0

I know that there are scads of articles on the web regarding remotely accessing phpMyAdmin, but none of the articles I see have worked (not even this).

I would like to configure Apache to allow access to phpMyAdmin when it comes from certain IP addresses. I know that I can set it up to allow worldwide access, but that is just asking for problems.

Here is my phpmyadmin.conf file located in /alias/:

Alias /phpmyadmin "<wamp_installation_root>/apps/phpmyadmin3.3.9/" 

# to give access to phpmyadmin from outside 
# replace the lines
#
#        Order Deny,Allow
#   Deny from all
#   Allow from 127.0.0.1     <-- Good idea
#
# by
#
#        Order Allow,Deny 
#   Allow from all           <-- IMO, really bad idea
#

<Directory "C:/Web Development/wamp/apps/phpmyadmin3.3.9/">
    Options Indexes FollowSymLinks MultiViews
    AllowOverride all
    Order Deny,Allow
    Allow from 127.0.0.1
    Allow from <my_public_static_IP_address_also_address_of_server>
    Deny from all
</Directory>

I try to access phpMyAdmin from a domain that I set up from No-Ip.com. The domain is configured to route to my development machine like so:

  1. Make the request: example.no-ip.org:256/phpmyadmin
  2. Forwarded to: <my_public_static_IP_address>:256/phpmyadmin
  3. Router receives the request public request and forwards it to: <internal_IP_address>:80/phpmyadmin

In the end, I get a 403 Forbidden error. My server is configured for access online, as going to example.no-ip.org:256 will take you to my homepage (well, if that were actually my domain :D).

Again, just to be clear, the computer I am making the request from is also the Apache server.

Any ideas on what may be causing this?

Community
  • 1
Oliver Spryn
  • 172
  • 3
  • 13

1 Answers1

1

From the Apache manual:

Allow,Deny - First, all Allow directives are evaluated; at least one must match, or the request is rejected. Next, all Deny directives are evaluated. If any matches, the request is rejected. Last, any requests which do not match an Allow or a Deny directive are denied by default.

So what you do is that you simply reject from all. Try Order Deny,Allow.

And phpMyAdmin is already never than 3.3.9. Please update for the latest features and security fixes.

Shi
  • 435
  • 2
  • 11
  • Thank you, I've updated my question with the suggested change, but my problem still persists. – Oliver Spryn Aug 13 '12 at 22:12
  • 1
    Your router forwards the packet but changes the port? Sure it works as expected? What happens if you add your router internal IP to the list of allowed IP addresses? – Shi Aug 13 '12 at 22:20
  • Ah HA! Bingo! Adding my router's IP address solved the issue. Now I know what to look out for. Thank you! – Oliver Spryn Aug 13 '12 at 22:24