DeveloperSide.NET Forums
July 14, 2020, 09:20:38 AM *
Welcome, Guest. Please login or register.

Login with username, password and session length
News:
 
   Home   Help Search Login Register  
Pages: [1]
  Print  
Author Topic: Solutions to problems with phpmyadmin under Suite v1.17...  (Read 5164 times)
0 Members and 1 Guest are viewing this topic.
admin
Administrator
Master of All Subjects
*****
Posts: 3272


View Profile WWW Email
« on: August 14, 2006, 11:08:09 PM »

Fixed with v1.18 release. No need for this thread to be on top.

There are two things you need to do if you have Suite v1.17...

Problem #1 -- After user creates password for 'root', phpmyadmin will not log user on and will display mysql db error.

Solution...

Edit \www\phpmyadmin\config.inc.php and right after...
Quote

<?php
/* Do not edit libraries\config.default.php, only edit this file -- with the changes made from config.default.php */

...(on a new line) add...
Quote

$i = 1;

Restart Apache.

Problem #2 -- Under some php scripts and phpmyadmin, some functionality apears to be broken and errors such as "forbidden, page not found, or internal server error" are displayed. Also, table updates can result in error msg...
Quote

mod_security-message: Access denied with code 500. Error processing request body: Multipart: part header line over xxxx bytes long [severity "EMERGENCY"]


Solution...
(this is a mod_security config and rule issue -- check \www\Apache22\logs\error.log to see which rule is activated and blocks the request)

conf\Suite-extra\modsec_rules\rules.conf

Line 136,137
Quote

#Generic SQL sigs
SecFilterSelective ARGS "((alter|create|drop)[[:space:]]+(column|database|procedure|table)|delete[[:space:]]+from|update.+set.+=)" "id:300015,rev:1,severity:2,msg:'Generic SQL injection protection'"


Line 139,140,141
Quote

#Generic SQL sigs
SecFilterSelective REQUEST_URI "!(/forum/posting\.php|/admins/wnedit\.php|/alt_doc\.php\?returnUrl=.*edit|/admin/categories\.php\?cPath=.*|modules\.php\?name=Forums&file=posting&mode=.*)"
"chain,id:300016,rev:1,severity:2,msg:'Generic SQL injection protection'"
SecFilterSelective ARGS "(insert[[:space:]]+into.+values|select.+from|bulk[[:space:]]+insert|union.+select)"


Edit \www\Apache22\conf\Suite-extra\modsec_rules\exclude.conf...
Add...
Code:

# DeveloperSide.NET addition...
# URL '/phpmyadmin/'
<Location "/phpmyadmin/">
SecFilterScanPOST Off
SecFilterRemove 300015
SecFilterRemove 300016
</Location>


More on this here...
http://forums.devside.net/viewtopic.php?t=1097
Logged

DeveloperSide.NET
Advanced PHP and MySQL Solutions for your Web Design and Development needs with Web.Developer Server Suite.
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.9 | SMF © 2006-2009, Simple Machines LLC Valid XHTML 1.0! Valid CSS!