phpMyAdmin setup does not recognize its own passwod - mysql

So, I'm trying to setup phpMyAdmin on my new server, but I cannot enter the setup because im prompted with a .htaccess password messagebox which expects a username/password.
The apache.conf in the /etc/phpmyadmin folder looks like this:
# phpMyAdmin default Apache configuration
Alias /phpmyadmin /usr/share/phpmyadmin
<Directory /usr/share/phpmyadmin>
Options FollowSymLinks
DirectoryIndex index.php
<IfModule mod_php5.c>
<IfModule mod_mime.c>
AddType application/x-httpd-php .php
</IfModule>
<FilesMatch ".+\.php$">
SetHandler application/x-httpd-php
</FilesMatch>
php_flag magic_quotes_gpc Off
php_flag track_vars On
php_flag register_globals Off
php_admin_flag allow_url_fopen Off
php_value include_path .
php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext/:/usr/share/javascript/:/usr/share/php/tcpdf/
</IfModule>
</Directory>
# Authorize for setup
<Directory /usr/share/phpmyadmin/setup>
<IfModule mod_authz_core.c>
<IfModule mod_authn_file.c>
AuthType Basic
AuthName "phpMyAdmin Setup"
AuthUserFile /etc/phpmyadmin/htpasswd.setup
</IfModule>
Require valid-user
</IfModule>
</Directory>
I have already checked the htpasswd.setup file, which says:
admin:*
However, when I enter admin and leave the password field blank, the server rejects me. The apache2 error.log says:
[Fri Mar 04 12:07:05.812975 2016] [auth_basic:error] [pid 3449] [client 95.112.247.64:50581] AH01617: user admin: authentication failure for "/phpmyadmin/setup": Password Mismatch
Did I do anything wrong previously? Because this does not make sense to me at all.

You appear to have installed phpMyAdmin from your distribution's packaged version, so something went wrong on installation. As Lelio Faieta indicated, this isn't directly from phpMyAdmin, it's a protection your package maintainer has implemented, so you probably should seek support directly from your distribution.
First try reinstalling/reconfiguring.
With Debian/Ubuntu: dpkg-reconfigure --plow phpmyadmin
CentOS doesn't seem to have a reconfigure option.
If that fails, I don't anticipate any reason you couldn't just reset the password. Unlike, for instance, the control user or the system database user, the username/password isn't (likely to be) used anywhere else so you can (should be able to safely) change the password:
sudo htpasswd /etc/phpmyadmin/htpasswd.setup admin
Or even better, I'd personally add a new account and forget about 'admin':
sudo htpasswd /etc/phpmyadmin/htpasswd.setup yunowork
Although technically this might leave you vulnerable if someone else knows the admin password, but I imagine your distribution generated a password, plus running the setup script is not the same as having database access anyway. So you're extremely likely to be fine either way.

Related

PHPMyAdmin 500 Internal Server Error in Apache [duplicate]

