I have downloaded and installed XAMPP 1.8.1 for Windows on Windows 7 Ultimate. I have set up XAMPP to run together with IIS as per these instructions
All good so far, my PHP sites run locally and everything except phpMyAdmin is available from the XAMPP menu.
However when I try to access phpMyAdmin I get this error:
Access forbidden!
New XAMPP security concept:
Access to the requested directory is only available from the local network.
This setting can be configured in the file "httpd-xampp.conf".
I've found several answers via Google and some on this site. However, so far, none of the solutions I've tried have resolved the issue.
Here is my httpd-xampp.conf file:
#
# XAMPP settings
#
<IfModule env_module>
SetEnv MIBDIRS "C:/xampp/php/extras/mibs"
SetEnv MYSQL_HOME "\\xampp\\mysql\\bin"
SetEnv OPENSSL_CONF "C:/xampp/apache/bin/openssl.cnf"
SetEnv PHP_PEAR_SYSCONF_DIR "\\xampp\\php"
SetEnv PHPRC "\\xampp\\php"
SetEnv TMP "\\xampp\\tmp"
</IfModule>
#
# PHP-Module setup
#
LoadFile "C:/xampp/php/php5ts.dll"
LoadModule php5_module "C:/xampp/php/php5apache2_4.dll"
<FilesMatch "\.php$">
SetHandler application/x-httpd-php
</FilesMatch>
<FilesMatch "\.phps$">
SetHandler application/x-httpd-php-source
</FilesMatch>
#
# PHP-CGI setup
#
#<FilesMatch "\.php$">
# SetHandler application/x-httpd-php-cgi
#</FilesMatch>
#<IfModule actions_module>
# Action application/x-httpd-php-cgi "/php-cgi/php-cgi.exe"
#</IfModule>
<IfModule php5_module>
PHPINIDir "C:/xampp/php"
</IfModule>
<IfModule mime_module>
AddType text/html .php .phps
</IfModule>
ScriptAlias /php-cgi/ "C:/xampp/php/"
<Directory "C:/xampp/php">
AllowOverride None
Options None
Require all denied
<Files "php-cgi.exe">
Require all granted
</Files>
</Directory>
<Directory "C:/xampp/cgi-bin">
<FilesMatch "\.php$">
SetHandler cgi-script
</FilesMatch>
<FilesMatch "\.phps$">
SetHandler None
</FilesMatch>
</Directory>
<Directory "C:/xampp/htdocs/xampp">
<IfModule php5_module>
<Files "status.php">
php_admin_flag safe_mode off
</Files>
</IfModule>
AllowOverride AuthConfig
</Directory>
<IfModule alias_module>
Alias /security "C:/xampp/security/htdocs/"
<Directory "C:/xampp/security/htdocs">
<IfModule php5_module>
<Files "xamppsecurity.php">
php_admin_flag safe_mode off
</Files>
</IfModule>
AllowOverride AuthConfig
Require all granted
</Directory>
Alias /licenses "C:/xampp/licenses/"
<Directory "C:/xampp/licenses">
Options +Indexes
<IfModule autoindex_color_module>
DirectoryIndexTextColor "#000000"
DirectoryIndexBGColor "#f8e8a0"
DirectoryIndexLinkColor "#bb3902"
DirectoryIndexVLinkColor "#bb3902"
DirectoryIndexALinkColor "#bb3902"
</IfModule>
Require all granted
</Directory>
Alias /phpmyadmin "C:/xampp/phpMyAdmin/"
<Directory "C:/xampp/phpMyAdmin">
AllowOverride AuthConfig Limit
Order allow,deny
Allow from all
Require all granted
</Directory>
Alias /webalizer "C:/xampp/webalizer/"
<Directory "C:/xampp/webalizer">
<IfModule php5_module>
<Files "webalizer.php">
php_admin_flag safe_mode off
</Files>
</IfModule>
AllowOverride AuthConfig
Require all granted
</Directory>
</IfModule>
#
# New XAMPP security concept
#
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
Order deny,allow
Allow from all
Require all granted
ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>
Does anyone have any idea as to what I'm missing?
This question is related to
windows
phpmyadmin
xampp
To access the requested directory other than local network, you need to change the XAMPP security concept
configured in the file "httpd-xampp.conf".
xampp\apache\conf\extra\httpd-xampp.conf
Require Directive Selects which authenticated users can access a resource
Syntax «
Require entity-name [entity-name] ...
From « XAMPP security concept allows only local environment - Require local
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
Require local
ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>
To « XAMPP security concept allows any environment - Require all granted
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
Require all granted
ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>
Access forbidden! message from HTML Page.
