the phpMyAdmin instance from? This block in your configuration limits where you can access it from:

   <IfModule mod_authz_core.c>
     # Apache 2.4
     <RequireAny>
       Require ip 104.131.90.178
       Require ip 127.0.0.1
       Require ip ::1
     </RequireAny>
   </IfModule>
   <IfModule !mod_authz_core.c>
     # Apache 2.2
     Order Deny,Allow
     Deny from All
     Allow from 104.131.90.178
     Allow from ::1
     Allow from localhost
   </IfModule>

You will only be able to reach it from localhost or from the IP address 104.131.90.178 (which I assume is the IP of the server itself). You'll need to either comment this section out, or better yet add the IP address that you are accessing it from.

For more info on installing phpMyAdmin on CentOS, check out:

by Justin Ellingwood
While many users require access to a database management system like MySQL or MariaDB, not all users feel comfortable interacting with the SQL prompt on a daily basis. In this guide, we'll discuss how to install and secure phpMyAdmin, a web management interface for MySQL and MariaDB, on a CentOS 7 server. We will leverage the Apache web server for this guide.
  • how if i want to access via public ? means I have to enter a ip public the server to Require ip and Allow from ?

    • I would recommend against allowing everyone to access phpMyAdmin as it is highly insecure, however, if you still want to do that, just leave out the two IfModule blocks that asb posted.

      If you want to access it from a computer with a static public IP address, it's better to just add it the to the whitelist:

        <IfModule mod_authz_core.c>
           # Apache 2.4
           <RequireAny>
             ...
             Require ip public IP address here
           </RequireAny>
         </IfModule>
         <IfModule !mod_authz_core.c>
           # Apache 2.2
           Order Deny,Allow
           Deny from All
           ...
           Allow from public IP address here
         </IfModule>
      
Have another answer? Share your knowledge.