This question already has answers here:
PHPMyAdmin 500 Internal Server Error in Apache due to PHP Version
(5 answers)
Closed 2 years ago.
Version:
OS lsb_release -a : Ubuntu 18.04.5 LTS
PHP php -v : 8.0.1
Apache apache2 -v : 2.4.29 (Ubuntu)
MySQL mysql -v : 10.1.47-MariaDB
Problem:
I'm trying to install LAMP Stack using following article. However, I was getting HTTP 500 Error while accessing phpmyadmin from browser.
So, I tried to create symlink using ln command but it fails
ln: failed to create symbolic link '/etc/apache2/conf-available/phpmyadmin.conf': File exists
root#host:/etc/phpmyadmin# sudo ln -s /etc/phpmyadmin/apache.conf /etc/apache2/conf-available/phpmyadmin.conf
ln: failed to create symbolic link '/etc/apache2/conf-available/phpmyadmin.conf': File exists
Tried 1:
Then, I'd created symlink by forcing ln -sf.
sudo ln -sf /etc/phpmyadmin/apache.conf /etc/apache2/conf-available/phpmyadmin.conf
And run the following command
sudo a2enconf phpmyadmin.conf
sudo systemctl reload apache2.service
root#host:/etc/phpmyadmin# ls -l
-rw-r--r-- 1 root root 2110 Jul 10 2017 apache.conf
root#host:/etc/apache2/conf-available# ls -l
lrwxrwxrwx 1 root root 28 Jan 30 06:52 phpmyadmin.conf -> ../../phpmyadmin/apache.conf
Tried 2:
I even reconfigured phpmyadmin if incase I bymistakely didn't select apache2 using
sudo dpkg-reconfigure -plow phpmyadmin
/etc/apache2/conf-available/phpmyadmin.conf
# phpMyAdmin default Apache configuration
Alias /phpmyadmin /usr/share/phpmyadmin
<Directory /usr/share/phpmyadmin>
Options SymLinksIfOwnerMatch
DirectoryIndex index.php
<IfModule mod_php5.c>
<IfModule mod_mime.c>
AddType application/x-httpd-php .php
</IfModule>
<FilesMatch ".+\.php$">
SetHandler application/x-httpd-php
</FilesMatch>
php_value include_path .
php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext/:/usr/share/php/php-php-gettext/:/usr/share/javascript/:/usr/share/php/tcpdf/:/usr/share/doc/phpmyadmin/:/usr/share/php/phpseclib/
php_admin_value mbstring.func_overload 0
</IfModule>
<IfModule mod_php.c>
<IfModule mod_mime.c>
AddType application/x-httpd-php .php
</IfModule>
<FilesMatch ".+\.php$">
SetHandler application/x-httpd-php
</FilesMatch>
php_value include_path .
php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext/:/usr/share/php/php-php-gettext/:/usr/share/javascript/:/usr/share/php/tcpdf/:/usr/share/doc/phpmyadmin/:/usr/share/php/phpseclib/
php_admin_value mbstring.func_overload 0
</IfModule>
</Directory>
# Authorize for setup
<Directory /usr/share/phpmyadmin/setup>
<IfModule mod_authz_core.c>
<IfModule mod_authn_file.c>
AuthType Basic
AuthName "phpMyAdmin Setup"
AuthUserFile /etc/phpmyadmin/htpasswd.setup
</IfModule>
Require valid-user
</IfModule>
</Directory>
# Disallow web access to directories that don't need it
<Directory /usr/share/phpmyadmin/templates>
Require all denied
</Directory>
<Directory /usr/share/phpmyadmin/libraries>
Require all denied
</Directory>
<Directory /usr/share/phpmyadmin/setup/lib>
Require all denied
</Directory>
But still couldn't access phpmyadmin through browser.
One thing is that it could be because the PHPMyAdmin version and the PHP version do not work together well.
You can see this answer https://stackoverflow.com/a/65969268/12154890. I don't wanna post the same thing multiple times.

