4

I was trying to set up Xampp for home development. It's correctly installed and I can access xampp pages like demos, security, status... even using the phytin-gui to start and stop the server.

But when it comes to access phpMyAdmin using 'http://localhost/phpmyadmin' I get the next error:

Access forbidden!

New XAMPP security concept:

Access to the requested directory is only available from the local network.

This setting can be configured in the file "httpd-xampp.conf".

I checked my httpd-xampp.conf and seems to be correct. I tried to change the deny All for the Allow all but not worked.

My host files points localhost to 127.0.0.1, which is what is expected to access all xampp files.

I'm runing XAMPP 1.8.1 in ubuntu 12.04 machine

Someone that had that same issue? I lost near 2 hours googling but all what I found is that this error happens when trying to access the server from other network or machine. But for me the case is that i work directly on the server so its supposed that i could access phpMyAdmin as default.

My httpd-xampp.conf

#
# New XAMPP security concept
#
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
    Order deny,allow
    Deny from all
    Allow from ::1 127.0.0.0/8 \
        fc00::/7 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 \
        fe80::/10 169.254.0.0/16

    ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>
Francisco
  • 10,918
  • 6
  • 34
  • 45
E1000i
  • 1,409
  • 2
  • 11
  • 10

4 Answers4

6

Go to /opt/lampp/etc/extra directory in case you have installed XAMPP under /opt, and edit httpd-xampp.conf to add Require all granted as shown below:

# since XAMPP 1.4.3
<Directory "/opt/lampp/phpmyadmin">
    AllowOverride AuthConfig Limit
    Order allow,deny
    Allow from all
    Require all granted
</Directory>

You may have to restart your LAMPP sever by running /opt/lampp/lampp restart.

corazza
  • 31,222
  • 37
  • 115
  • 186
000
  • 3,976
  • 4
  • 25
  • 39
  • 1
    Isn't this just a hack that disables **all** security for the phpmyadmin path? What's the real cause of the error? ref: [Require Directive](http://httpd.apache.org/docs/2.4/mod/mod_authz_core.html#require) `Require all granted Access is allowed unconditionally.` –  May 13 '13 at 09:10
  • You are correct in pointing out that the solution above grants unconditional access. **Cause**: 127.0.0.1 only has access to the security folder and denies access from the LAN. **To resolve** the problem and maintain security to some extent you may try below code
    `Allow from xxx.xxx.x.xxx xxx.xxx.x.xxx` if you want to add more than 1 IP addresse to the Allow from rule, just add them with a space right after the last one, or end a line with a backslash "\" and you can write directly in the next line.     – 000 May 19 '13 at 06:13
2

I also found this problem in XAMPP's own forum. The Require all granted answer is mentioned, but that unconditionally grants access. The thread goes on to provide a better solution:

Just update your httpd-xampp.conf. Replace the End with:

#
# New XAMPP security concept
#
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
    <RequireAny>
        Require ip ::1 127.0.0.0/8 \
        fc00::/7 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 \
        fe80::/10 169.254.0.0/16
    </RequireAny>
    ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>

Then restart your lampp with: sudo /opt/lampp/lampp restart

ref: http://httpd.apache.org/docs/2.4/mod/mod_authz_core.html#require

0

I solved this by creating a new virtual host for phpmyadmin

Append the following to C:/xampp/apache/conf/httpd.conf:

NameVirtualHost phpmyadmin.local

<VirtualHost phpmyadmin.local>
  ServerName phpmyadmin.local
  DocumentRoot "C:/xampp/htdocs/phpmyadmin"
  <Directory "C:/xampp/htdocs/phpmyadmin">
    AllowOverride All
    Allow from All
  </Directory>
</VirtualHost>

Change the DocumentRoot/Directory to the path where you have installed your version of phpmyadmin.

Open the C:\Windows\System32\drivers\etc\hosts file in a text editor and add the following line:

127.0.0.1     phpmyadmin.local

then save the hosts file and restart xampp.

https://stackoverflow.com/a/16617319/2395363

Community
  • 1
  • 1
Andy
  • 2,892
  • 2
  • 26
  • 33
0

This answer applicable to XAMPP 1.8.2[PHP: 5.4.25]

Just put # mark before Require local below, And importantly, stop and start Apache in xampp control panel.That's it, it definitely work

<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
       #Require local

    ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>
TLama
  • 75,147
  • 17
  • 214
  • 392
Dr. K. Suresh
  • 1