新的 xampp 安全概念:访问禁止错误 403 - Windows 7 - phpMyAdmin
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/21161908/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
New xampp security concept: Access Forbidden Error 403 - Windows 7 - phpMyAdmin
提问by user3202433
I have downloaded and installed XAMPP 1.8.1 for Windows on Windows 7 Ultimate. I have set up XAMPP to run together with IIS as per these instructions
我已经在 Windows 7 Ultimate 上下载并安装了适用于 Windows 的 XAMPP 1.8.1。我已按照这些说明将 XAMPP 设置为与 IIS 一起运行
All good so far, my PHP sites run locally and everything except phpMyAdmin is available from the XAMPP menu.
到目前为止一切都很好,我的 PHP 站点在本地运行,除了 phpMyAdmin 之外的所有内容都可以从 XAMPP 菜单中找到。
However when I try to access phpMyAdmin I get this error:
但是,当我尝试访问 phpMyAdmin 时出现此错误:
Access forbidden!
New XAMPP security concept:
Access to the requested directory is only available from the local network.
This setting can be configured in the file "httpd-xampp.conf".
禁止访问!
新的 XAMPP 安全概念:
只能从本地网络访问请求的目录。
此设置可以在文件“httpd-xampp.conf”中配置。
I've found several answers via Google and some on this site. However, so far, none of the solutions I've tried have resolved the issue.
我通过谷歌找到了几个答案,在这个网站上找到了一些答案。但是,到目前为止,我尝试过的所有解决方案都没有解决该问题。
Here is my httpd-xampp.conf file:
这是我的 httpd-xampp.conf 文件:
#
# XAMPP settings
#
<IfModule env_module>
SetEnv MIBDIRS "C:/xampp/php/extras/mibs"
SetEnv MYSQL_HOME "\xampp\mysql\bin"
SetEnv OPENSSL_CONF "C:/xampp/apache/bin/openssl.cnf"
SetEnv PHP_PEAR_SYSCONF_DIR "\xampp\php"
SetEnv PHPRC "\xampp\php"
SetEnv TMP "\xampp\tmp"
</IfModule>
#
# PHP-Module setup
#
LoadFile "C:/xampp/php/php5ts.dll"
LoadModule php5_module "C:/xampp/php/php5apache2_4.dll"
<FilesMatch "\.php$">
SetHandler application/x-httpd-php
</FilesMatch>
<FilesMatch "\.phps$">
SetHandler application/x-httpd-php-source
</FilesMatch>
#
# PHP-CGI setup
#
#<FilesMatch "\.php$">
# SetHandler application/x-httpd-php-cgi
#</FilesMatch>
#<IfModule actions_module>
# Action application/x-httpd-php-cgi "/php-cgi/php-cgi.exe"
#</IfModule>
<IfModule php5_module>
PHPINIDir "C:/xampp/php"
</IfModule>
<IfModule mime_module>
AddType text/html .php .phps
</IfModule>
ScriptAlias /php-cgi/ "C:/xampp/php/"
<Directory "C:/xampp/php">
AllowOverride None
Options None
Require all denied
<Files "php-cgi.exe">
Require all granted
</Files>
</Directory>
<Directory "C:/xampp/cgi-bin">
<FilesMatch "\.php$">
SetHandler cgi-script
</FilesMatch>
<FilesMatch "\.phps$">
SetHandler None
</FilesMatch>
</Directory>
<Directory "C:/xampp/htdocs/xampp">
<IfModule php5_module>
<Files "status.php">
php_admin_flag safe_mode off
</Files>
</IfModule>
AllowOverride AuthConfig
</Directory>
<IfModule alias_module>
Alias /security "C:/xampp/security/htdocs/"
<Directory "C:/xampp/security/htdocs">
<IfModule php5_module>
<Files "xamppsecurity.php">
php_admin_flag safe_mode off
</Files>
</IfModule>
AllowOverride AuthConfig
Require all granted
</Directory>
Alias /licenses "C:/xampp/licenses/"
<Directory "C:/xampp/licenses">
Options +Indexes
<IfModule autoindex_color_module>
DirectoryIndexTextColor "#000000"
DirectoryIndexBGColor "#f8e8a0"
DirectoryIndexLinkColor "#bb3902"
DirectoryIndexVLinkColor "#bb3902"
DirectoryIndexALinkColor "#bb3902"
</IfModule>
Require all granted
</Directory>
Alias /phpmyadmin "C:/xampp/phpMyAdmin/"
<Directory "C:/xampp/phpMyAdmin">
AllowOverride AuthConfig Limit
Order allow,deny
Allow from all
Require all granted
</Directory>
Alias /webalizer "C:/xampp/webalizer/"
<Directory "C:/xampp/webalizer">
<IfModule php5_module>
<Files "webalizer.php">
php_admin_flag safe_mode off
</Files>
</IfModule>
AllowOverride AuthConfig
Require all granted
</Directory>
</IfModule>
#
# New XAMPP security concept
#
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
Order deny,allow
Allow from all
Require all granted
ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>
Does anyone have any idea as to what I'm missing?
