The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Secondary phpMyAdmin install goes into infinite redirect loop

Discussion in 'Database Discussions' started by rekabis, Dec 13, 2015.

  1. rekabis

    rekabis Member

    Joined:
    Sep 19, 2014
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    I am trying to set up phpMyAdmin under a subdomain in such a way that I get full access to MariaDB. However, when I try to access phpMyAdmin, I am either thrown into an infinite redirect loop, or I am able to log in, but any subsequent actions throw an error message and logging out throws me back into the redirect loop.

    So a bit of details:

    If I do not configure a config.inc.php, I am actually able to log on using the MariaDB root account. However, once in I cannot do anything. Any attempt to click on any other link throws an error message (javascript, the red modal dialog with the thick orange border). Logging out throws me right into an infinite redirect loop which requires a browser restart to recover from.

    When I configure the config.inc.php file, I put in *only* the username and password for the MariaDB root login:
    $cfg['Servers'][$i]['user'] = 'root';
    $cfg['Servers'][$i]['password'] = 'dummypw';​
    however when I try to connect now, I get the infinite redirect loop immediately. I cannot even get to the login page. Even adding a blowfish_secret does not help, nor does switching to a socket.

    I have set phpMyAdmin up dozens of times on other servers, and have never experienced a redirect loop like this before. The only difference is that for the first time my server is *not* handbuilt, but uses WHM/cPanel for setup and configuration. Is there anything in the WHM/cPanel settings that is borking up my separate install of phpMyAdmin?

    Also, please note that my Apache root is not /home/ but /var/www/, and that I am making use of CentOS 7 64-bit (for what it’s worth) with jails.
     
  2. rekabis

    rekabis Member

    Joined:
    Sep 19, 2014
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Uhhhh… just noticed that I have a metric arseload of LFD alerts that have come in. Turns out that ModSecurity is <censored /> with me. I have both ConfigServer Security & Firewall as well as ConfigServer Modsec Control installed. I cannot seem to whitelist the subdomain directory (it does nothing significant) and the ID changes with every connection request (so I cannot whitelist by id). Suggestions?

    An example is as such:
    Code:
    [Sun Dec 13 00:52:17.785813 2015] [:error] [pid 5449] [client 76.10.188.106] ModSecurity: Access denied with redirection to [URL]http://phpmyadmin.domain.net/[/URL] using status 302 (phase 4). Pattern match "^5\\\\d{2}$" at RESPONSE_STATUS. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/RESPONSE-50-DATA-LEAKAGES.conf"] [line "14"] [id "970901"] [rev "3"] [msg "The Application Returned a 500-Level Status Code"] [data "Matched Data: 500 found within RESPONSE_STATUS: 500"] [severity "ERROR"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "9"] [tag "Host: phpmyadmin.domain.net"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-information disclosure"] [tag "WASCTC/WASC-13"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.6"] [hostname "phpmyadmin.domain.net"] [uri "/index.php"] [unique_id "Vm0xwWic-N4AABVJUk8AAAAA"]
    Suggestions?
     
    #2 rekabis, Dec 13, 2015
    Last edited: Dec 13, 2015
  3. rekabis

    rekabis Member

    Joined:
    Sep 19, 2014
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Dropped straight down into the ModSec whitelist for the subdomain, and because I didn’t want to turn off Mod Security entirely for that subdomain (a nuclear option that should only ever be a last resort), I started collating the IDs that were being thrown. So far I have snagged and whitelisted these:
    • 970901
    • 973337
    • 973343
    • 981243
    • 981245
    • 981257
    and as of now phpMyAdmin seems to be functional. Mostly.

    Good luck to anyone else with this issue, and if you find any other ModSec IDs affecting phpMyAdmin please add them to this thread for posterity.
     
  4. rekabis

    rekabis Member

    Joined:
    Sep 19, 2014
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Whelp, I found one more ID:
    • 981240
    But running SQL statements is a definite no-go. Throws a 406 error every time. No accompanying LFT alert, just a complete shutdown of all ability to run SQL queries, either through forms or via raw SQL. Turning ModConfig for that specific subdomain off through the Configserver control doesn’t help either -- 406 continues to be thrown which leads me to believe that this issue arises from somewhere outside of the subdomain.

    Help?
     
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,723
    Likes Received:
    660
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    What specific error message do you see in /usr/local/apache/logs/error_log when this happens?

    Thank you.
     
Loading...

Share This Page