- Clean "CentOS MinimalCD 6.5" Installed
- "Domain Name"
- "DNS"
- "Zones"
- "Wildcard Certificate"
- "Root" Access
- *** NOTE: Double Check Syntax If you Copy and Paste from Guide.
su -
printenv
locale -a
locale -a | grep “UTF-8″
hostname yourdomain.com
nano /etc/host
# Add following (Change: 192.168.1.100 to your network IP):
192.168.1.100 yourdomain.com yourdomain # This Line should already be there.
192.168.1.100 phpmyadmin.yourdomain.com phpmyadmin
192.168.1.100 munkiwebadmin.yourdomain.com munkiwebadmin
yum update -y
sudo reboot now
# Download the GPG key for EPEL
wget -O /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6 https://www.fedoraproject.org/static/0608B895.txt
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
# Verify that the key
rpm -qa gpg*
# Install the epel-release 6 &-6-8.noarch
rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
# Verify that the EPEL repositories are enabled.
yum repolist
yum -y groupinstall 'Development Tools'
yum -y install readline readline-devel ncurses-devel httpd mod_ssl gdbm-devel glibc-devel tcl-devel openssl-devel curl-devel expat-devel db4-devel byacc gettext-devel sqlite-devel libyaml libyaml-devel libffi libffi-devel libxml2 libxml2-devel libxslt libxslt-devel libicu libicu-devel system-config-firewall-tui redis sudo wget crontabs logwatch logrotate perl-Time-HiRes perl-CPAN gettext zlib-devel bzip2-devel xz-libs nano git bash-completion
chkconfig httpd on
mkdir /var/log/httpd/logs/
# Remove "Git"
yum -y remove git
# Install "Git 2.2.2"
mkdir /tmp/git && cd /tmp/git
wget https://github.com/git/git/archive/v2.2.2.zip
unzip v2.2.2.zip
cd git-2.2.2
./configure
make
make prefix=/usr/ install
cp -r contrib/completion /usr/share/git-core/
which git
mkdir /tmp/python && cd /tmp/python
wget http://www.python.org/ftp/python/2.7.8/Python-2.7.8.tar.xz
xz -d Python-2.7.8.tar.xz
tar -xvf Python-2.7.8.tar
cd Python-2.7.8
./configure --prefix=/usr
make
make altinstall
cd /tmp/python
wget --no-check-certificate https://pypi.python.org/packages/source/s/setuptools/setuptools-1.4.2.tar.gz
tar -xvf setuptools-1.4.2.tar.gz
cd setuptools-1.4.2
python2.7 setup.py install
python2.7 -V
easy_install-2.7 virtualenv==1.10.1
yum -y install python-docutils
yum --enablerepo=remi,remi-test install mysql-devel mysql-server
yum --enablerepo=remi install phpMyAdmin
chkconfig mysqld on
service mysqld start
# Secure your installation:
mysql_secure_installation
# Test Login to MySQL (type the database root password):
mysql -u root -p
# Quit the database session:
\q
# update all 127.0.0.1 with your network IP. Save & exit.
nano /etc/httpd/conf.d/phpMyAdmin.conf
service httpd restart
- Access phpMyAdmin in browser using following url. "http://your-network-ip/phpMyAdmin/"
- Select "Database" tab
- Create a database "munkiwebadmin" and select utf8_general_ci under the Collation section.
- Select Database "munkiwebadmin" and click on "Privileges"
- Select "Add New User"
- Type "munkiwebadmin" for username, host use "Local", and generate a password. Save this password!!!!
- Ceck Box with "Database with the same name and grant all privileges"
- Select "Go"
- Exit or Close "phpMyAdmin" window.
Include /usr/local/bin to "munkiwebadmin" user's PATH.
Edit the sudoers file as root and run:
sudo nano /etc/sudoers
Search for this line:
Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin
Append /usr/local/bin like so:
Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin
Add group "apache" to shudders "NOPASSWD: ALL"
Search for this line:
## Same thing without a password
# %wheel ALL=(ALL) NOPASSWD: ALL
Add following:
apache ALL=(ALL) NOPASSWD: ALL
Save and exit.