有没有人知道我错过了什么?
回答by Messerchtmitt Longbow
All you have to do is to edit the httpd-xampp.conf
您所要做的就是编辑 httpd-xampp.conf
from Require localto Require all grantedin the LocationMatch tag.
从Require local到Require all在 LocationMatch 标记中授予的权限。
That's it!
就是这样!
回答by TheMohanAhuja
In New Xampp
在新 Xampp
All you have to do is to edit the file:
您所要做的就是编辑文件:
C:\xampp\apache\conf\extra\httpd-xampp.conf
C:\xampp\apache\conf\extra\httpd-xampp.conf
and go to Directory tag as below:
并转到如下所示的目录标签:
<Directory "C:/xampp/phpMyAdmin">
<目录“C:/xampp/phpMyAdmin”>
and then change
然后改变
Require local
需要本地
To
到
Require all granted
要求所有授予
in the Directory tag.
在目录标签中。
Restart the Xampp. That's it!
重新启动 Xampp。就是这样!
回答by Gunnar Bernstein
Require all granted seemed a bit to far for me. Looking at the documentation I used: Require ip 192.168to allow all internal access.
要求所有授予对我来说似乎有点远。查看我使用的文档:Require ip 192.168允许所有内部访问。
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
Require local
Require ip 192.168
ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>
回答by garatu
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
Require all granted
ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>
Good luck!!!!
祝你好运!!!!
回答by Great Question
Try to reinstall new version of XAMPP. Find "<Directory "C:/xampp/php">" and then change to something like this
尝试重新安装新版本的 XAMPP。找到“ <Directory "C:/xampp/php">”然后改成这样
<Directory "C:/xampp/php">
AllowOverride AuthConfig Limit
Order allow,deny
Allow from all
Require all granted
</Directory>
回答by Sanyam Jain
You will have to edit 2 files - 1. httpd-vhosts.conf & 2. httpd-xampp.conf
您必须编辑 2 个文件 - 1. httpd-vhosts.conf & 2. httpd-xampp.conf
NOTE : Make sure u backup files ( httpd-xampp.conf ) and ( httpd-vhosts.conf ) , Both Files are located in Drive:\xampp\apache\conf\extra
注意:确保您备份文件 (httpd-xampp.conf) 和 (httpd-vhosts.conf),这两个文件都位于 Drive:\xampp\apache\conf\extra
Open httpd-vhosts.conf file and in the bottom of the file change it
打开 httpd-vhosts.conf 文件并在文件底部更改它
<VirtualHost *:80>
DocumentRoot “E:/xampp/htdocs/”
ServerName localhost
<Directory E:/xampp/htdocs/>.
Require all granted
</Directory>
</VirtualHost>
Here E:/xampp is my project workspace, you can change it as per your settings
这里 E:/xampp 是我的项目工作区,您可以根据您的设置进行更改
and Second Change is on httpd-xampp.conf file and in the bottom of the file change it
第二次更改位于 httpd-xampp.conf 文件中,并在文件底部更改它
#
# New XAMPP security concept
#
<LocationMatch “^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))”>
Order deny,allow
Allow from all
Allow from ::1 127.0.0.0/8
ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>
回答by Nikita Kurtin
Update for XAMPP 7.3.11
更新 XAMPP 7.3.11
If you get into same problem for phpmyadminin the newest XAMPP, as I had.
如果您在最新的 XAMPP 中遇到与phpmyadmin相同的问题,就像我一样。
The solution is written inside the official documentation located in [XAMPP IP]/dashboard/docs/access-phpmyadmin-remotely.html
解决方案写在位于的官方文档中 [XAMPP IP]/dashboard/docs/access-phpmyadmin-remotely.html
To enable remote access to phpMyAdmin from other hosts, follow these steps:
1) Launch the stack manager by double-clicking the XAMPP icon in the mounted disk image.
