You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Praveen Gattu <pg...@gmail.com> on 2022/01/30 03:42:31 UTC

[users@httpd] IP Address restriction not working

I am trying to setup IP restriction for the phpmyadmin of my site. However,
it's not working. Here's the apache.conf file for phpmyadmin. Any ideas
what I am missing?


# phpMyAdmin default Apache configuration
>
> Alias /padm /usr/share/phpmyadmin
>
> <Directory /usr/share/phpmyadmin>
>     Options SymLinksIfOwnerMatch
>     DirectoryIndex index.php
>
>     <IfModule mod_php5.c>
>         <IfModule mod_mime.c>
>             AddType application/x-httpd-php .php
>         </IfModule>
>         <FilesMatch ".+\.php$">
>             SetHandler application/x-httpd-php
>         </FilesMatch>
>
>         php_value include_path .
>         php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
>         php_admin_value open_basedir
> /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext/:/usr/share/php/php-php-gettext/:/usr/share/javascript/:/usr/share/php/tcpdf/:/usr/share/doc/phpmyadmin/:/usr/share/php/phpseclib/
>         php_admin_value mbstring.func_overload 0
>     </IfModule>
>     <IfModule mod_php.c>
>         <IfModule mod_mime.c>
>             AddType application/x-httpd-php .php
>         </IfModule>
>         <FilesMatch ".+\.php$">
>             SetHandler application/x-httpd-php
>         </FilesMatch>
>
>         php_value include_path .
>         php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
>         php_admin_value open_basedir
> /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext/:/usr/share/php/php-php-gettext/:/usr/share/javascript/:/usr/share/php/tcpdf/:/usr/share/doc/phpmyadmin/:/usr/share/php/phpseclib/
>         php_admin_value mbstring.func_overload 0
>     </IfModule>
>
>     # Allowing access only from local IP addresses and the public address
> for our home network.
>
>
>
>
>
>
>
> *    Order Deny,Allow    Deny from All    Allow from 127.0.0.1 ::1
> Allow from localhost    Allow from 192.168    Allow from
> <my.public.ip.address>    Satisfy Any*
> </Directory>
>

-- Praveen

Re: [users@httpd] IP Address restriction not working

Posted by Praveen Gattu <pg...@gmail.com>.

I figured out the issue. I have Apcahe 2.4 installed, but the syntax I was
using is for version 2.2. I used "Require local" and it works now.

-- Praveen


On Sat, Jan 29, 2022 at 8:12 PM Jim Albert <ji...@netrition.com> wrote:

> On 1/29/2022 10:42 PM, Praveen Gattu wrote:
>
> I am trying to setup IP restriction for the phpmyadmin of my site.
> However, it's not working. Here's the apache.conf file for phpmyadmin. Any
> ideas what I am missing?
>
>
> # phpMyAdmin default Apache configuration
>>
>> Alias /padm /usr/share/phpmyadmin
>>
>> <Directory /usr/share/phpmyadmin>
>>     Options SymLinksIfOwnerMatch
>>     DirectoryIndex index.php
>>
>>     <IfModule mod_php5.c>
>>         <IfModule mod_mime.c>
>>             AddType application/x-httpd-php .php
>>         </IfModule>
>>         <FilesMatch ".+\.php$">
>>             SetHandler application/x-httpd-php
>>         </FilesMatch>
>>
>>         php_value include_path .
>>         php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
>>         php_admin_value open_basedir
>> /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext/:/usr/share/php/php-php-gettext/:/usr/share/javascript/:/usr/share/php/tcpdf/:/usr/share/doc/phpmyadmin/:/usr/share/php/phpseclib/
>>         php_admin_value mbstring.func_overload 0
>>     </IfModule>
>>     <IfModule mod_php.c>
>>         <IfModule mod_mime.c>
>>             AddType application/x-httpd-php .php
>>         </IfModule>
>>         <FilesMatch ".+\.php$">
>>             SetHandler application/x-httpd-php
>>         </FilesMatch>
>>
>>         php_value include_path .
>>         php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
>>         php_admin_value open_basedir
>> /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext/:/usr/share/php/php-php-gettext/:/usr/share/javascript/:/usr/share/php/tcpdf/:/usr/share/doc/phpmyadmin/:/usr/share/php/phpseclib/
>>         php_admin_value mbstring.func_overload 0
>>     </IfModule>
>>
>>     # Allowing access only from local IP addresses and the public address
>> for our home network.
>>
>>
>>
>>
>>
>>
>>
>> *    Order Deny,Allow     Deny from All     Allow from 127.0.0.1 ::1
>> Allow from localhost     Allow from 192.168     Allow from
>> <my.public.ip.address>     Satisfy Any *
>> </Directory>
>>
>
> -- Praveen
>
>
> I'm not sure if your "Satisfy Any " is a problem, but I believe it is
> irrelevant without a "Require" based on the section of configuration listed.
> Depending on your version of Apache, you might want to review changes to
> access configs:
> https://httpd.apache.org/docs/2.4/upgrading.html
> and if more modern version... is mod_access_compat loaded to provide
> support for old style access configs.... or convert to new style.
>
> Jim
>
>