Create "munki_repo" directory and permissions:
useradd munkiwebadmin
groupadd munki
usermod -g munki munkiwebadmin
mkdir /var/www/munki_repo
chown -R apache /var/www/munki_repo
chmod -R a+rX /var/www/munki_repo
Add "sub-directory" with correct permissionns:
mkdir /var/www/munki_repo/pkgs
mkdir /var/www/munki_repo/catalogs
mkdir /var/www/munki_repo/manifests
mkdir /var/www/munki_repo/pkgsinfo
chown munkiwebadmin:munkiwebadmin /var/www/munki_repo/*
Install "MunkiWebADmin":
cd /usr/local
virtualenv munkiwebadmin_env
chown -R munkiwebadmin munkiwebadmin_env
su munkiwebadmin
cd munkiwebadmin_env
source bin/activate
pip install django==1.5.1
pip install django-wsgiserver==0.8.0rc1
pip install MySQL-python
git clone https://code.google.com/p/munki.munkiwebadmin/ munkiwebadmin
cd munkiwebadmin
cp settings_template.py settings.py
Edit settings.py:
-
Set ADMINS (administrative "name" & "email")
-
Set TIME_ZONE
-
Under INSTALLED_APPS uncomment "django_wsgiserver"
-
Under DATABASES, make the following changes:
ENGINE: django.db.backends.mysql
NAME: munkiwebadmin
USER: munkiwebadmin
PASSWORD: "Use Password generated from "munkiwebadmin" phpMyAdmin database.
Set MUNKI REPO DIR:
"/var/www/munki_repo"
Initialize the app's database and create an admin user (Type yes when prompted):
python manage.py syncdb
Stage the static files (Type yes when prompted):
python manage.py collectstatic
Generate a .wsgi file to bootstrap MunkiWebAdmin ( Create ".wsgi" in "/usr/local/munkiwebadmin_env/")
cd ..
nano munkiwebadmin.wsgi
Copy and Paste following in Terminal Window:
import os
import site
import sys
# Remember original sys.path.
prev_sys_path = list(sys.path)
# we add currently directory to path and change to it
pwd = os.path.dirname(os.path.abspath(__file__))
os.chdir(pwd)
sys.path = [pwd] + sys.path
sys.path = [os.path.join(pwd, 'munkiwebadmin')] + sys.path
# find the site-packages within the local virtualenv
for python_dir in os.listdir('lib'):
site_packages_dir = os.path.join('lib', python_dir, 'site-packages')
if os.path.exists(site_packages_dir):
site.addsitedir(os.path.abspath(site_packages_dir))
# Reorder sys.path so new directories at the front.
new_sys_path = []
for item in list(sys.path):
if item not in prev_sys_path:
new_sys_path.append(item)
sys.path.remove(item)
sys.path[:0] = new_sys_path
# now start django
from django.core.handlers.wsgi import WSGIHandler
os.environ['DJANGO_SETTINGS_MODULE'] = 'settings'
application = WSGIHandler()
Save and Exit
exit # Exit out of Virtualenv Enviroment
Login as "root" and install "mod_wsgi"
whoami
yum install -y mod_wsgi
mkdir /var/run/wsgi
chown munkiwebadmin:root /var/run/wsgi
Generate the RSA key
Create a RSA key for Apache:
mkdir ~/domain.com.ssl/
cd ~/domain.com.ssl/
Type the following command to generate a private key.
openssl genrsa -des3 -out ~/domain.com.ssl/domain.com.key.pem 2048
chmod 400 ~/domain.com.ssl/domain.com.key.pem
Create a CSR:
openssl req -new -key ~/domain.com.ssl/domain.com.key.pem -out ~/domain.com.ssl/domain.com.csr
When creating a CSR you must follow these conventions. The following characters can not be accepted: < > ~ ! @ # $ % ^ * / \ ( ) ?.,&
- Country - The two-letter ISO abbreviation for your country
- State or Province - Cannot be abbreviated!!!!
