How are people able to reach this directory? [Wed Mar 02 12:59:09 2011] [error] [client 217.22.231.30] File does not exist: /usr/share/phpmyadmin/scripts This is from a vhost's error log, it shows up fairly frequently. This directory is way outside of the vhost's path (/var/www/clients/client1/web1/web). I can't even figure out how I could point a web browser to that directory. Running ISPConfig 3.0.3.2 using the Ubuntu 10.04 Perfect Server setup
It's not a security hole just look at your php-cgi wrapper the open-base-dir: (took from your other topic) Without allowing to acces /usr/share/phpmyadmin, www.friendlyphotozone.com/phpmyadmin/ will not work correctly. If you ask why www.friendlyphotozone.com/phpmyadmin/ work by default, just look at the file : Code: /etc/apache2/conf.d/phpmyadmin.conf If you want to change the alias Code: Alias /phpmyadmin /usr/share/phpmyadmin by Code: Alias /what-ever-you-want /usr/share/phpmyadmin and do Code: /etc/init.d/apache2 reload of course to do that you must be root or have root privilege.