2) Ensure that Apache and MySQL services are running in the "Services" tab of the stack manager (or start them as needed).
3) Open a new terminal from the "General" tab of the stack manager.
4) Edit the /opt/lampp/etc/extra/httpd-xampp.conf file.
5) Within this file, find the block
<Directory "/opt/lampp/phpmyadmin">Update this block and replace
Require localwithRequire all granted,6) Save the file and restart the Apache service using the stack manager.
要允许从其他主机远程访问 phpMyAdmin,请按照下列步骤操作:
1) 通过双击安装的磁盘映像中的 XAMPP 图标启动堆栈管理器。
2) 确保 Apache 和 MySQL 服务正在堆栈管理器的“服务”选项卡中运行(或根据需要启动它们)。
3) 从堆栈管理器的“常规”选项卡打开一个新终端。
4) 编辑/opt/lampp/etc/extra/httpd-xampp.conf 文件。
5)在这个文件中,找到块
<Directory "/opt/lampp/phpmyadmin">更新此块并替换
Require local为Require all granted,6) 保存文件并使用堆栈管理器重新启动 Apache 服务。
Note for section (4)To edit this file make sure you have viminstalled.
第 (4) 节注意事项要编辑此文件,请确保已安装vim。
Note for section (5)Instead of allowing access to all, which is highly insecure, if your computer is connected to a network. A safer approach is to limit the access to only set of IPs as suggested by @Gunnar Bernstein.
如果您的计算机连接到网络,则第 (5) 节的注意事项而不是允许访问所有人,这是非常不安全的。更安全的方法是按照@Gunnar Bernstein 的建议限制对一组 IP 的访问。
In my case I did:
就我而言,我做了:
<Directory "/opt/lampp/phpmyadmin">
AllowOverride AuthConfig Limit
Require local
Require ip 192.168
ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</Directory>
回答by G O'Rilla
Comment out the line Require local in httpd-xampp.conf.
Restart Apache.
Worked for me connecting my mobile phone to my test web-site on my PC.
No idea of the security implications.
注释掉 httpd-xampp.conf 中的 Require local 行。
重新启动阿帕奇。
对我来说有效,将我的手机连接到我 PC 上的测试网站。不知道安全隐患。
回答by Yash
To access the requested directory other than local network, you need to change the XAMPP security conceptconfigured in the file "httpd-xampp.conf".
要访问本地网络以外的请求目录,您需要更改XAMPP security concept文件“httpd-xampp.conf”中的配置。
- File location
xampp\apache\conf\extra\httpd-xampp.conf
- 文件位置
xampp\apache\conf\extra\httpd-xampp.conf
Require DirectiveSelects which authenticated users can access a resource
Syntax ?
Require entity-name [entity-name] ...
Require Directive选择哪些经过身份验证的用户可以访问资源
句法 ?
Require entity-name [entity-name] ...
From ? XAMPP security concept allows only local environment - Require local
从 ?XAMPP 安全概念只允许本地环境 -需要本地
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
Require local
ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>
To ? XAMPP security concept allows any environment - Require all granted
到 ?XAMPP 安全概念允许任何环境 -要求所有授予
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
Require all granted
ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>
Access forbidden!message from HTML Page.
禁止访问!来自 HTML 页面的消息。
Allow DirectiveControls which hosts can access an area of the server
Syntax ?
Allow from all|host|env=[!]env-variable [host|env=[!]env-variable] ...
允许指令控制哪些主机可以访问服务器的某个区域
句法 ?
Allow from all|host|env=[!]env-variable [host|env=[!]env-variable] ...
Allowing only local environment. Using any of the below specified url's.
只允许本地环境。使用以下任何指定的 url。
http://localhost/phpmyadmin/http://127.0.0.1/phpmyadmin/<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))"> Order deny,allow Deny from all Allow from ::1 127.0.0.0/8 \ ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var </LocationMatch>
http://localhost/phpmyadmin/http://127.0.0.1/phpmyadmin/<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))"> Order deny,allow Deny from all Allow from ::1 127.0.0.0/8 \ ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var </LocationMatch>
Allowing only to specified IPv4, IPv6address spaces.
