Want to subscribe to topics you're interested in?
Become a Member

phpmyadmin.sh Addon

Discussion in 'Add Ons' started by eva2000, May 25, 2014.

  1. eva2000

    eva2000 Administrator Staff Member

    44,172
    10,067
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,560
    Local Time:
    8:53 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    strange both your non-https and https curl header checks so the redirect target (location listing field) being non-https http version when it should be https version of phpmyadmin link

    but this could be why

    If only you access phpmyadmin, you can edit your local pc/laptop's host file to override DNS for hostname only pointing to your server IP so only you resolve hostname to server IP and no one else

    If you want to preview newdomain.com on new centminmod server without updating DNS, on Windows PC edit your windows HOSTS file at c:\Windows\System32\Drivers\etc\hosts (see guide at Modify your hosts file | Knowledge Center | Rackspace Hosting or install Hostman app HostsMan which can manage the file too and allows easy dns flushing when you make changes to the hosts file.

    c:\Windows\System32\Drivers\etc\hosts contents to preview without DNS update
    Code:
    centminmodserver-ip-address newdomain.com
    to disable preview comment it out and flush dns for your system
    Code:
    #centminmodserver-ip-address newdomain.com
    Hostsman app to flush dns and edit the c:\Windows\System32\Drivers\etc\hosts file

    And for MacOS users there's How to edit your Mac's Hosts file and why you would want to
     
  2. jair

    jair Member

    48
    7
    8
    Jan 8, 2017
    Ratings:
    +17
    Local Time:
    1:53 AM
    Don't just "might" it, go ahead and do it! :) Since I ditched phpmyadmin for heidisql, I couldn't be more happier, everything is working smoothly without the countless phpmyadmin issues. Not to mention that it is inherently more secure as it connects remotely and is not a sitting backdoor on your server, waiting to be exploited (altough @eva2000 makes a good effort to keep it locked :))
     
    • Informative Informative x 1
  3. yunos

    yunos Member

    102
    3
    18
    Aug 8, 2015
    Ratings:
    +12
    Local Time:
    12:53 AM
    1.8.0
    @eva2000 i have a hostname that isnt webaccessble domain and i want to remain as that. the issue is that your installation script is configurate to be used webaccessible via hostname. Anyway to change that. Example going for mainip/phpmyadmin
     
  4. eva2000

    eva2000 Administrator Staff Member

    44,172
    10,067
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,560
    Local Time:
    8:53 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    just do local dns edit on your own pc/devices as outlined at phpmyadmin.sh Addon then only you can access main hostname and no one else
     
  5. yunos

    yunos Member

    102
    3
    18
    Aug 8, 2015
    Ratings:
    +12
    Local Time:
    12:53 AM
    1.8.0
    thats rather inconvinient way considering i have multiple users who want to use phpmyadmin... Isnt there anyway for to not force phpmyadmin to not use hostname as web accessible address and instead use IP address
     
  6. eva2000

    eva2000 Administrator Staff Member

    44,172
    10,067
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,560
    Local Time:
    8:53 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    Yeah currently phpmyadmin.sh installer does it this way as working main hostname is also needed for properly mail delivery too Email - Steps to ensure your site/server email doesn't end up in spam inboxes
     
  7. yunos

    yunos Member

    102
    3
    18
    Aug 8, 2015
    Ratings:
    +12
    Local Time:
    12:53 AM
    1.8.0
    i just installed phpmyadmin from source since it was easier that way rather than forcing 15 of my users to do a convoluted way of editing dns to access phpmyadmin.
    Just wished you made option to use ip rather than hostname when installing phpmyadmin. i installed from source in rather insecure way but thats the only way i see to let my users access phpmyadmin
    thanks anyway
     
    Last edited: Sep 4, 2019
  8. eva2000

    eva2000 Administrator Staff Member

    44,172
    10,067
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,560
    Local Time:
    8:53 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    Yeah Centmin Mod wasn't made for shared hosting of multiple users but more tailored to the one owner/admin accessing the server so local host name edit method usually suffices.
     
  9. bocuavung

    bocuavung New Member

    8
    1
    3
    Sep 18, 2019
    Mars
    Ratings:
    +1
    Local Time:
    5:53 AM
    1.17.3
    10.3.18
    Love your way
     
  10. pamamolf

    pamamolf Premium Member Premium Member

    3,772
    366
    83
    May 31, 2014
    Ratings:
    +706
    Local Time:
    1:53 AM
    Nginx-1.17.x
    MariaDB 10.3.x
    Hello

    I just uninstall the old phpmyadmin v4.x and when i try to install the new 5.x i got this:

    Code:
    cd /usr/local/src/centminmod/addons
    wget --no-check-certificate https://github.com/centminmod/phpmyadmin/raw/master/phpmyadmin.sh -O phpmyadmin.sh
    chmod 0700 /usr/local/src/centminmod/addons/phpmyadmin.sh
    ./phpmyadmin.sh install

    Code:
    Warning: detected possible duplicate server_name entry
    main hostname vhost server_name value has to be unique
    and separate from any other nginx vhost site you addded
    Check your server_name in /usr/local/nginx/conf/conf.d/virtual.conf
    read Step 1 of Getting Started Guide for main hostname
    proper setup https://centminmod.com/getstarted.html
    But i can't see any duplicated names...