- City or Locality - Enter City Name
*** Use "CName" for "Organization"
- Organization - domain.com
- Organization Unit - "munkiwebadmin"`
*** Wildcard certificate make sure to prefix your domain with an asterisk
- Common Name - *.domain.com
Note: DO NOT Enter the following:
Email Address []: A challenge password []: An optional company name []:
Verify your CSR
openssl req -noout -text -in ~/domain.com.ssl/domain.com.csr
From this point you have to take your CSR that you created here and submit it to a certificate authority.
Find and Follow Instructions on "How to Create "ca-bundle.crt" from your certificate authority.
Create zone "phpmyadmn" point IP to your Server IP hosting "phpmyadmn". Create zone "munkiwebadmin" point IP to your Server IP hosting "munkiwebadmin".
nano touch DocumentRoot /var/www/html/index.html
Create SSL Directory
mkdir -p /etc/httpd/ssl/certs/ && mkdir -p /etc/httpd/ssl/private/
Move SSL Certificates & Keys to SSL Directory.
/etc/httpd/ssl/certs/domain.com.crt
/etc/httpd/ssl/private/domain.com.key.pem
/etc/httpd/ssl/certs/ca-bundle.crt
Backup up Apache.conf
sudo cp /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf-backup
sudo cp /etc/httpd/conf.d/phpMyAdmin.conf /etc/httpd/conf.d/phpMyAdmin.conf-backup
sudo cp /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.conf-backup
Remove Old Apache.conf
sudo rm -rf /etc/httpd/conf.d/phpMyAdmin.conf /etc/httpd/conf.d/ssl.conf
Do not delete "/etc/httpd/conf/httpd.conf" you will use it to set up Apache.
Create New SSL.conf:
nano /etc/httpd/conf.d/ssl.conf
Copy & Paste Following in Terminal Window (Change IP to match your Network IP):
LoadModule ssl_module modules/mod_ssl.so
NameVirtualHost 192.168.1.100:80
<IfModule mod_ssl.c>
Listen 443
NameVirtualHost 192.168.1.100:443
</IfModule>
SSLPassPhraseDialog builtin
SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout 300
SSLMutex default
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin
Save and Exit
httpd.conf needs to look like the foliowing below"
Change and comment out settings to match below Httpd.conf
Change all "192.168.1.100" IP to match your Network IP.
Change where it says "yourdomain" to your CName.
Save And exit when your finish.
Add a local 'admin' user for your WebDAV share.
htpasswd -c /etc/httpd/munki_repo-htpasswd admin
chown munkiwebadmin:apache /etc/httpd/munki_repo-htpasswd
chmod 640 /etc/httpd/munki_repo-htpasswd
Restart https & Enter Password for SSL.key.
service httpd restart
If all goes well you should not see any errors!!!
USE https://munkiwebadmin.yourdomain.com for "munkiwebadmin"
USE https://phpmyadmin.yourdomain.com for "phpmyadmin"
NOTE: If you need add more sub-directorys.
- Copy VirtualHost 192.168.1.100:80/443 and
- Change Zone Names
- Configure DocumentRoot & etc...
It's time to add & configure your repo pkgs, manifest, etc...