403 Forbidden access of phpmyadmin at AWS EC2 instance

My /etc/httpd/conf.d/phpMyadmin.conf has the following configurations
# phpMyAdmin - Web based MySQL browser written in php
#
# Allows only localhost by default
#
# But allowing phpMyAdmin to anyone other than localhost should be considered
# dangerous unless properly secured by SSL
Alias /phpMyAdmin /usr/share/phpMyAdmin
Alias /phpmyadmin /usr/share/phpMyAdmin
<Directory /usr/share/phpMyAdmin/>
AddDefaultCharset UTF-8
<IfModule mod_authz_core.c>
# Apache 2.4
<RequireAny>
Require ip xx.xx.xx.xxx
Require ip ::1
</RequireAny>
</IfModule>
<IfModule !mod_authz_core.c>
# Apache 2.2
Order Deny,Allow
#Deny from All
Allow from xx.xx.xx.xxx
Allow from ::1
</IfModule>
</Directory>
<Directory /usr/share/phpMyAdmin/setup/>
<IfModule mod_authz_core.c>
# Apache 2.4
<RequireAny>
Require ip xx.xx.xx.xxx
Require ip ::1
</RequireAny>
</IfModule>
<IfModule !mod_authz_core.c>
# Apache 2.2
Order Deny,Allow
#Deny from All
Allow from xx.xx.xx.xxx
Allow from ::1
</IfModule>
</Directory>
# These directories do not require access over HTTP - taken from the original
# phpMyAdmin upstream tarball
#
<Directory /usr/share/phpMyAdmin/libraries/>
Order Deny,Allow
#Deny from All
Allow from None
</Directory>
<Directory /usr/share/phpMyAdmin/setup/lib/>
Order Deny,Allow
#Deny from All
Allow from None
</Directory>
<Directory /usr/share/phpMyAdmin/setup/frames/>
Order Deny,Allow
#Deny from All
Allow from None
</Directory>
# This configuration prevents mod_security at phpMyAdmin directories from
# filtering SQL etc. This may break your mod_security implementation.
#
#<IfModule mod_security.c>
# <Directory /usr/share/phpMyAdmin/>
# SecRuleInheritance Off
# </Directory>
#</IfModule>
When I access at my page EC2 instance as
http://xx.xx.xx.xxx/phpmyadmin, I have You don't have permission to access /phpmyadmin on this server. error.
I made sure this ip address xx.xx.xx.xxx is my EC2's Elastic IP address.
phpMyadmin.conf has correct xx.xx.xx.xxx to allow.
I tried to follow the similar links of this, this and this.
But still have the error. What could be wrong with my error?
My EC2 instance has AWS linux OS installed.
Thanks
As per my understanding this configuration is related to PhpMyadmin. In order to load this configuration into Apache Web Server, Make sure Apache is loading all the configuration files from conf.d by looking into httpd.conf if you are using apache [Not Apache2] and apache2.conf [for Apache2].
Inside /etc/apache2/apache2.conf, you will find the following line, which includes those files:
# Include generic snippets of statements
Include conf.d/
[Refference]
You might have checked it still, it is one of the solution.
I have same error. Follow this link https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/install-LAMP.html to do all owner and group changes. Did all as you did above, but it's getting that error. Finally after restarting httpd, I become able to connect.

403 Error when accessing phpMyAdmin on an ec2 Instance

I wanted to install a LAMP environment on a new EC2 instance using Amazon-Linux following amazon's tutorial. Then I wanted to have phpMyAdmin so I installed it using sudo yum --enablerepo=epel install phpmyadmin and created a link to the www directory sudo ln -s /usr/share/phpmyadmin /var/www/html/phpmyadmin.
Then I altered the /etc/httpd/conf.d/phpMyAdmin.conf file to allow access.
The current file:
# phpMyAdmin - Web based MySQL browser written in php
#
# Allows only localhost by default
#
# But allowing phpMyAdmin to anyone other than localhost should be considered
# dangerous unless properly secured by SSL
Alias /phpMyAdmin /usr/share/phpMyAdmin
<Directory /usr/share/phpMyAdmin/>
AddDefaultCharset UTF-8
Order allow,deny
Allow from all
</Directory>
# These directories do not require access over HTTP - taken from the original
# phpMyAdmin upstream tarball
#
<Directory /usr/share/phpMyAdmin/libraries/>
Order Deny,Allow
Deny from All
Allow from None
</Directory>
<Directory /usr/share/phpMyAdmin/setup/lib/>
Order Deny,Allow
Deny from All
Allow from None
</Directory>
<Directory /usr/share/phpMyAdmin/setup/frames/>
Order Deny,Allow
Deny from All
Allow from None
</Directory>
# This configuration prevents mod_security at phpMyAdmin directories from
# filtering SQL etc. This may break your mod_security implementation.
#
#<IfModule mod_security.c>
# <Directory /usr/share/phpMyAdmin/>
# SecRuleInheritance Off
# </Directory>
#</IfModule>
But still I'm getting a 403 error, when I try to access /phpMyAdmin
error_log:
[Thu Aug 27 13:45:47.702678 2015] [authz_core:error] [pid 25763] [client 37.49.61.176:59958] AH01630: client denied by server configuration: /usr/share/phpMyAdmin/
[Thu Aug 27 13:45:48.699611 2015] [authz_core:error] [pid 25763] [client 37.49.61.176:59958] AH01630: client denied by server configuration: /usr/share/phpMyAdmin/
[Thu Aug 27 13:49:22.181819 2015] [authz_core:error] [pid 25765] [client 37.49.61.176:60222] AH01630: client denied by server configuration: /usr/share/phpMyAdmin/
What else could be the error?
The issue was fixed after I removed
Alias /phpMyAdmin /usr/share/phpMyAdmin
from
/etc/httpd/conf.d/phpMyAdmin.conf
And then don't forget to restart by using the following command
sudo service httpd restart
Copy the following code in your /etc/httpd/conf.d/phpMyAdmin.conf
I found it here http://howsolve.com/i-always-get-a-403-error-with-phpmyadmin-ec2-aws/
# phpMyAdmin - Web based MySQL browser written in php
#
# Allows only localhost by default
#
# But allowing phpMyAdmin to anyone other than localhost should be considered
# dangerous unless properly secured by SSL
Alias /phpMyAdmin /usr/share/phpMyAdmin
<Directory /usr/share/phpMyAdmin/>
AddDefaultCharset UTF-8
Order allow,deny
Allow from all
</Directory>
# These directories do not require access over HTTP - taken from the original
# phpMyAdmin upstream tarball
#
<Directory /usr/share/phpMyAdmin/libraries/>
Order Deny,Allow
Deny from All
Allow from None
</Directory>
<Directory /usr/share/phpMyAdmin/setup/lib/>
Order Deny,Allow
Deny from All
Allow from None
</Directory>
<Directory /usr/share/phpMyAdmin/setup/frames/>
Order Deny,Allow
Deny from All
Allow from None
</Directory>
# This configuration prevents mod_security at phpMyAdmin directories from
# filtering SQL etc. This may break your mod_security implementation.
#
#<IfModule mod_security.c>
# <Directory /usr/share/phpMyAdmin/>
# SecRuleInheritance Off
# </Directory>
#</IfModule>

