On Tue, Mar 21, 2017 at 07:56:55AM +0000, Stuart Henderson wrote:
> On 2017/03/20 15:03, Paul Irofti wrote:
> > phpMyAdmin has been installed into ${INSTDIR}.
> >
> > If using Apache, you can make this accessible to clients by enabling
> > -the configuration file:
> > +mod_rewrite in ${SYSCONFDIR}/apache2/httpd2.conf, the mysql php module,
> > +and the configuration file:
> >
> > # ln -s ../modules.sample/phpmyadmin.conf /var/www/conf/modules/
> > + # cp /etc/php-5.6.sample/mysqli.ini /etc/php-5.6/
>
> Please symlink rather than cp, and use variables so this doesn't
> get stale after a PHP update:
>
> # ln -s ../php-${MODPHP_VERSION}.sample/mysqli.ini
> ${SYSCONFDIR}/php-${MODPHP_VERSION}/
>
what about this one ?
I added an nginx example and renamed the httpd file to apache2,
phpmyadmin-httpd will be the httpd(8) example.
Cheers
Giovanni
Index: Makefile
===================================================================
RCS file: /var/cvs/ports/www/phpmyadmin/Makefile,v
retrieving revision 1.128
diff -u -p -r1.128 Makefile
--- Makefile 1 Feb 2017 08:52:36 -0000 1.128
+++ Makefile 24 Mar 2017 21:04:21 -0000
@@ -3,6 +3,7 @@
COMMENT= tool to handle the administration of MySQL over the web
V= 4.6.6
+REVISION= 0
PKGNAME= phpMyAdmin-$V
DISTNAME= phpMyAdmin-$V-all-languages
@@ -32,8 +33,10 @@ RUN_DEPENDS= lang/php/${MODPHP_VERSION},
lang/php/${MODPHP_VERSION},-gd
post-extract:
- ${SUBST_CMD} -m 0644 -c ${FILESDIR}/phpMyAdmin-httpd.conf \
- ${WRKSRC}/examples/phpMyAdmin-httpd.conf
+ ${SUBST_CMD} -m 0644 -c ${FILESDIR}/phpMyAdmin-apache2.conf \
+ ${WRKSRC}/examples/phpMyAdmin-apache2.conf
+ ${SUBST_CMD} -m 0644 -c ${FILESDIR}/phpMyAdmin-nginx.conf \
+ ${WRKSRC}/examples/phpMyAdmin-nginx.conf
do-install:
@find ${WRKSRC} -type f -name "*.orig" -exec rm -f {} \;
Index: files/phpMyAdmin-apache2.conf
===================================================================
RCS file: files/phpMyAdmin-apache2.conf
diff -N files/phpMyAdmin-apache2.conf
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ files/phpMyAdmin-apache2.conf 20 Mar 2017 15:09:51 -0000
@@ -0,0 +1,33 @@
+# $OpenBSD: phpMyAdmin-httpd.conf,v 1.2 2013/01/18 15:17:43 giovanni Exp $
+
+Alias /phpMyAdmin ${INSTDIR}
+
+<IfModule !mod_rewrite.c>
+ LoadModule rewrite_module /usr/lib/apache/modules/mod_rewrite.so
+
+ RewriteEngine on
+
+ # Allow only GET and POST verbs
+ RewriteCond %{REQUEST_METHOD} !^(GET|POST)$ [NC,OR]
+
+ # Ban Typical Vulnerability Scanners and others
+ # Kick out Script Kiddies
+ RewriteCond %{HTTP_USER_AGENT} ^(java|curl|wget).* [NC,OR]
+ RewriteCond %{HTTP_USER_AGENT}
^.*(libwww-perl|curl|wget|python|nikto|wkito|pikto|scan|acunetix).* [NC,OR]
+ RewriteCond %{HTTP_USER_AGENT}
^.*(winhttp|HTTrack|clshttp|archiver|loader|email|harvest|extract|grab|miner).*
[NC,OR]
+
+ # Ban Search Engines, Crawlers to your administrative panel
+ # No reasons to access from bots
+ # Ultimately Better than the useless robots.txt
+ # Did google respect robots.txt?
