Не получается авторизоваться в phpmyadmin, как понять в чем дело?
Есть VPS , на ней есть nginx как back-end , он слушает порт 8080.
Пытаюсь установить phpmyadmin . Все казалось бы просто, например вот инструкция .
НО дело в том, что если строго следовать инструкции , то при попытке авторизоваться происходит редирект сюда
location /phpmyadmin < root /usr/share/; index index.php; location ~ ^/phpmyadmin/(.+\.php)$ < try_files $uri =404; root /usr/share/; fastcgi_pass unix:/var/run/php5-fpm-def.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include /etc/nginx/fastcgi_params; fastcgi_param SERVER_PORT 80; >location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ < root /srv/www/; >>.
Далее при попытке авторизоваться возвращает на главную страницу без ошибок.
Через консоль авторизоваться в mysql получается с этим же паролем и юзером(root).
Как понять в чем дело?
UPD1:
Поставил авторизацию — http ( в файле config.inc.php )
В итоге проблема была с этим параметром
Который по умолчанию находится в php.ini.
Проблема была с установленным memcache , в настройках memcache были такие строки
После того как отключил memcache и установил значение
Оценить 1 комментарий
В итоге проблема была с этим параметром
Который по умолчанию находится в php.ini.
Проблема была с установленным memcache , в настройках memcache были такие строки
После того как отключил memcache и установил значение
PhpMyadmin Token Authentification system
I recently had the idea to create a login system to PhpMyAdmin with a token created from login credentials stored in a database. The url would look like this :
pma.example.com/index.php?token=WCxuFWj1QtGGapZhfSPS9Eo1Q9q666sR - 127.0.0.1:4040/api/v1/create_token [POST] This request has as JSON argument database_host_id for the MySQL host ID to connect defined in PhpMyAdmin configuration file, database_username which is as written the database user to connect and finally database_host which is the database password. The response have an token argument for the client to receive the new generated token. The JSON sent and received should look like this :
JSON received by the API : < "database_host_id": 1, "database_username": "pma", "database_password: "4wAyS8", >JSON sent to the client:
- 127.0.0.1:4040/api/v1/get_database [POST] This request has a JSON argument token to know from which token to retrieve the connection information. So the response will have all this information along with database_host_id , database_username and database_password . The JSON sent and received should look like this :
JSON received by the API : < "token": "WCxuFWj1QtGGapZhfSPS9Eo1Q9q666sR" >JSON sent to the client :
It’s nice to have an API but if you don’t use it, it’s useless, so I searched in the source code of PhpMyAdmin how the authentication system worked.
- /libraries/common.inc.php This script would at runtime use what is called an AuthPlugin with this piece of code to then be used as a login interface by the various classes:
$auth_plugin = Plugins::getAuthPlugin(); $auth_plugin->authenticate(); - I went to see what an AuthPlugin was by looking at the different functions associated with this class. I deduced that all the files in libraries/classes/Plugins/Auth were connection plugins and allowed to define the different connection methods for MySQL hosts that we define in the PhpMyAdmin configuration file with $cfg[‘Servers’][$i][‘auth_type’] . Knowing that the default authentication type was Cookie, I went to see the contents of the file librairies/classes/Plugins/Auth/AuthenticationCookie.php .
So now I had to modify the AuthenticationCookie.php script so that when token was contained in the URL, it could retrieve the information from the API and then use it to connect to the database associated with that token.
And that’s where I get stuck because despite my PHP basics, I can’t get what I’m doing to work. I could notice despite my attempts that when I retrieve the token from the URL, it was not at all what was defined, it was as if it was encrypted.
- Should I encrypt the password even though the API only communicates locally?
- Shouldn’t I just use the SignOn connection method for my MySQL host?
- Is it safe to do what I am trying to do?
I would appreciate any kind of help in my reasoning to do or for any answers to my questions
Why do you return the database_password ? The client does not need it, it has a token that should be used to access the database.
Are you trying to replace the phpMyAdmin authentication system? Or actually make a certain way to log into mySQL, or what? The purpose of all this is is not very clear.
@ADyson It’s true that I didn’t really write the reason of all this, but to answer your question the goal is to make an additional way to connect to PhpMyAdmin
1 Answer 1
I finally ended up making a SignOn script associated with my server that gets the token from the URL, asks the API for the token information and then connects with it. It works perfectly.