=############ Httpd.conf #################
I would use txt ediotr for this or sudo nano /etc/httpd/conf/httpd.conf
ServerTokens Pro
TraceEnable Off
PidFile run/httpd.pid
Timeout 60
KeepAlive Off
MaxKeepAliveRequests 100
KeepAliveTimeout 15
<IfModule prefork.c>
StartServers 1
MinSpareServers 1
MaxSpareServers 5
ServerLimit 10
MaxClients 10
MaxRequestsPerChild 4000
</IfModule>
<IfModule worker.c>
StartServers 1
MaxClients 10
MinSpareThreads 1
MaxSpareThreads 4
ThreadsPerChild 25
MaxRequestsPerChild 0
</IfModule>
Listen 80
Listen 8081
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authn_alias_module modules/mod_authn_alias.so
LoadModule authn_anon_module modules/mod_authn_anon.so
LoadModule authn_dbm_module modules/mod_authn_dbm.so
LoadModule authn_default_module modules/mod_authn_default.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_owner_module modules/mod_authz_owner.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_dbm_module modules/mod_authz_dbm.so
LoadModule authz_default_module modules/mod_authz_default.so
LoadModule ldap_module modules/mod_ldap.so
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule include_module modules/mod_include.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule logio_module modules/mod_logio.so
LoadModule env_module modules/mod_env.so
LoadModule ext_filter_module modules/mod_ext_filter.so
LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule expires_module modules/mod_expires.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule headers_module modules/mod_headers.so
LoadModule usertrack_module modules/mod_usertrack.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule mime_module modules/mod_mime.so
LoadModule dav_module modules/mod_dav.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule info_module modules/mod_info.so
LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule actions_module modules/mod_actions.so
LoadModule speling_module modules/mod_speling.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule substitute_module modules/mod_substitute.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule cache_module modules/mod_cache.so
LoadModule suexec_module modules/mod_suexec.so
LoadModule disk_cache_module modules/mod_disk_cache.so
LoadModule cgi_module modules/mod_cgi.so
LoadModule version_module modules/mod_version.so
Include conf.d/*.conf
User apache
Group apache
ServerAdmin [email protected]
UseCanonicalName Off
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<IfModule mod_userdir.c>
UserDir disabled
</IfModule>
DirectoryIndex index.html index.html.var
AccessFileName .htaccess
<Files ~ "^\.ht">
Order allow,deny
Deny from all
Satisfy All
</Files>
TypesConfig /etc/mime.types
DefaultType text/plain
<IfModule mod_mime_magic.c>
# MIMEMagicFile /usr/share/magic.mime
MIMEMagicFile conf/magic
</IfModule>
HostnameLookups Off
ErrorLog logs/error_log
LogLevel warn
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
CustomLog logs/access_log combined
Alias /icons/ "/var/www/icons/"
<Directory "/var/www/icons">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
<Directory "/var/www/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
IndexOptions FancyIndexing VersionSort NameWidth=* HTMLTable Charset=UTF-8
AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
AddIconByType (TXT,/icons/text.gif) text/*
AddIconByType (IMG,/icons/image2.gif) image/*
AddIconByType (SND,/icons/sound2.gif) audio/*
AddIconByType (VID,/icons/movie.gif) video/*
AddIcon /icons/binary.gif .bin .exe
AddIcon /icons/binhex.gif .hqx
AddIcon /icons/tar.gif .tar
AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
AddIcon /icons/a.gif .ps .ai .eps
AddIcon /icons/layout.gif .html .shtml .htm .pdf
AddIcon /icons/text.gif .txt
AddIcon /icons/c.gif .c
AddIcon /icons/p.gif .pl .py
AddIcon /icons/f.gif .for
AddIcon /icons/dvi.gif .dvi
AddIcon /icons/uuencoded.gif .uu
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
AddIcon /icons/tex.gif .tex
AddIcon /icons/bomb.gif core
AddIcon /icons/back.gif ..
AddIcon /icons/hand.right.gif README
AddIcon /icons/folder.gif ^^DIRECTORY^^
AddIcon /icons/blank.gif ^^BLANKICON^^
DefaultIcon /icons/unknown.gif
ReadmeName README.html
HeaderName HEADER.html
IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
AddDefaultCharset UTF-8
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
AddHandler type-map var
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
Alias /error/ "/var/www/error/"