+ # Try google: intitle:phpMyAdmin intext:"Welcome to phpMyAdmin *.*.*"
intext:"Log in" -wiki -forum -forums -questions intext:"Cookies must be enabled"
+ RewriteCond %{HTTP_USER_AGENT}
^.*(AdsBot-Google|ia_archiver|Scooter|Ask.Jeeves|Baiduspider|Exabot|FAST.Enterprise.Crawler|FAST-WebCrawler|www\.neomo\.de|Gigabot|Mediapartners-Google|Google.Desktop|Feedfetcher-Google|Googlebot|heise-IT-Markt-Crawler|heritrix|ibm.com\cs/crawler|ICCrawler|ichiro|MJ12bot|MetagerBot|msnbot-NewsBlogs|msnbot|msnbot-media|NG-Search|lucene.apache.org|NutchCVS|OmniExplorer_Bot|online.link.validator|psbot0|Seekbot|Sensis.Web.Crawler|SEO.search.Crawler|Seoma.\[SEO.Crawler\]|SEOsearch|Snappy|www.urltrends.com|www.tkl.iis.u-tokyo.ac.jp/~crawler|SynooBot|crawleradmin.t-i...@telekom.de|TurnitinBot|voyager|W3.SiteSearch.Crawler|W3C-checklink|W3C_Validator|www.WISEnutbot.com|yacybot|Yahoo-MMCrawler|Yahoo\!.DE.Slurp|Yahoo\!.Slurp|YahooSeeker).*
[NC]
+ RewriteRule .* - [F]
+</IfModule>
+
+<Directory ${INSTDIR}>
+ AllowOverride All
+
+ # Default to only permitting access from localhost.
+ Require local
+</Directory>
Index: files/phpMyAdmin-httpd.conf
===================================================================
RCS file: files/phpMyAdmin-httpd.conf
diff -N files/phpMyAdmin-httpd.conf
--- files/phpMyAdmin-httpd.conf 18 Jan 2013 15:17:43 -0000 1.2
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,35 +0,0 @@
-# $OpenBSD: phpMyAdmin-httpd.conf,v 1.2 2013/01/18 15:17:43 giovanni Exp $
-
-Alias /phpMyAdmin ${INSTDIR}
-
-<IfModule !mod_rewrite.c>
- LoadModule rewrite_module /usr/lib/apache/modules/mod_rewrite.so
-
- RewriteEngine on
-
- # Allow only GET and POST verbs
- RewriteCond %{REQUEST_METHOD} !^(GET|POST)$ [NC,OR]
-
- # Ban Typical Vulnerability Scanners and others
- # Kick out Script Kiddies
- RewriteCond %{HTTP_USER_AGENT} ^(java|curl|wget).* [NC,OR]
- RewriteCond %{HTTP_USER_AGENT}
^.*(libwww-perl|curl|wget|python|nikto|wkito|pikto|scan|acunetix).* [NC,OR]
- RewriteCond %{HTTP_USER_AGENT}
^.*(winhttp|HTTrack|clshttp|archiver|loader|email|harvest|extract|grab|miner).*
[NC,OR]
-
- # Ban Search Engines, Crawlers to your administrative panel
- # No reasons to access from bots
- # Ultimately Better than the useless robots.txt
- # Did google respect robots.txt?
- # Try google: intitle:phpMyAdmin intext:"Welcome to phpMyAdmin *.*.*"
intext:"Log in" -wiki -forum -forums -questions intext:"Cookies must be enabled"
- RewriteCond %{HTTP_USER_AGENT}
^.*(AdsBot-Google|ia_archiver|Scooter|Ask.Jeeves|Baiduspider|Exabot|FAST.Enterprise.Crawler|FAST-WebCrawler|www\.neomo\.de|Gigabot|Mediapartners-Google|Google.Desktop|Feedfetcher-Google|Googlebot|heise-IT-Markt-Crawler|heritrix|ibm.com\cs/crawler|ICCrawler|ichiro|MJ12bot|MetagerBot|msnbot-NewsBlogs|msnbot|msnbot-media|NG-Search|lucene.apache.org|NutchCVS|OmniExplorer_Bot|online.link.validator|psbot0|Seekbot|Sensis.Web.Crawler|SEO.search.Crawler|Seoma.\[SEO.Crawler\]|SEOsearch|Snappy|www.urltrends.com|www.tkl.iis.u-tokyo.ac.jp/~crawler|SynooBot|crawleradmin.t-i...@telekom.de|TurnitinBot|voyager|W3.SiteSearch.Crawler|W3C-checklink|W3C_Validator|www.WISEnutbot.com|yacybot|Yahoo-MMCrawler|Yahoo\!.DE.Slurp|Yahoo\!.Slurp|YahooSeeker).*
[NC]
- RewriteRule .* - [F]
-</IfModule>
-
-<Directory ${INSTDIR}>
- AllowOverride All
-
- # Default to only permitting access from localhost.