Installing phpMyAdmin onto Amazon EC2 instance

I've configured my EC2 instance as a LAMP, following Amazon's tutorial. That appears to be functioning correctly (I can see phpinfo() in a file I've uploaded OK).
I then tried to install phpMyAdmin by doing the following:
sudo yum --enablerepo=epel install phpmyadmin
I can see that phpMyAdmin is now in /usr/share/phpmyadmin, so I added an symbolic link:
sudo ln -s /usr/share/phpmyadmin /var/www/html/phpmyadmin
I then edited http.conf to add AllowOverride all to <Directory "/var/www/html">. (Command: sudo nano /etc/httpd/conf/httpd.conf)
And then restarted the server:
sudo service httpd restart
But whenever I visit http://ec2-xx-xxx-xxx-xxx.us-west-2.compute.amazonaws.com/phpmyadmin I get a 403 Forbidden response from the server: You don't have permission to access /phpmyadmin on this server.
I feel like I'm missing something really obvious, but I cannot figure out what.
I needed to update the /etc/httpd/conf.d/phpMyAdmin.conf to allow remote users.
I just replaced the contents of the first <directory> tag like so...
I removed:
<Directory /usr/share/phpMyAdmin/>
AddDefaultCharset UTF-8
<IfModule mod_authz_core.c>
# Apache 2.4
<RequireAny>
Require ip 127.0.0.1
Require ip ::1
</RequireAny>
</IfModule>
<IfModule !mod_authz_core.c>
# Apache 2.2
Order Deny,Allow
Deny from All
Allow from 127.0.0.1
Allow from ::1
</IfModule>
</Directory>
And replaced it with this:
<Directory /usr/share/phpMyAdmin/>
AddDefaultCharset UTF-8
Order allow,deny
Allow from all
</Directory>
And restarted the server: sudo service httpd restart
Works now!
I had the same issue, and Chuck Le Butt's solution was very helpful, although a little different for me...
My ISP uses dynamic IP addresses so when I setup the server it was via a different IP.
When I returned to it the following day, my IP address had changed so I was forbidden.
Butt, rather than allowing access from all IP's as Chuck suggested, I've updated my previous IP addresses in the phpMyAdmin.conf file.
sudo nano /etc/httpd/conf.d/phpMyAdmin.conf
I replace
<Directory /usr/share/phpMyAdmin/>
AddDefaultCharset UTF-8
<IfModule mod_authz_core.c>
# Apache 2.4
<RequireAny>
Require ip 127.0.0.1
Require ip ::1
</RequireAny>
</IfModule>
<IfModule !mod_authz_core.c>
# Apache 2.2
Order Deny,Allow
Deny from All
Allow from 127.0.0.1
Allow from ::1
</IfModule>
</Directory>
<Directory /usr/share/phpMyAdmin/setup/>
Order Deny,Allow
Deny from All
Allow from 127.0.0.1
Allow from ::1
</Directory>
to
<Directory /usr/share/phpMyAdmin/>
AddDefaultCharset UTF-8
<IfModule mod_authz_core.c>
# Apache 2.4
<RequireAll>
Require all granted
</RequireAll>
</IfModule>
<IfModule !mod_authz_core.c>
# Apache 2.2
Order Allow,Deny
Allow from All
</IfModule>
</Directory>
<Directory /usr/share/phpMyAdmin/setup/>
Order Allow,Deny
Allow from All
</Directory>
And it works~