    virtual.conf

    Code:
    server {
    #         listen   80;
                listen   80 default_server backlog=4095 reuseport fastopen=256;
                server_name server.mydomain.com;
                root   html;
    
            access_log              /var/log/nginx/localhost.access.log     main buffer=256k flush=5m;
            error_log               /var/log/nginx/localhost.error.log      error;
    
    # ngx_pagespeed & ngx_pagespeed handler
    #include /usr/local/nginx/conf/pagespeed.conf;
    #include /usr/local/nginx/conf/pagespeedhandler.conf;
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
    # limit_conn limit_per_ip 16;
    # ssi  on;
    
      #limit_conn xwpconlimit 20;
      #limit_req  zone=xwplogin burst=90 nodelay;
    
            location /nginx_status {
            stub_status on;
            access_log   off;
            allow 127.0.0.1;
            #allow youripaddress;
            deny all;
            }
    
                location / {
    
    # block common exploits, sql injections etc
    include /usr/local/nginx/conf/block.conf;
    include /usr/local/nginx/conf/blockbots.conf;
    
    #         Enables directory listings when index file not found
    #        autoindex  on;
    
    #        Shows file listing times as local time
    #        autoindex_localtime on;
    
    #        Enable for vBulletin usage WITHOUT vbSEO installed
            try_files        $uri $uri/ /index.php;
               
                }
    
            # example nginx-http-concat
            # /csstest/??one.css,two.css
            #location /csstest {
            #concat on;
            #concat_max_files 20;
            #}
    
    include /usr/local/nginx/conf/staticfiles.conf;
    include /usr/local/nginx/conf/include_opcache.conf;
    include /usr/local/nginx/conf/php.conf;
    include /usr/local/nginx/conf/phpstatus.conf;
    include /usr/local/nginx/conf/drop.conf;
    #include /usr/local/nginx/conf/errorpage.conf;
    #include /usr/local/nginx/conf/vts_mainserver.conf;
    
           }

    virtual.ssl.conf

    Code:
    server {
      listen 443 ssl http2;
      server_name server.mydomain.com;
    
      ssl_certificate      /usr/local/nginx/conf/ssl/server.mydomain.com/server.mydomain.com-acme.cer;
      ssl_certificate_key  /usr/local/nginx/conf/ssl/server.mydomain.com/server.mydomain.com-acme.key;
      ssl_certificate_key  /usr/local/nginx/conf/ssl/server.mydomain.com/server.mydomain.com.key;
      include /usr/local/nginx/conf/ssl_include.conf;
    
      keepalive_timeout 3000;
      client_body_buffer_size 256k;
      client_body_timeout 3000s;
      client_header_buffer_size 256k;
      ## how long a connection has to complete sending
      ## it's headers for request to be processed
      client_header_timeout 60s;
      client_max_body_size 512m;
      connection_pool_size 512;
      directio 512m;
      ignore_invalid_headers on;
      large_client_header_buffers 8 256k;
    
      http2_max_field_size 16k;
      http2_max_header_size 32k;
      # dual cert supported ssl ciphers
      ssl_ciphers     EECDH+CHACHA20-draft:EECDH+CHACHA20:EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA256:EECDH+ECDSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+SHA384:EECDH+AES128:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!CAMELLIA;
      ssl_prefer_server_ciphers   on;
      #add_header Alternate-Protocol  443:npn-spdy/3;
      #add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
      #add_header X-Frame-Options SAMEORIGIN;
      #add_header X-Xss-Protection "1; mode=block" always;
      #add_header X-Content-Type-Options "nosniff" always;
      #spdy_headers_comp 5;
      ssl_buffer_size 1369;
      ssl_session_tickets on;
    
      # enable ocsp stapling
      resolver 8.8.8.8 8.8.4.4 valid=10m;
      resolver_timeout 10s;
      ssl_stapling on;
      ssl_stapling_verify on;
      ssl_trusted_certificate /usr/local/nginx/conf/ssl/server.mydomain.com/server.mydomain.com-acme.cer;
    
            root   html;
            access_log              /var/log/nginx/localhost.access.log     main;
            error_log               /var/log/nginx/localhost.error.log      error;
    
    # ngx_pagespeed & ngx_pagespeed handler
    #include /usr/local/nginx/conf/pagespeed.conf;
    #include /usr/local/nginx/conf/pagespeedhandler.conf;
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
    # limit_conn limit_per_ip 16;
    # ssi  on;
    
            location /nginx_status {
            stub_status on;
            access_log   off;
            allow 127.0.0.1;
            #allow youripaddress;
            deny all;
            }
    
                location / {
    
    # block common exploits, sql injections etc
    #include /usr/local/nginx/conf/block.conf;
    
    #Enables directory listings when index file not found
    #autoindex  on;
       
                }
    
    include /usr/local/nginx/conf/staticfiles.conf;
    include /usr/local/nginx/conf/include_opcache.conf;
    include /usr/local/nginx/conf/php.conf;
    #include /usr/local/nginx/conf/phpstatus.conf;
    include /usr/local/nginx/conf/drop.conf;
    #include /usr/local/nginx/conf/errorpage.conf;
    #include /usr/local/nginx/conf/vts_mainserver.conf;
    
           }
    Any ideas?

