phpmyadmin - 403 Forbidden

Discussion in 'Server Operation' started by Phrosgone, Dec 24, 2015.

  1. Phrosgone

    Phrosgone New Member

    I set up phpMyadmin some time ago and it worked fine. Now I wanted to access phpMyadmin again to do some changes, but now I am getting an error 403 Forbidden - You don't have permission to access /phpMyAdmin/ on this server.

    I checked the phpMyAdmin.conf and it still shows the following:
     <IfModule mod_authz_core.c>
         # Apache 2.4
           Require ip
           Require ip ::1
           Require all granted
    Starnge thing is, I tried it afterwards from another device with another IP. I was able to access phpmyadmin and to login. As soon as I was logged in, I got an error message error code 403, forbidden in the webinterface (red warning message).

    I assume it has to do with the installation of mod_evasive and mod_security (only thing I have chagned since accessed phpMyAdmin the last time).
    Mod_evasive is set up with a SiteCount of 50 per intetval, which is set to 1 second. I am sure not to exceed that number of requests.
  2. Phrosgone

    Phrosgone New Member

    I disables mod_security and it is working now. As disabling it can be only a temporary solution, I will have to dig into topic deeper once rouncube is working. Currently I get only a blank screen...will check the config file next...
  3. brody182

    brody182 Member

    Sometimes it makes sense to exclude a particular directory or a domain name if it is running an application, like phpMyAdmin, as ModSecurity will block SQL queries. It is also better to exclude admin backends of CMS applications like WordPress. If you're following this tutorial on a fresh server, you can skip this step.

    To disable ModSecurity for a complete VirtualHost, place the following directives inside the <VirtualHost>[...]</VirtualHost> block in its virtual host file.

    <IfModule security2_module>
    SecRuleEngine Off

Share This Page