只允许在指定的虚拟主机上访问PhpMyadmin

9

我正在一个多虚拟主机环境上工作。我已经为Mysql Remote Control安装了PhpMyadmin。

环境配置如下: 

one.domain.com
two.domain.com
onlyphpmyadmin.domain.com

现在,如果我访问三个域之一 

http://one.domain.com/phpmyadmin/
http://two.domein.com/phpmyadmin/
http://onlyphpmyadmin.domain.com/phpmyadmin/

结果相同,则允许访问Phpmyadmin。

目标是在下面获得这种情况

http://one.domain.com/phpmyadmin/ --> access denied
http://two.domein.com/phpmyadmin/ --> access denied 
http://onlyphpmyadmin.domain.com/phpmyadmin/ -->access allowed

没有类似的黑客

<?php 
if($_SERVER['HTTP_HOST'] != 'onlyphpmyadmin.domain.com')
die('access denied');

 ...
 ?>

在某些Phpmyadmin文件上。

这是我的Phpmyadmin配置文件

Alias /phpmyadmin /usr/share/phpmyadmin

<Directory /usr/share/phpmyadmin>
    Options FollowSymLinks
    DirectoryIndex index.php

    <IfModule mod_php5.c>
        AddType application/x-httpd-php .php

        php_flag magic_quotes_gpc Off
        php_flag track_vars On
        php_flag register_globals Off
        php_admin_flag allow_url_fopen Off
        php_value include_path .
        php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
        php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/
    </IfModule>

</Directory>

# Authorize for setup
<Directory /usr/share/phpmyadmin/setup>
    <IfModule mod_authn_file.c>
    AuthType Basic
    AuthName "phpMyAdmin Setup"
    AuthUserFile /etc/phpmyadmin/htpasswd.setup
    </IfModule>
    Require valid-user
</Directory>

# Disallow web access to directories that don't need it
<Directory /usr/share/phpmyadmin/libraries>
    Order Deny,Allow
    Deny from All
</Directory>
<Directory /usr/share/phpmyadmin/setup/lib>
    Order Deny,Allow
    Deny from All
</Directory>
apache-2.2  php  virtualhost 
阿莱斯达里奥
source

Answers:

25

删除别名声明 

Alias /phpmyadmin /usr/share/phpmyadmin

从服务器上下文并将其放入相关的vhost上下文

<VirtualHost *:80>
    ServerName onlyphpmyadmin.domain.com
    .
    .
    .
    Alias /phpmyadmin /usr/share/phpmyadmin
</VirtualHost>

仅将整个phpmyadmin配置包含到相关的vhost中可能会更容易且更可取 

<VirtualHost *:80>
    ServerName onlyphpmyadmin.domain.com
    .
    .
    .
    include /path/to/phpmyadmin.conf
</VirtualHost>

然后从服务器上下文中删除该包含,然后重新启动apache以使更改生效。

用户名
source
在Centos 6.5上似乎不适合我。我尝试了两种方法,但仍然可以从所有域访问它。
杰里米2014年
记住要在更改配置后重新启动Apache2,并最终向DNS配置中添加一个新的CNAME
realtebo
3

在RHEL / CentOS中,Apache加载/etc/httpd/conf.d/phpmyadmin.conf来设置/ phpmyadmin别名。最初,Directory指令还设置为仅允许来自本地主机的流量,因此在访问phpmyadmin时,例如“ domain.com/phpmyadmin”,您可能会收到403错误。

使用以下命令,可以将RHEL / CentOS设置为仅允许/ phpmyadmin别名在特定虚拟主机上运行。

/etc/httpd/conf.d/phpmyadmin.conf

<Directory "/usr/share/phpmyadmin">
#  Order Deny,Allow
#  Deny from all
   Allow from 127.0.0.1
</Directory>

#Alias /phpmyadmin /usr/share/phpmyadmin
#Alias /phpMyAdmin /usr/share/phpmyadmin
#Alias /mysqladmin /usr/share/phpmyadmin

接下来,将alias指令添加到您的vhost中,然后重新启动Apache。

请注意,这不是最安全的实现。请注意通过身份验证,IP限制或两者结合来保护/ phpmyadmin的安全。

利亚姆
source
By using our site, you acknowledge that you have read and understand our Cookie Policy and Privacy Policy.
Licensed under cc by-sa 3.0 with attribution required.