path: root/databases/phpmyadmin5/files/pkg-message.in
diff options
authorJochen Neumeister <joneum@FreeBSD.org>2019-12-29 00:20:16 +0000
committerJochen Neumeister <joneum@FreeBSD.org>2019-12-29 00:20:16 +0000
commit78db55225bc8e90eeb1a19e122c9d3dd8b9018ea (patch)
tree2fd03827ac185fd9bf0c98a73944129b19da34cf /databases/phpmyadmin5/files/pkg-message.in
parentf4dd09a397a3df9c21900bf7fa86254578ddf936 (diff)
Welcome phpmyadmin5
Notes: svn path=/head/; revision=521250
Diffstat (limited to 'databases/phpmyadmin5/files/pkg-message.in')
1 files changed, 48 insertions, 0 deletions
diff --git a/databases/phpmyadmin5/files/pkg-message.in b/databases/phpmyadmin5/files/pkg-message.in
new file mode 100644
index 000000000000..c59745d76ae7
--- /dev/null
+++ b/databases/phpmyadmin5/files/pkg-message.in
@@ -0,0 +1,48 @@
+{ type: install
+ message: <<EOM
+%%PKGNAME%% has been installed into:
+ %%WWWDIR%%
+Please edit config.inc.php to suit your needs.
+To make phpMyAdmin available through your web site, I suggest
+that you add something like the following to httpd.conf:
+For Apache versions earlier than 2.4:
+ Alias /phpmyadmin/ "%%WWWDIR%%/"
+ <Directory "%%WWWDIR%%/">
+ Options none
+ AllowOverride Limit
+ Order Deny,Allow
+ Deny from all
+ Allow from .example.com
+ </Directory>
+For Apache version 2.4.x or above:
+ Alias /phpmyadmin/ "%%WWWDIR%%/"
+ <Directory "%%WWWDIR%%/">
+ Options None
+ AllowOverride Limit
+ Require local
+ Require host .example.com
+ </Directory>
+SECURITY NOTE: phpMyAdmin is an administrative tool that has had several
+remote vulnerabilities discovered in the past, some allowing remote
+attackers to execute arbitrary code with the web server's user credential.
+All known problems have been fixed, but the FreeBSD Security Team strongly
+advises that any instance be protected with an additional protection layer,
+e.g. a different access control mechanism implemented by the web server
+as shown in the example. Do consider enabling phpMyAdmin only when it
+is in use.