Allow Directive Controls which hosts can access an area of the server
Syntax «
Allow from all|host|env=[!]env-variable [host|env=[!]env-variable] ...
Allowing only local environment. Using any of the below specified url's.
http://localhost/phpmyadmin/
http://127.0.0.1/phpmyadmin/
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
Order deny,allow
Deny from all
Allow from ::1 127.0.0.0/8 \
ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>
Allowing only to specified IPv4, IPv6 address spaces.
fe80::/10
A unique local address (ULA) is an IPv6 address in the block fc00::/7
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
Order deny,allow
Deny from all
Allow from ::1 127.0.0.0/8 \
fc00::/7 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 \
fe80::/10 169.254.0.0/16
ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>
Allowing for any network address. Allow from all
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
Order deny,allow
Allow from all
ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>
404 - XAMPP Control Panel: Unable to start Apache HTTP server.
URL: http://localhost/xampp/index.php
Error «
Not Found
HTTP Error 404. The requested resource is not found.
Required default Apache HTTP server port 80 is actually used by other Service.
You need to find the service running with port 80 and stop the service, then start the Apache HTTP server.
Use Netstat to displays active TCP connections, ports on which the computer is listening.
C:\Users\yashwanth.m>netstat -ano
Active Connections
Proto Local Address Foreign Address State PID
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 2920
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 1124
TCP 127.0.0.1:5354 0.0.0.0:0 LISTENING 3340
TCP [::]:80 [::]:0 LISTENING 2920
C:\Users\yashwanth.m>netstat -ano |findstr 2920
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 2920
TCP 0.0.0.0:443 0.0.0.0:0 LISTENING 2920
TCP [::]:80 [::]:0 LISTENING 2920
TCP [::]:443 [::]:0 LISTENING 2920
C:\Users\yashwanth.m>taskkill /pid 2920 /F
SUCCESS: The process with PID 2920 has been terminated.
Change listening port from main Apache HTTP server configuration file D:\xampp\apache\conf\httpd.conf
. Ex: 81
. From Listen 80
To Listen 81
, the access URL will be http://localhost:81/xampp/index.php
.
# Change this to Listen on specific IP addresses as shown below to
# prevent Apache from glomming onto all bound IP addresses.
#
#Listen 0.0.0.0:80
#Listen [::]:80
Listen 80
For more information related to httpd and virtual host on XAMPP
A reason for this could be Skype as well! If you use the default XAMPP settings, they both would run on the same port (80). You can:
You will have to edit 2 files - 1. httpd-vhosts.conf & 2. httpd-xampp.conf
NOTE : Make sure u backup files ( httpd-xampp.conf ) and ( httpd-vhosts.conf ) , Both Files are located in Drive:\xampp\apache\conf\extra
Open httpd-vhosts.conf file and in the bottom of the file change it
<VirtualHost *:80>
DocumentRoot “E:/xampp/htdocs/”
ServerName localhost
<Directory E:/xampp/htdocs/>.
Require all granted
</Directory>
</VirtualHost>
Here E:/xampp is my project workspace, you can change it as per your settings
and Second Change is on httpd-xampp.conf file and in the bottom of the file change it
#
# New XAMPP security concept
#
<LocationMatch “^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))”>
Order deny,allow
Allow from all
Allow from ::1 127.0.0.0/8
ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>
For many it's a permission issue, but for me it turns out the error was brought about by a mistake in the form I was trying to submit. To be specific i had accidentally put ">" sign after the value of "action". So I would suggest you take a second look at your code
If you're using a newer XAMPP (for example for PHP 5.6, 7) which is built with "Bitnami" installer and it includes Apache 2.4.x then this applies:
https://httpd.apache.org/docs/2.4/upgrading.html#run-time
2.2 configuration:
Order allow,deny
Allow from all
2.4 configuration:
Require all granted
This also applies to VirtualHost sections, if you have any custom virtualhost definitions.
Comment out the line Require local in httpd-xampp.conf.
Restart Apache.
Worked for me connecting my mobile phone to my test web-site on my PC.
No idea of the security implications.
Require all granted seemed a bit to far for me. Looking at the documentation I used: Require ip 192.168
to allow all internal access.
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
Require local
Require ip 192.168
ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>
This could be because of wrong configuration, esp if your other sites are working fine.
<VirtualHost cmsdemo.git:88>
DocumentRoot "C:/Projects/rwp/"
ServerName cmsdemo.git
<Directory C:/Projects/cmsdemo/>
Require all granted
AllowOverride All
</Directory>
</VirtualHost>
Notice in DocumentRoot I am specifying one folder and in Directory, I am specifying another hence 403 Error. This fixed my problem.