$_REQUEST['token'] ); $payload = json_encode($data); $curl = curl_init('http://127.0.0.1:4040/api/v1/get_database'); curl_setopt($curl, CURLOPT_POST, true); curl_setopt($curl, CURLOPT_POSTFIELDS, $payload); curl_setopt($curl, CURLOPT_HTTPHEADER, array('Content-Type:application/json')); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); $response = curl_exec($curl); curl_close($curl); $response = json_decode($response, true); /* Store there credentials */ $_SESSION['PMA_single_signon_user'] = $response->database_username; $_SESSION['PMA_single_signon_password'] = $response->database_password; $_SESSION['PMA_single_signon_host'] = $_POST['host']; $_SESSION['PMA_single_signon_port'] = $_POST['port']; /* Update another field of server configuration */ $_SESSION['PMA_single_signon_cfgupdate'] = ['verbose' => 'Signon test']; $_SESSION['PMA_single_signon_HMAC_secret'] = hash('sha1', uniqid(strval(rand()), true)); $id = session_id(); /* Close that session */ @session_write_close(); /* Redirect to phpMyAdmin (should use absolute URL here!) */ header('Location: ../index.php'); > else < /* Show simple form */ header('Content-Type: text/html; charset=utf-8'); echo '' . "\n"; echo ' '; if (isset($_SESSION['PMA_single_signon_error_message'])) < echo ''; > echo '
Loading.
'; > I know it’s not finished but I plan to improve it. So this is the solution I found.
Are these malicious requests in my apache access log?
It doesn’t look like that address is really doing anything harmful, but it looks like they’re trying to breach something. The IPs are coming from Italy and India of all places. Notice the User-agent is a way old version of Firefox (although I know that’s easy to spoof). I noticed a constant 20kbps stream of inbound traffic to my personal site (which honestly never usually sees traffic. Was just curious if anyone had any insight or information on a specific attack they’re trying to do here. I could ban the IPs, but there are a whole bunch coming from different locations so I feel it might be a bit futile.
1 Answer 1
Any public server will see these attempts (and many, many more targeting other commonly installed software). They’re automated, usually done from overseas/Tor/botnets, and there’s enough people trying this that blocking IPs is essentially useless.
Yes, they’re malicious, but no, they’re not really worth getting fussed over.
These usually target ancient versions of things like phpMyAdmin, WordPress, Drupal, and other common tools with known vulnerabilities — keep your third-party code updated and you should be fine.
You must log in to answer this question.
Linked
Related
Hot Network Questions
Subscribe to RSS
To subscribe to this RSS feed, copy and paste this URL into your RSS reader.
Site design / logo © 2023 Stack Exchange Inc; user contributions licensed under CC BY-SA . rev 2023.7.24.43543
By clicking “Accept all cookies”, you agree Stack Exchange can store cookies on your device and disclose information in accordance with our Cookie Policy.
phpMyAdim on Nginx won’t log in
I have phpMyAdmin running on Nginx. When I try to log in the only thing that happens is the url param «token» refreshes/updates. I’m not actually redirected to the main phpMyAdmin page and I don’t receive any errors. Here is my server block:
server < server_name localhost; location < root /usr/share/phpMyAdmin; index.php index index.html index.htm; >location ~ \.php$ < root /usr/share/phpMyAdmin; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; >access_log /var/log/nginx/phpmyadmin.access.log; error_log /var/log/nginx/phpmyadmin.error.log; include /etc/nginx/global/common.conf; > Here is a link to my common.conf file, http://pastebin.com/13F9bXSR Here are the last two lines of my access.log file:
[25/Apr/2014:10:39:04 -0500] «POST /phpMyAdmin/index.php HTTP/1.1» 302 5 «http://ip.addr.here/phpMyAdmin/index.php?token=86419bd6905a7db027f7e0723d01484f» «Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36» «-» 172.16.2.231 — — [25/Apr/2014:10:39:04 -0500] «GET /phpMyAdmin/index.php?token=d49df5c1271c93c59d39f9fcda2d042a HTTP/1.1» 200 2931 «http://ip.addr.here/phpMyAdmin/index.php?token=86419bd6905a7db027f7e0723d01484f» «Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.116 Safari/537.36» «-«
2014/04/25 12:17:23 [warn] 11865#0: *2 an upstream response is buffered to a temporary file /var/cache/nginx/fastcgi_temp/1/00/0000000001 while reading upstream, client: ip.addr.here, server: ip.addr.here, request: «GET /phpMyAdmin/js/get_scripts.js.php?token=3631986de7e454290267650bd8acecdc&scripts[]=jquery/jquery-1.8.3.min.js&scripts[]=ajax.js&scripts[]=keyhandler.js&scripts[]=jquery/jquery-ui-1.9.2.custom.min.js&scripts[]=jquery/jquery.sprintf.js&scripts[]=jquery/jquery.cookie.js&scripts[]=jquery/jquery.mousewheel.js&scripts[]=jquery/jquery.event.drag-2.2.js&scripts[]=jquery/jquery-ui-timepicker-addon.js&scripts[]=j$