- Link-local addresses for IPv4 are defined in the address block 169.254.0.0/16 in CIDR notation. In IPv6, they are assigned the address block
fe80::/10 A unique local address (ULA) is an IPv6 address in the block
fc00::/7<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))"> Order deny,allow Deny from all Allow from ::1 127.0.0.0/8 \ fc00::/7 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 \ fe80::/10 169.254.0.0/16 ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var </LocationMatch>
- IPv4 的链路本地地址在地址块 169.254.0.0/16 中以 CIDR 表示法定义。在 IPv6 中,它们被分配了地址块
fe80::/10 唯一本地地址 (ULA) 是块中的 IPv6 地址
fc00::/7<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))"> Order deny,allow Deny from all Allow from ::1 127.0.0.0/8 \ fc00::/7 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 \ fe80::/10 169.254.0.0/16 ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var </LocationMatch>
Allowing for any network address. Allow from all
允许任何网络地址。所有人都允许
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
Order deny,allow
Allow from all
ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>
404- XAMPPControl Panel: Unable to start Apache HTTP server.
404- XAMPP控制面板:无法启动 Apache HTTP 服务器。
URL: http://localhost/xampp/index.php
Error ?
Not Found
HTTP Error 404. The requested resource is not found.
Required default Apache HTTP server port 80 is actually used by other Service.
所需的默认 Apache HTTP 服务器端口 80 实际被其他服务使用。
You need to find the service running with port 80 and stop the service, then start the Apache HTTP server.
Use Netstatto displays active TCP connections, ports on which the computer is listening.
C:\Users\yashwanth.m>netstat -ano Active Connections Proto Local Address Foreign Address State PID TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 2920 TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 1124 TCP 127.0.0.1:5354 0.0.0.0:0 LISTENING 3340 TCP [::]:80 [::]:0 LISTENING 2920 C:\Users\yashwanth.m>netstat -ano |findstr 2920 TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 2920 TCP 0.0.0.0:443 0.0.0.0:0 LISTENING 2920 TCP [::]:80 [::]:0 LISTENING 2920 TCP [::]:443 [::]:0 LISTENING 2920 C:\Users\yashwanth.m>taskkill /pid 2920 /F SUCCESS: The process with PID 2920 has been terminated.Change listening port from main Apache HTTP server configuration file
D:\xampp\apache\conf\httpd.conf. Ex:81. FromListen 80ToListen 81, the access URL will behttp://localhost:81/xampp/index.php.# Change this to Listen on specific IP addresses as shown below to # prevent Apache from glomming onto all bound IP addresses. # #Listen 0.0.0.0:80 #Listen [::]:80 Listen 80
您需要找到运行在80端口的服务并停止该服务,然后启动Apache HTTP服务器。
使用Netstat显示活动的 TCP 连接、计算机正在侦听的端口。
C:\Users\yashwanth.m>netstat -ano Active Connections Proto Local Address Foreign Address State PID TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 2920 TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 1124 TCP 127.0.0.1:5354 0.0.0.0:0 LISTENING 3340 TCP [::]:80 [::]:0 LISTENING 2920 C:\Users\yashwanth.m>netstat -ano |findstr 2920 TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 2920 TCP 0.0.0.0:443 0.0.0.0:0 LISTENING 2920 TCP [::]:80 [::]:0 LISTENING 2920 TCP [::]:443 [::]:0 LISTENING 2920 C:\Users\yashwanth.m>taskkill /pid 2920 /F SUCCESS: The process with PID 2920 has been terminated.从主 Apache HTTP 服务器配置文件更改侦听端口
D:\xampp\apache\conf\httpd.conf。例如:81。从Listen 80ToListen 81,访问 URL 将是http://localhost:81/xampp/index.php。# Change this to Listen on specific IP addresses as shown below to # prevent Apache from glomming onto all bound IP addresses. # #Listen 0.0.0.0:80 #Listen [::]:80 Listen 80
For more information related to httpd and virtual host on XAMPP
回答by Zuben45
just remove:
只需删除:
Alias /phpmyadmin "C:/xampp2/phpMyAdmin/"
<Directory "C:/xampp2/phpMyAdmin">
AllowOverride AuthConfig
Require all granted
</Directory>
and remove phpmyadmin from:
并从以下位置删除 phpmyadmin:
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|server-status|server-info))">