Re: [users@httpd] IP Address restriction not working

Posted by Jim Albert <ji...@netrition.com>.

On 1/29/2022 10:42 PM, Praveen Gattu wrote:
> I am trying to setup IP restriction for the phpmyadmin of my site. 
> However, it's not working. Here's the apache.conf file for phpmyadmin. 
> Any ideas what I am missing?
>
>
>     # phpMyAdmin default Apache configuration
>
>     Alias /padm /usr/share/phpmyadmin
>
>     <Directory /usr/share/phpmyadmin>
>         Options SymLinksIfOwnerMatch
>         DirectoryIndex index.php
>
>         <IfModule mod_php5.c>
>             <IfModule mod_mime.c>
>                 AddType application/x-httpd-php .php
>             </IfModule>
>             <FilesMatch ".+\.php$">
>                 SetHandler application/x-httpd-php
>             </FilesMatch>
>
>             php_value include_path .
>             php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
>             php_admin_value open_basedir
>     /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext/:/usr/share/php/php-php-gettext/:/usr/share/javascript/:/usr/share/php/tcpdf/:/usr/share/doc/phpmyadmin/:/usr/share/php/phpseclib/
>             php_admin_value mbstring.func_overload 0
>         </IfModule>
>         <IfModule mod_php.c>
>             <IfModule mod_mime.c>
>                 AddType application/x-httpd-php .php
>             </IfModule>
>             <FilesMatch ".+\.php$">
>                 SetHandler application/x-httpd-php
>             </FilesMatch>
>
>             php_value include_path .
>             php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
>             php_admin_value open_basedir
>     /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext/:/usr/share/php/php-php-gettext/:/usr/share/javascript/:/usr/share/php/tcpdf/:/usr/share/doc/phpmyadmin/:/usr/share/php/phpseclib/
>             php_admin_value mbstring.func_overload 0
>         </IfModule>
>
>         # Allowing access only from local IP addresses and the public
>     address for our home network.
>     *    Order Deny,Allow
>         Deny from All
>         Allow from 127.0.0.1 ::1
>         Allow from localhost
>         Allow from 192.168
>         Allow from <my.public.ip.address>
>         Satisfy Any
>     *
>     </Directory>
>
>
> -- Praveen

I'm not sure if your "Satisfy Any " is a problem, but I believe it is 
irrelevant without a "Require" based on the section of configuration listed.
Depending on your version of Apache, you might want to review changes to 
access configs:
https://httpd.apache.org/docs/2.4/upgrading.html
and if more modern version... is mod_access_compat loaded to provide 
support for old style access configs.... or convert to new style.

Jim