PHPIDS and phpMyAdmin Problem

Discussion in 'HOWTO-Related Questions' started by Cojun, Aug 10, 2009.

  1. Cojun

    Cojun New Member


    hope, I am in the right forum section here. I posted this article in the ISPCONFIG 3 forum as well, but this was the false place, I think. Sorry for this.

    I am very impressed with PHPIDS. It seems its exactly what I searched alot of times.
    But I have a question for wich I cannot find answers in google.
    I installed PHPIDS and it works fine for me with loggin into File, Database and sending email reports.
    But if I call phpMyAdmin on my Host and will browse throught database entries, I get blocked by PHPIDS. Now I am searching for a solution regarding this issue.
    What can I do to use phpMyAdmin furthermore without blocking throught PHPIDS?

    Thank you

  2. Ben

    Ben ISPConfig Developer ISPConfig Developer

    How did you configure phpids to interoperate with phpMyAdmin or how do you assume phpids to block this access?
    Afaik phpids by default just reports the impact but does not block by default. Nevertheless I am not pretty sure if phpMyAdmin won't generate tons of false positives as it deals with many sql statements etc. in it's requests.
    Maybe you might also ask in the phpids forum directly as you can get in contact with the developers directly.
  3. Cojun

    Cojun New Member

    Hi Ben,

    thank you for your reply.
    I posted this question already to the PHPIDS homepage. But got no answer till now.
    Your questions is the same like I ask me too. How can I configure PHPIDS to interoperate with phpMyAdmin? I found no appropriate section in the config file or some place else.
    Do you have a hint for me?

  4. Cojun

    Cojun New Member


    thank you for your answer.
    I solved this by adding a regular expression in my auto_prepend_file.

    if ( isset($_SERVER['SCRIPT_FILENAME']) && preg_match("/phpmyadmin/i",$_SERVER['SCRIPT_FILENAME'])) {
    // Do nothing
    else {
    // Check against PHPIDS

    With this, it works fine for me. But I am thinking about rewrite all scripts wich schould be checked against PHPIDS with a include header. So I can make sure, that only that scripts will be checked wich should be checked.

    Thank you for your Help in this case


Share This Page