Hi! running 4.2 and the latest stable phpMyAdmin 2.8.0.1 of course all the lamp stuff is running. Alexander Dalloz helped me a good bit on the installation which I am truly gratefull. And then I brought it to a point where I can log on from local as any user and give it the anon''s password and phpmyadmin will come up w/of course no privileges. I can log on as root from local w/the password and it will come up as root should w/all privileges. coming in from the web is a different story: if one tries to log on from the web to the following url and msg: The URL is this: http://rivers-bend.com/phpmyadmin/index.php The Browser page shows this: Forbidden You don''t have permission to access /phpmyadmin/index.php on this server. -------------------------------------------------------------------------------- Apache/2.0.52 (CentOS) Server at rivers-bend.com Port 80 ok this is 1 of 3 problems I can''t seem to get a handle on. 2.Well, ...trying to go by the book...I have anon users all to the same password and root having it''s own. I am having trouble having a user w/his own password to have special privileges, i.e. to have control over his own database. I have even tried to set it up in phpmyadmin as root through privileges but no dice. this same user can log on w/his user name and the anon password tho. 3rd and last problem: mysql: mind you I am still trying to get the passwords staight and I know next to nothing about mysql yet. but there is reference to "host" and in the mysql.user file ...well, you know how everything is spelled out in localhost and then in "host" in my case it''s rbmain1.rivers-bend.com. What I am concerned about is that I run 2 servers mirroring each other and really makes no difference who''s got the ball. the other server is rbmain2 but I am hoping this will take care of itself down the line. whew! I''m sorry for all this. geez thx y''all John Rose
On Sun, 19 Mar 2006, rado wrote:> running 4.2 and the latest stable phpMyAdmin 2.8.0.1 of course all the > lamp stuff is running.> I can log on as root from local w/the password and it will come up as > root should w/all privileges.A sensible set of security defaults would have an ACL permitting (''Allow from 127.0.0.1 // Deny from all'')> coming in from the web is a different story: if one tries to log on from > the web to the following url and msg:[... from an external IP]> Forbidden > You don''t have permission to access /phpmyadmin/index.php on this > server.and it may actually be that sensible defaults reign. Check with the upstream as to further details as to this -- maybe even read the documentation; or, dare I say it, read the source of the config files. - Russ Herrold
> > running 4.2 and the latest stable phpMyAdmin 2.8.0.1 of course all the > > lamp stuff is running.Might also be worth noting that the "latest stable" is not 2.8.0.1, but 2.8.0.2, which fixes a couple security issues and bug fixes. Stay tuned.. there will probably be 2.8.0.3 in a few hours or so. -- "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety'''' Benjamin Franklin 1775
On Sun, 2006-03-19 at 22:00 -0500, R P Herrold wrote:> On Sun, 19 Mar 2006, rado wrote: > > > running 4.2 and the latest stable phpMyAdmin 2.8.0.1 of course all the > > lamp stuff is running. > > > I can log on as root from local w/the password and it will come up as > > root should w/all privileges. > > A sensible set of security defaults would have an ACL > permitting (''Allow from 127.0.0.1 // Deny from all'') > > > coming in from the web is a different story: if one tries to log on from > > the web to the following url and msg: > [... from an external IP] > > Forbidden > > You don''t have permission to access /phpmyadmin/index.php on this > > server. > > and it may actually be that sensible defaults reign. Check > with the upstream as to further details as to this -- maybe > even read the documentation; or, dare I say it, read the > source of the config files. > > - Russ Herroldkk thx Russ, ...from phpMyAdmin docs, I set the permissions exactly as they said or I thought I did lol I am really having a bad time of this but how do they say...nothing good comes easy...just wish this info would quit bouncing off me and some of it stick! thx John
On Sun, 2006-03-19 at 22:56 -0500, Jim Perrin wrote:> > > running 4.2 and the latest stable phpMyAdmin 2.8.0.1 of course all the > > > lamp stuff is running. > > Might also be worth noting that the "latest stable" is not 2.8.0.1, > but 2.8.0.2, which fixes a couple security issues and bug fixes. Stay > tuned.. there will probably be 2.8.0.3 in a few hours or so. >Whoa!!! things sure do change in a few days!!!! well, something else I will have to get smart in...updating it. But right now it''s pick a number and have a seat for that. somehow I have to get it to work from the public ip thx John
On Mon, 2006-03-20 at 10:57 -0600, rado wrote:> On Sun, 2006-03-19 at 22:56 -0500, Jim Perrin wrote: > > > > running 4.2 and the latest stable phpMyAdmin 2.8.0.1 of course all the > > > > lamp stuff is running. > > > > Might also be worth noting that the "latest stable" is not 2.8.0.1, > > but 2.8.0.2, which fixes a couple security issues and bug fixes. Stay > > tuned.. there will probably be 2.8.0.3 in a few hours or so. > > > Whoa!!! things sure do change in a few days!!!! > well, something else I will have to get smart in...updating it. But > right now it''s pick a number and have a seat for that. > > somehow I have to get it to work from the public ip---- permissions for users are also related to hosts (ip addresses) that is a MySQL thing not a phpmyadmin thing You have to get that working before you can use a tool like phpmyadmin. Craig
On Mon, 2006-03-20 at 11:58 -0700, Craig White wrote:> On Mon, 2006-03-20 at 10:57 -0600, rado wrote: > > On Sun, 2006-03-19 at 22:56 -0500, Jim Perrin wrote: > > > > > running 4.2 and the latest stable phpMyAdmin 2.8.0.1 of course all the > > > > > lamp stuff is running. > > > > > > Might also be worth noting that the "latest stable" is not 2.8.0.1, > > > but 2.8.0.2, which fixes a couple security issues and bug fixes. Stay > > > tuned.. there will probably be 2.8.0.3 in a few hours or so. > > > > > Whoa!!! things sure do change in a few days!!!! > > well, something else I will have to get smart in...updating it. But > > right now it''s pick a number and have a seat for that. > > > > somehow I have to get it to work from the public ip > ---- > permissions for users are also related to hosts (ip addresses) > > that is a MySQL thing not a phpmyadmin thing > > You have to get that working before you can use a tool like phpmyadmin. > > Craig >thx Craig ....oh my....I know this can''t be right and I have to do lots more reading but phpmyadmin is now accessible publically now. Alexander Dalloz pointed me right to the answer but I was too much of a brick to catch the hint! The problem was/is in Apache Order Deny,Allow We had it set to Deny from all then: Allow from 127.0.0.0 then: Allow from 10.0.0.0/24 but nothing public. the way I have it now does not seem right to me as it''s too wide open but for right now testing I just made it: Allow from all and did a apachectl graceful ....had someone try it and weeeeee it worked! now, before I move on to some of the other problems I have to get lots smarter on Order Deny,Allow. Certainly there should be a better way than Allow from all! thx John