ABOUT ME

-

Today
-
Yesterday
-
Total
-
  • 리눅스(centos)에 phpmyadmin 설치하기
    프로그래밍/서버관리 2015. 10. 17. 14:41
    반응형



    이미 APM 설치가 되어있는 서버에 phpmyadmin를 추가로 설치하였다.


    서버: CentOS 




    shell> yum install epel-release

    shell> yum update

    shell> yum install phpmyadmin





    보통 로컬서버에서 접속하지 않으면 아래와 같은 접속 권한이 없다는 오류가 나온다. 



    Forbidden


    You don't have permission to access /phpmyadmin/ on this server.




    그럴 경우 phpmyadmin의 설정파일에서 phpmyadmin에 접근할 수 있는 ip를 추가하도록 하자. 

    또는 보안에는 약해지겠지만 ip 제한 정책을 아예 없앨 수 도 있다. 

    아래는 phpmyadmin의 기본 설정파일 내용이다. 


    vi /etc/httpd/conf.d/phpMyAdmin.conf





    Alias /phpMyAdmin /usr/share/phpMyAdmin

    Alias /phpmyadmin /usr/share/phpMyAdmin


    <Directory /usr/share/phpMyAdmin/>

       AddDefaultCharset UTF-8


       <IfModule mod_authz_core.c>

         # Apache 2.4

         <RequireAny>

           Require ip 127.0.0.1

           Require ip ::1

         </RequireAny>

       </IfModule>

       <IfModule !mod_authz_core.c>

         # Apache 2.2

         Order Deny,Allow

         Deny from All

         Allow from 127.0.0.1

         Allow from ::1

       </IfModule>

    </Directory>





    예시 1 ) 223.170.188.0/24 대역대의 ip전체 접속 허용 



    Alias /phpMyAdmin /usr/share/phpMyAdmin

    Alias /phpmyadmin /usr/share/phpMyAdmin


    <Directory /usr/share/phpMyAdmin/>

       AddDefaultCharset UTF-8


       <IfModule mod_authz_core.c>

         # Apache 2.4

         <RequireAny>

           Require ip 127.0.0.1, 223.170.188.0/24

           Require ip ::1

         </RequireAny>

       </IfModule>

       <IfModule !mod_authz_core.c>

         # Apache 2.2

         Order Deny,Allow

         Deny from All

         Allow from 127.0.0.1, 223.170.188.0/24

         Allow from ::1

       </IfModule>

    </Directory>




    예시 2 ) ip 접속 제한 없앰



    <Directory /usr/share/phpMyAdmin/>

       AddDefaultCharset UTF-8


       <IfModule mod_authz_core.c>

         # Apache 2.4

         <RequireAny>

           Require all granted

           Require ip 127.0.0.1

           Require ip ::1

         </RequireAny>

       </IfModule>

       <IfModule !mod_authz_core.c>

         # Apache 2.2

         Order Allow,Deny

         Allow from All

         Allow from 127.0.0.1

         Allow from ::1

       </IfModule>

    </Directory>




    마지막으로 설정파일에서 기본 alias를 설정한다. 

    alias는 phpmyadmin 접속주소인데 보통 http://yourdomain/phpmyadmin 이 기본 phpmyadmin의 접속 주소가 된다. 


    기본 설정은 아래와 같지만  자신만이 알수 있는 alias로 변경하는것이 보안에 좋다. 

    Alias /phpMyAdmin /usr/share/phpMyAdmin

    Alias /phpmyadmin /usr/share/phpMyAdmin 



    참고로 예전 서버에 남아있던 해킹시도 로그 기록들이다. 

    phpmyadmin에 대한 다양한 주소로 접속을 시도하는 것을 확인할 수 있다. 

    여기에서 언급되는 주소를 피해서 alias를 설정하는 것이 좋을 것 같다. 




    [Tue Jul 07 14:09:28 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/admin

    [Tue Jul 07 14:09:31 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/administrator

    [Tue Jul 07 14:09:31 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/database

    [Tue Jul 07 14:09:35 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/db

    [Tue Jul 07 14:09:37 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/dbadmin

    [Tue Jul 07 14:09:37 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/myadmin

    [Tue Jul 07 14:09:37 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/myadminphp

    [Tue Jul 07 14:09:38 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/mysql-admin

    [Tue Jul 07 14:09:39 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/mysql

    [Tue Jul 07 14:09:41 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/mysql

    [Tue Jul 07 14:09:42 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/mysqladmin

    [Tue Jul 07 14:09:42 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/mysqlmanager

    [Tue Jul 07 14:09:43 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/php-my-admin

    [Tue Jul 07 14:09:43 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/php-myadmin

    [Tue Jul 07 14:09:43 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/phpMyAdmin-2

    [Tue Jul 07 14:09:44 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/phpMyAdmin-3

    [Tue Jul 07 14:09:44 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/phpMyAdmin-4

    [Tue Jul 07 14:09:52 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/phpMyAdmin2