Munin zoom isn't working

Munin installed on FreeBSD 8.0.
Address: http://site.com/munin/
Path: /usr/local/www/munin/
Problem: zoom is not working (image is not showing). In apache logs I see:
[Sun Jan 13 16:42:25 2013] [error] [client 1.2.3.4] File does not exist: /usr/home/site/htdocs, referer: http://site.com/munin/static/dynazoom.html?plugin_name=com%2Fsite.com%2Fhttp_response_time_site&start_iso8601=2013-01-12T08%3A26%3A43%2B0400&stop_iso8601=2013-01-12T14%3A17%3A43%2B0400&start_epoch=1357943743&stop_epoch=1357996393&lower_limit=&upper_limit=&size_x=800&size_y=400&cgiurl_graph=
My httpd.conf:
Alias /munin/ "/usr/local/www/munin/"
How to fix it?
I know this is over a year old but I'm sure there are other people having this issue and finding this on google. (like me)
This is for Debian 7.6 + Munin version 2.0.6-4+deb7u2. Zoom is actually working but it's localhost only. I didn't test this on Freebsd or any other bsd/linux distros so far but I think the problem&solution will be similar.
Please edit this file:
/etc/munin/apache2.conf
# Enables fastcgi for munin-cgi-graph if present
ScriptAlias /munin-cgi/munin-cgi-graph /usr/lib/munin/cgi/munin-cgi-graph
<Location /munin-cgi/munin-cgi-graph>
Order allow,deny
# Allow from localhost 127.0.0.0/8 ::1
Allow from all
# AuthUserFile /etc/munin/munin-htpasswd
# AuthName "Munin"
# AuthType Basic
# require valid-user
<IfModule mod_fastcgi.c>
SetHandler fastcgi-script
</IfModule>
</Location>
ScriptAlias /munin-cgi/munin-cgi-html /usr/lib/munin/cgi/munin-cgi-html
<Location /munin-cgi/munin-cgi-html>
Order allow,deny
# Allow from localhost 127.0.0.0/8 ::1
Allow from all
# AuthUserFile /etc/munin/munin-htpasswd
# AuthName "Munin"
# AuthType Basic
# require valid-user
<IfModule mod_fastcgi.c>
SetHandler fastcgi-script
</IfModule>
</Location>
You will see "Allow from localhost 127.0.0.0/8 ::1" for both munin-cgi-graph and munin-cgi-html. Please comment these lines out and add "Allow from all" (change this depending on your security settings of course) and restart apache2. Now you should be able to zoom to your graphs.
I had the same problem on Ubuntu 12.04, and fixed it with these steps:
Turn off SELINUX: $ sudo setenforce 0
Add this to Apache vhost config: ScriptAlias /munin-cgi/ "/var/www/cgi-bin/"
Change permissions on /var/log/munin so that Apache can open files there.
To find out where munin-cgi-graph is installed on your system:
find / -name munin-cgi-graph