- Order deny,allow
- Deny from all
- Allow from 127.0.0.1
-</Directory>
Index: files/phpMyAdmin-nginx.conf
===================================================================
RCS file: files/phpMyAdmin-nginx.conf
diff -N files/phpMyAdmin-nginx.conf
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ files/phpMyAdmin-nginx.conf 24 Mar 2017 21:07:06 -0000
@@ -0,0 +1,30 @@
+index index.php index.html index.htm;
+
+location ~ \.php$ {
+ fastcgi_pass 127.0.0.1:9000;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ fastcgi_read_timeout 240;
+ include fastcgi_params;
+}
+
+location /phpMyAdmin/ {
+ allow 127.0.0.1;
+ deny all;
+
+ if ($request_method !~ "^(GET|POST)$"){
+ return 403;
+ }
+ if ($http_user_agent ~* "^(java|curl|wget).*"){
+ return 403;
+ }
+ if ($http_user_agent ~*
"^.*(libwww-perl|curl|wget|python|nikto|wkito|pikto|scan|acunetix).*"){
+ return 403;
+ }
+ if ($http_user_agent ~*
"^.*(winhttp|HTTrack|clshttp|archiver|loader|email|harvest|extract|grab|miner).*"){
+ return 403;
+ }
+ if ($http_user_agent ~*
"^.*(AdsBot-Google|ia_archiver|Scooter|Ask.Jeeves|Baiduspider|Exabot|FAST.Enterprise.Crawler|FAST-WebCrawler|www\.neomo\.de|Gigabot|Mediapartners-Google|Google.Desktop|Feedfetcher-Google|Googlebot|heise-IT-Markt-Crawler|heritrix|ibm.com\cs/crawler|ICCrawler|ichiro|MJ12bot|MetagerBot|msnbot-NewsBlogs|msnbot|msnbot-media|NG-Search|lucene.apache.org|NutchCVS|OmniExplorer_Bot|online.link.validator|psbot0|Seekbot|Sensis.Web.Crawler|SEO.search.Crawler|Seoma.\[SEO.Crawler\]|SEOsearch|Snappy|www.urltrends.com|www.tkl.iis.u-tokyo.ac.jp/~crawler|SynooBot|crawleradmin.t-i...@telekom.de|TurnitinBot|voyager|W3.SiteSearch.Crawler|W3C-checklink|W3C_Validator|www.WISEnutbot.com|yacybot|Yahoo-MMCrawler|Yahoo\!.DE.Slurp|Yahoo\!.Slurp|YahooSeeker).*"){
+ return 403;
+ }
+}
Index: pkg/PLIST
===================================================================
RCS file: /var/cvs/ports/www/phpmyadmin/pkg/PLIST,v
retrieving revision 1.63
diff -u -p -r1.63 PLIST
--- pkg/PLIST 1 Feb 2017 08:52:36 -0000 1.63
+++ pkg/PLIST 24 Mar 2017 21:04:36 -0000
@@ -143,7 +143,7 @@ phpMyAdmin/error_report.php
phpMyAdmin/examples/
phpMyAdmin/examples/config.manyhosts.inc.php
phpMyAdmin/examples/openid.php
-phpMyAdmin/examples/phpMyAdmin-httpd.conf
+phpMyAdmin/examples/phpMyAdmin-apache2.conf
@sample /var/www/conf/modules.sample/
@sample /var/www/conf/modules.sample/phpmyadmin.conf
phpMyAdmin/examples/signon-script.php
Index: pkg/README
===================================================================
RCS file: /var/cvs/ports/www/phpmyadmin/pkg/README,v
retrieving revision 1.5
diff -u -p -r1.5 README
--- pkg/README 1 Sep 2016 15:23:55 -0000 1.5
+++ pkg/README 24 Mar 2017 21:14:33 -0000
@@ -7,10 +7,13 @@ $OpenBSD: README,v 1.5 2016/09/01 15:23:
phpMyAdmin has been installed into ${INSTDIR}.
If using Apache, you can make this accessible to clients by enabling
-the configuration file:
+mod_rewrite in ${SYSCONFDIR}/apache2/httpd2.conf, the mysql php module,
+and the configuration file:
# ln -s ../modules.sample/phpmyadmin.conf /var/www/conf/modules/
- # /etc/rc.d/apache2 restart
+ # ln -s ${SYSCONFDIR}/php-${MODPHP_VERSION}.sample/mysqli.ini \
+${SYSCONFDIR}/php-${MODPHP_VERSION}/
+ # rcctl restart apache2
By default, this sets an alias for /phpMyAdmin and restricts access
to connections coming from localhost.
signature.asc
Description: PGP signature