    [Tue Jul 07 14:09:52 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/phpMyAdmin3

    [Tue Jul 07 14:09:53 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/phpMyAdmin4

    [Tue Jul 07 14:09:53 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/phpMyadmin

    [Tue Jul 07 14:09:53 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/phpmanager

    [Tue Jul 07 14:09:54 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/phpmy-admin

    [Tue Jul 07 14:09:54 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/phpmy

    [Tue Jul 07 14:09:55 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/phpmyAdmin

    [Tue Jul 07 14:09:55 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/phpmyadmin

    [Tue Jul 07 14:09:55 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/phpmyadmin1

    [Tue Jul 07 14:09:56 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/phpmyadmin2

    [Tue Jul 07 14:09:56 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/phpmyadmin3

    [Tue Jul 07 14:09:57 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/phpmyadmin4

    [Tue Jul 07 14:09:57 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/phppma

    [Tue Jul 07 14:09:57 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/pma

    [Tue Jul 07 14:09:58 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/pma2011

    [Tue Jul 07 14:09:58 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/pma2012

    [Tue Jul 07 14:09:58 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/pma2013

    [Tue Jul 07 14:09:59 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/pma2014

    [Tue Jul 07 14:09:59 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/pma2015

    [Tue Jul 07 14:10:00 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/program

    [Tue Jul 07 14:10:00 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/shopdb

    [Tue Jul 07 14:10:00 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/sql

    [Tue Jul 07 14:10:01 2015] [error] [client 54.173.63.20] File does not exist: /var/www/html/sql


    ..

    [Thu Jun 25 15:16:23 2015] [error] [client 104.243.24.211] File does not exist: /var/www/html/phpMyAdmin-2.10.0.0

    [Thu Jun 25 15:16:24 2015] [error] [client 104.243.24.211] File does not exist: /var/www/html/phpMyAdmin-2.10.0.1

    [Thu Jun 25 15:16:24 2015] [error] [client 104.243.24.211] File does not exist: /var/www/html/phpMyAdmin-2.10.0.2

    [Thu Jun 25 15:16:25 2015] [error] [client 104.243.24.211] File does not exist: /var/www/html/phpMyAdmin-2.10.0

    [Thu Jun 25 15:16:25 2015] [error] [client 104.243.24.211] File does not exist: /var/www/html/phpMyAdmin-2.10.1.0

    [Thu Jun 25 15:16:26 2015] [error] [client 104.243.24.211] File does not exist: /var/www/html/phpMyAdmin-2.10.2.0

    [Thu Jun 25 15:16:26 2015] [error] [client 104.243.24.211] File does not exist: /var/www/html/phpMyAdmin-2.11.0.0

    [Thu Jun 25 15:16:27 2015] [error] [client 104.243.24.211] File does not exist: /var/www/html/phpMyAdmin-2.11.1-all-languages

    [Thu Jun 25 15:16:27 2015] [error] [client 104.243.24.211] File does not exist: /var/www/html/phpMyAdmin-2.11.1.0

    [Thu Jun 25 15:16:28 2015] [error] [client 104.243.24.211] File does not exist: /var/www/html/phpMyAdmin-2.11.1.1

    [Thu Jun 25 15:16:28 2015] [error] [client 104.243.24.211] File does not exist: /var/www/html/phpMyAdmin-2.11.1.2

    [Thu Jun 25 15:16:29 2015] [error] [client 104.243.24.211] File does not exist: /var/www/html/phpMyAdmin-2.6.1-pl2

    [Thu Jun 25 15:16:29 2015] [error] [client 104.243.24.211] File does not exist: /var/www/html/phpMyAdmin-2.6.1-pl3

    [Thu Jun 25 15:16:30 2015] [error] [client 104.243.24.211] File does not exist: /var/www/html/phpMyAdmin-2.6.4-pl3

    [Thu Jun 25 15:16:30 2015] [error] [client 104.243.24.211] File does not exist: /var/www/html/phpMyAdmin-2.6.4-pl4

    [Thu Jun 25 15:16:31 2015] [error] [client 104.243.24.211] File does not exist: /var/www/html/phpMyAdmin-2.6.4-rc1

    [Thu Jun 25 15:16:31 2015] [error] [client 104.243.24.211] File does not exist: /var/www/html/phpMyAdmin-2.6.5

    [Thu Jun 25 15:16:31 2015] [error] [client 104.243.24.211] File does not exist: /var/www/html/phpMyAdmin-2.6.6

    [Thu Jun 25 15:16:32 2015] [error] [client 104.243.24.211] File does not exist: /var/www/html/phpMyAdmin-2.6.9





    마지막으로 httpd 재시작하면 변경된 설정이 반영 된다. 


    shell> service httpd restart

    httpd 를 정지 중:                                          [  OK  ]

    httpd (을)를 시작 중:                                      [  OK  ]









    728x90
    반응형
Designed by Tistory.