On 1/29/2022 10:42 PM, Praveen Gattu wrote:
I am trying to setup IP restriction for the phpmyadmin of my site. However, it's not working. Here's the apache.conf file for phpmyadmin. Any ideas what I am missing?


    # phpMyAdmin default Apache configuration

    Alias /padm /usr/share/phpmyadmin

    <Directory /usr/share/phpmyadmin>
        Options SymLinksIfOwnerMatch
        DirectoryIndex index.php

        <IfModule mod_php5.c>
            <IfModule mod_mime.c>
                AddType application/x-httpd-php .php
            </IfModule>
            <FilesMatch ".+\.php$">
                SetHandler application/x-httpd-php
            </FilesMatch>

            php_value include_path .
            php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
            php_admin_value open_basedir
    
/usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext/:/usr/share/php/php-php-gettext/:/usr/share/javascript/:/usr/share/php/tcpdf/:/usr/share/doc/phpmyadmin/:/usr/share/php/phpseclib/
            php_admin_value mbstring.func_overload 0
        </IfModule>
        <IfModule mod_php.c>
            <IfModule mod_mime.c>
                AddType application/x-httpd-php .php
            </IfModule>
            <FilesMatch ".+\.php$">
                SetHandler application/x-httpd-php
            </FilesMatch>

            php_value include_path .
            php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
            php_admin_value open_basedir
    
/usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext/:/usr/share/php/php-php-gettext/:/usr/share/javascript/:/usr/share/php/tcpdf/:/usr/share/doc/phpmyadmin/:/usr/share/php/phpseclib/
            php_admin_value mbstring.func_overload 0
        </IfModule>

        # Allowing access only from local IP addresses and the public
    address for our home network.
    *    Order Deny,Allow
        Deny from All
        Allow from 127.0.0.1 ::1
        Allow from localhost
        Allow from 192.168
        Allow from <my.public.ip.address>
        Satisfy Any
    *
    </Directory>


-- Praveen

I'm not sure if your "Satisfy Any " is a problem, but I believe it is irrelevant without a "Require" based on the section of configuration listed. Depending on your version of Apache, you might want to review changes to access configs:
https://httpd.apache.org/docs/2.4/upgrading.html
and if more modern version... is mod_access_compat loaded to provide support for old style access configs.... or convert to new style.

Jim

Reply via email to