In your xampppath\apache\conf\extra open file httpd-xampp.conf and find the below tag:
<LocationMatch "^/(?i:(?:xampp|licenses|phpmyadmin|webalizer|server-status|server-info))">
Order deny,allow
Deny from all
Allow from ::1 127.0.0.0/8
ErrorDocument 403 /error/HTTP_XAMPP_FORBIDDEN.html.var
and add Allow from all
after Allow from ::1 127.0.0.0/8 {line}
Restart xampp, and you are done.
I tried everything but nothing worked. So I just used : chmod -R 777 to htdocs. At least it's only in my local.
Ubuntu (Linux)
:- $ sudo gedit /opt/lampp/etc/extra/httpd-xampp.conf
Comment "Deny from all" in the following section,
Change file
# New XAMPP security concept # <LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))"> Order deny,allow #Deny from all #Require local Allow from ::1 127.0.0.0/8 \ fc00::/7 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 \ fe80::/10 169.254.0.0/16 ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
just remove:
Alias /phpmyadmin "C:/xampp2/phpMyAdmin/"
<Directory "C:/xampp2/phpMyAdmin">
AllowOverride AuthConfig
Require all granted
</Directory>
and remove phpmyadmin from:
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|server-status|server-info))">
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
Require all granted
ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</LocationMatch>
Good luck!!!!
Update for XAMPP 7.3.*
If you get into same problem for phpmyadmin in the newest XAMPP, as I had.
The solution is written inside the official documentation located in [XAMPP IP]/dashboard/docs/access-phpmyadmin-remotely.html
To enable remote access to phpMyAdmin from other hosts, follow these steps:
- Launch the stack manager by double-clicking the XAMPP icon in the mounted disk image.
- Ensure that Apache and MySQL services are running in the "Services" tab of the stack manager (or start them as needed).
- Open a new terminal from the "General" tab of the stack manager.
- Edit the /opt/lampp/etc/extra/httpd-xampp.conf file.
- Within this file, find the block
<Directory "/opt/lampp/phpmyadmin">
Update this block and replace
Require local
withRequire all granted
,
- Save the file and restart the Apache service using the stack manager.
Note for section (4) To edit this file make sure you have vim installed.
Note for section (5) Instead of allowing access to all, which is highly insecure, if your computer is connected to a network. A safer approach is to limit the access to only set of IPs as suggested by @Gunnar Bernstein.
In my case I did:
<Directory "/opt/lampp/phpmyadmin">
AllowOverride AuthConfig Limit
Require local
Require ip 192.168
ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</Directory>
Some of the Answers are correct, but in case of working with new xampp or with some one not working other answers try this:
just go to the xampp folder:
xampp/apache/conf/extra/httpd-xampp.conf
and if you are trying to access from local ip in your network so change,
Alias /phpmyadmin "C:/xampp/phpMyAdmin/"
<Directory "C:/xampp/phpMyAdmin">
AllowOverride AuthConfig
Require local
ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</Directory>
Change to :
Alias /phpmyadmin "C:/xampp/phpMyAdmin/"
<Directory "C:/xampp/phpMyAdmin">
AllowOverride AuthConfig
Require all granted
ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var
</Directory>
Note: this is just for text, for the security of the xampp has some search....
for anyone having problems when using xampp and IIS using windows,
check the xamp panel on apache which port is using
Let assume apache is using port 81
then try this
http://127.0.0.1:81/
for me worked like charm, it might help someone in future
Try to reinstall new version of XAMPP. Find "<Directory "C:/xampp/php">
" and then change to something like this
<Directory "C:/xampp/php">
AllowOverride AuthConfig Limit
Order allow,deny
Allow from all
Require all granted
</Directory>
In New Xampp
All you have to do is to edit the file:
C:\xampp\apache\conf\extra\httpd-xampp.conf
and go to Directory tag as below:
<Directory "C:/xampp/phpMyAdmin">
and then change
Require local
To
Require all granted
in the Directory tag.
Restart the Xampp. That's it!
All you have to do is to edit the httpd-xampp.conf
from Require local to Require all granted in the LocationMatch tag.
That's it!
G:\xampp\apache\conf\extra\httpd-vhosts.conf
#start block
NameVirtualHost *:80
<VirtualHost *:80>
ServerName localhost
#change your directory name
DocumentRoot "G:\xampp\htdocs"
</VirtualHost>
#Your vertual Host
<VirtualHost *:80>
DocumentRoot "G:/xampp/htdocs/dev2018/guessbook"
ServerName dev.foreign-recruitment
<Directory "G:/xampp/htdocs/dev2018/guessbook/">
</Directory>
</VirtualHost>
#end block
Source: Stackoverflow.com