MacOS – Sierra – Apache localhost user level and phpMyAdmin

apachemacosMySQLwebserver

I've installed the AMP stack (Apache, MySQL, PHP) and phpMyAdmin on my system.
I set up user level root too (localhost/~user) and it worked.

The things that make me still confused are:

Why is it forbidden to access system level root (http://localhost/) now?
And if I want to use phpMyAdmin on my user level site (http://localhost/~user/) should I install it again on my localhost/~user?

Best Answer

The "Forbidden" (error 403) error message is something that's generated by the Apache web server

What you need to check in your httpd.conf (or related files) that:

Your global Directory has Options -Indexes (this prevents the server from showing an index of the directory and file structure in the absence of an index.htm or index.html file. Having this option set and no index.htm file will cause this 403 message to be generated.
You have the line DirectoryIndex index.html index.php specified. This will ensure it automatically opens either file name upon entering the directory. You also want to make sure you have an index.html or an index.php file in the directory.

If you want to test out your PHP installation, there's a small piece of code you can put into an index.php file (you can name it anything you want, but it must end with .php).

<?php  
   phpinfo(); 
?>

When you point your browser to localhost you should now see (your settings will vary of course):

phpMyAdmin

As for phpMyAdmin, you can put this anywhere. You can put it in your users directory (not recommended if you have multiple users that need to use it) or your can create a port based virtual host so that it will be available only if someone knows which port it's listening on. Have a look at the Apache documentation to see examples and explanations.

Also, you might want to have a look at Adminer instead of phpMyAdmin. I have found it much easier to deploy and much more robust.

Method 1

If you want to limit everything on your local webserver to just your local machine, edit the file "/etc/apache2/httpd.conf". At approx line 195 you'll find a configuration block that looks similar to:

<Directory "/Library/WebServer/Documents">
    #
    # Possible values for the Options directive are "None", "All",
    # or any combination of:
    #   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
    #
    # Note that "MultiViews" must be named *explicitly* --- "Options All"
    # doesn't give it to you.
    #
    # The Options directive is both complicated and important.  Please see
    # http://httpd.apache.org/docs/2.2/mod/core.html#options
    # for more information.
    #
    Options Indexes FollowSymLinks MultiViews

    #
    # AllowOverride controls what directives may be placed in .htaccess files.
    # It can be "All", "None", or any combination of the keywords:
    #   Options FileInfo AuthConfig Limit
    #
    AllowOverride None

    #
    # Controls who can get stuff from this server.
    #
    Order allow,deny
    Allow from all

</Directory>

You are going to want to comment out the bottom two lines of that block and add in new rules

Deny from all

and

Allow from 127.0.0.1

that block should now look like:

<Directory "/Library/WebServer/Documents">
    #
    # Possible values for the Options directive are "None", "All",
    # or any combination of:
    #   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
    #
    # Note that "MultiViews" must be named *explicitly* --- "Options All"
    # doesn't give it to you.
    #
    # The Options directive is both complicated and important.  Please see
    # http://httpd.apache.org/docs/2.2/mod/core.html#options
    # for more information.
    #
    Options Indexes FollowSymLinks MultiViews

    #
    # AllowOverride controls what directives may be placed in .htaccess files.
    # It can be "All", "None", or any combination of the keywords:
    #   Options FileInfo AuthConfig Limit
    #
    AllowOverride None

    #
    # Controls who can get stuff from this server.
    #
    #Order allow,deny
    #Allow from all
    Deny from all
    Allow from 127.0.0.1

</Directory>

Method 2

You can also use .htaccess files to limit who has access to a directory. In order for .htaccess files to work you first need to enable them. Open the same file I referenced in method 1 (/etc/apache2/httpd.conf) and go to the same configuration block I mentioned before (at approx line 195). You'll need to change (at approx line 215):

AllowOverride None

AllowOverride All

Once you have done that you can create a file called .htaccess in any folder on your web server with the following information:

Deny from all
Allow from 127.0.0.1

That will prevent anyone besides your local machine from accessing the contents of that folder or any of it's subfolders.

Conclusion

Method 1 has the benefit of not having to worry about accidentally deleting .htaccess files or worrying about multiple configurations. Method 2 makes it very simple to only restrict access to certain directories of your webserver.

Also note that the .htaccess file must include that period at the beginning of the file name (it's .htaccess not htaccess) and that when you want to view your local webserver you have to do so by going to http://localhost (you can't use [your computer name].local).

Why localhost works even apache is off

The problem was solved.

I run ps aux | grep httpd and got a lot of process. I've killed each process and restarted ZS. Now it's ok)

Best Answer

phpMyAdmin

Related Solutions

MacOS – Web Sharing Apache Localhost – Access permissions

Method 1

Method 2

Conclusion

Why localhost works even apache is off

Related Question