    Thank you
     
  11. eva2000

    eva2000 Administrator Staff Member

    44,172
    10,067
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,560
    Local Time:
    8:53 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    Duplicate is the virtual.ssl.conf vhost as phpmyadmin.sh has it's own main hostname SSL vhost setup so you need to do same workaround you did for virtual.ssl.conf setup again outlined in this thread so temp disable virtual.ssl.conf, then install phpmyadmin.sh and then do the manual steps you did previously in setting up virtual.ssl.conf

    i think from phpmyadmin.sh Addon only thing is to after phpmyadmin.sh install, is to remove /usr/local/nginx/conf/conf.d/phpmyadmin_ssl.conf and restore virtual.ssl.conf. No guarantees
     
    • Informative Informative x 1
  12. pamamolf

    pamamolf Premium Member Premium Member

    3,772
    366
    83
    May 31, 2014
    Ratings:
    +706
    Local Time:
    1:53 AM
    Nginx-1.17.x
    MariaDB 10.3.x
    It worked !

    Is it possible for the auto updater to update also the Phpmyadmin 4.x version to the latest?

    Also the installer for v4.x gets the 4.9.3 and not the latest 4.9.5... Can you please fix that as there are some security updates on the old version?

    Thank you
     
  13. eva2000

    eva2000 Administrator Staff Member

    44,172
    10,067
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,560
    Local Time:
    8:53 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    it should get the latest but will check
     
  14. pamamolf

    pamamolf Premium Member Premium Member

    3,772
    366
    83
    May 31, 2014
    Ratings:
    +706
    Local Time:
    1:53 AM
    Nginx-1.17.x
    MariaDB 10.3.x
    It didn't for me at least :(
     
  15. eva2000

    eva2000 Administrator Staff Member

    44,172
    10,067
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,560
    Local Time:
    8:53 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    depends on how own the phpmyadmin.sh installer was too ?? either way the phpmyadmin.sh official one should be used now as it works with 5.0.2 version and newer
     
  16. pamamolf

    pamamolf Premium Member Premium Member

    3,772
    366
    83
    May 31, 2014
    Ratings:
    +706
    Local Time:
    1:53 AM
    Nginx-1.17.x
    MariaDB 10.3.x
    There is a reason related to nodejs that i can't use the latest one yet....

    The installer that i used is:
    Code:
    wget --no-check-certificate https://github.com/centminmod/phpmyadmin/raw/master/phpmyadmin-4.9.sh -O phpmyadmin.sh
    Don't know why is not getting the latest 4.x :(

    It will be great if you can check that George as i need it at the moment...
     
  17. eva2000

    eva2000 Administrator Staff Member

    44,172
    10,067
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,560
    Local Time:
    8:53 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    updated phpmyadmin-4.9.sh with fix at centminmod/phpmyadmin :)
     
    • Like Like x 1
  18. pamamolf

    pamamolf Premium Member Premium Member

    3,772
    366
    83
    May 31, 2014
    Ratings:
    +706
    Local Time:
    1:53 AM
    Nginx-1.17.x
    MariaDB 10.3.x
    It works great now !

    Thank you :)
     
    • Like Like x 1
  19. pamamolf

    pamamolf Premium Member Premium Member

    3,772
    366
    83
    May 31, 2014
    Ratings:
    +706
    Local Time:
    1:53 AM
    Nginx-1.17.x
    MariaDB 10.3.x
    Hello

    When i try to export on xml i got this:
    [​IMG]
    from the logs i can see:

    Code:
    [02-Apr-2020 20:51:25 UTC] PHP Fatal error:  Uncaught TypeError: htmlspecialchars() expects parameter 1 to be string, null given in /usr/local/nginx/html/xxxx_mysqladminxxxx/libraries/classes/Plugins/Export/ExportXml.php:315
    Stack trace:
    #0 /usr/local/nginx/html/xxxx_mysqladminxxxx/libraries/classes/Plugins/Export/ExportXml.php(315): htmlspecialchars()
    #1 /usr/local/nginx/html/xxxx_mysqladminxxxx/export.php(448): PhpMyAdmin\Plugins\Export\ExportXml->exportHeader()
    #2 {main}
      thrown in /usr/local/nginx/html/xxxx_mysqladminxxxx/libraries/classes/Plugins/Export/ExportXml.php on line 315
    I posted as a bug:
    Can't export to .xml on latest 5.0.2 - Error: htmlspecialchars() expects parameter 1 to be string, null given · Issue #16062 · phpmyadmin/phpmyadmin
     
    Last edited: Apr 3, 2020
    • Informative Informative x 1
  20. pamamolf

    pamamolf Premium Member Premium Member

    3,772
    366
    83
    May 31, 2014
    Ratings:
    +706
    Local Time:
    1:53 AM
    Nginx-1.17.x
    MariaDB 10.3.x
    They fix it :)