0

I just wanted to install fail2ban also for phpmyadmin as described in another post. Then I found out that phpmyadmin doesn't log access on my apache. I installed phpmyadmin as follows:

apt-get install phpmyadmin

use with apache - added this line to /etc/apache2/apache2.conf:

Include /etc/phpmyadmin/apache.conf

In /etc/phpmyadmin/apache.conf I added

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %{userID}n %{userStatus}n" pma_combined
CustomLog ${APACHE_LOG_DIR}/phpmyadmin_access.log pma_combined
ErrorLog ${APACHE_LOG_DIR}/phpmyadmin_error.log

tail -f /var/log/apache2/phpmyadmin_access.log just contains:

127.0.0.1 - - [04/Sep/2015:14:11:37 +0200] "OPTIONS * HTTP/1.0" 200 110 "-" "Apache/2.4.7 (Ubuntu) OpenSSL/1.0.1f (internal dummy connection)"
127.0.0.1 - - [04/Sep/2015:14:11:37 +0200] "OPTIONS * HTTP/1.0" 200 110 "-" "Apache/2.4.7 (Ubuntu) OpenSSL/1.0.1f (internal dummy connection)"

but never logs access or even failed logins.

relevant parts of /etc/phpmyadmin/config.inc.php:

/* Authentication type */
$cfg['Servers'][$i]['auth_type'] = 'cookie';
/* Server parameters */
if (empty($dbserver)) $dbserver = 'localhost';
$cfg['Servers'][$i]['host'] = $dbserver;

if (!empty($dbport) || $dbserver != 'localhost') {
    $cfg['Servers'][$i]['connect_type'] = 'tcp';
    $cfg['Servers'][$i]['port'] = $dbport;
}
//$cfg['Servers'][$i]['compress'] = false;

I was not able to find any configuration in phpmyadmin to control logging. Logging in my virtual hosts configurations works just fine - I also just define CustomLog and ErrorLog there in the same manner.

Community
  • 1
No3x
  • 101
  • 1
  • 2
  • I imagine what gets logged depends on how you have actually configured [phpMyAdmin authentication](https://wiki.phpmyadmin.net/pma/Auth_types)... Could please detail your setup – HBruijn Sep 04 '15 at 13:11
  • I added the relevant part of the config to the question. – No3x Sep 04 '15 at 13:28
  • I don't have a phpMyAdmin instance, but I would expect that only the `http` method logs authentication requests in the webserver log files and `cookie` does not. And fail2ban works on analyzing the web server log files. – HBruijn Sep 06 '15 at 12:13
  • @HBruijn it's not about authentication logs. Simple access logs - there is nothing logged. No even a GET Request when accessing the page. – No3x Sep 06 '15 at 14:59
  • I would expect that since logging directives are only valid in VitualHost sections and the main httpd.conf your logging takes place elsewhere... – HBruijn Sep 06 '15 at 15:31
  • @HBruijn with http also nothing is logged for me. – No3x Sep 06 '15 at 17:34

0 Answers0