can't access phpmyadmin when set phpmyadmin_public no

alect

Verified User
Joined
Jan 12, 2011
Messages
21
Question 1:

I set phpmyadmin_public to no in custombuild, (using enhanced theme)
logged in with admin user change to user level, and in the advanced features section I click "phpMyAdmin"
but the link url is https://domain:2222/CMD_DB?domain=domain.com ,
the page redirected to MySQL Management instead of phpMyAdmin pages.

But when I changed the theme to evolution , everything works fine.
in the extra features section, the phpMyAdmin Link is https://domain:2222/phpmyadmin

so this is a bug in enhanced theme?



Question 2:

After I change from to OpenLiteSpeed,
I also tried to enable modsecurity rules from Comodo , when I import a sql file via phpmyadmin
pma says error 403, so I have to try to disable modsecurity for pma.
I don't know which file should I edit so I can disable the modsecurity for pma.

Any suggestion?
 
Last edited:

DirectAdmin Support

Administrator
Staff member
Joined
Feb 27, 2003
Messages
9,005
The reason it's an href to MySQL Management is that it must be a POST to the CMD_PMA_LOGIN call.
An a href cannot make a POST, only a GET call.
Once on the actual Datbases listing page, aka:
/CMD_DB?domain=domain.com

then you'll be able to click the phpMyAdmin SSO button at the top of the page (looking at Enhanced).

Let me know if you're still looking to skip the 2nd click, and I can perhaps pass it an auto-post on the 2nd page, based on an extra GET var on the top-level CMD_SHOW_DOMAIN domain page.... or simply JS to post a form on the CMD_SHOW_DOMAIN page (prefer not to add a form there, but will do it if needed)

John
 

DirectAdmin Support

Administrator
Staff member
Joined
Feb 27, 2003
Messages
9,005
For mod_security, I did a quick check, and looks like they have file ready for any custom rules:
Code:
[root@es6-64-test cwaf]# cat /usr/local/cwaf/etc/httpd/custom_user.conf
# Put your custom ModSecurity directives here
# Please don't remove this file
[root@es6-64-test cwaf]#
so try that location for the specific rules you're trying to add.
Including a specific mod_security log error would help determine which rules should be there.

John
 
Top