<IfModule mod_negotiation.c>
<IfModule mod_include.c>
<Directory "/var/www/error">
AllowOverride None
Options IncludesNoExec
AddOutputFilter Includes html
AddHandler type-map var
Order allow,deny
Allow from all
LanguagePriority en es de fr
ForceLanguagePriority Prefer Fallback
</Directory>
</IfModule>
</IfModule>
BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0
BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
BrowserMatch "MS FrontPage" redirect-carefully
BrowserMatch "^WebDrive" redirect-carefully
BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully
BrowserMatch "^gnome-vfs/1.0" redirect-carefully
BrowserMatch "^XML Spy" redirect-carefully
BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
<IfModule mod_dav_fs.c>
# Location of the WebDAV lock database.
DAVLockDB /var/lib/dav/lockdb
Alias /munki_repo /var/www/munki_repo/
<Location /munki_repo>
DAV On
SSLRequireSSL
Options None
AuthType Basic
AuthName "Munki Repo"
AuthUserFile /etc/httpd/munki_repo-htpasswd
<LimitExcept GET OPTIONS>
Order allow,deny
Allow from all
Require valid-user
</LimitExcept>
</Location>
</IfModule>
<IfModule mod_proxy.c>
ProxyRequests On
ProxyPreserveHost On
ProxyVia On
AllowEncodedSlashes Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
</IfModule>
###########################################################
# http://yourdomain.com
# https://yourdomain.com -- Throws warning because cert is for *.site-a.com... see bottom
# http://www.yourdomain.com
# https://www.yourdomain.com
###########################################################
#
<VirtualHost 192.168.1.100:80 192.168.1.100:443>
ServerName yourdomain.com
ServerAlias www.yourdomain.com
DocumentRoot /var/www/html
SSLEngine On
SSLCipherSuite SSLv3:TLSv1:+HIGH:!SSLv2:!MD5:!MEDIUM:!LOW:!EXP:!ADH:!eNULL:!aNULL
SSLCertificateFile /etc/httpd/ssl/certs/yourdomain.com.crt
SSLCertificateKeyFile /etc/httpd/ssl/private/yourdomain.com.key.pem
SSLCACertificateFile /etc/httpd/ssl/certs/yourdomain.com.ca-bundle
</VirtualHost>
###########################################################
#
<VirtualHost 192.168.1.100:80>
ServerName munkiwebadmin.yourdomain.com
Redirect / https://munkiwebadmin.yourdomain.com/
ServerSignature Off
RewriteEngine on
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
</VirtualHost>
###########################################################
#
<VirtualHost 192.168.1.100:80>
ServerName phpmyadmin.yourdomain.com
Redirect / https://phpmyadmin.yourdomain.com/
ServerSignature Off
RewriteEngine on
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
</VirtualHost>
###########################################################
#
# https://munkiwebadmin.yourdomain.com
WSGISocketPrefix /var/run/wsgi
<VirtualHost 192.168.1.100:443>
ServerName munkiwebadmin.yourdomain.com
DocumentRoot /var/www/munki_repo
<Location />
ProxyPassReverse http://127.0.0.1:8080
ProxyPassReverse http://munkiwebadmin.yourdomain.com/
</Location>
WSGIScriptAlias / /usr/local/munkiwebadmin_env/munkiwebadmin.wsgi
WSGIDaemonProcess munkiwebadmin user=munkiwebadmin group=munki
Alias /static/ /usr/local/munkiwebadmin_env/munkiwebadmin/static/
<Directory /usr/local/munkiwebadmin_env>
<Files munkiwebadmin.wsgi>
WSGIProcessGroup munkiwebadmin
WSGIApplicationGroup %{GLOBAL}
Order deny,allow
Allow from all
</Files>
</Directory>
ErrorLog /var/log/httpd/munkiwebadmin.yourdomain.com-error_log
CustomLog /var/log/httpd/munkiwebadmin.yourdomain.com-access_log common
</VirtualHost>
###########################################################
#
# https://phpmyadmin.yourdomain.com
<VirtualHost 192.168.1.100:443>
ServerName phpmyadmin.yourdomain.com
ServerSignature Off
<Location />
ProxyPassReverse http://127.0.0.1:8080
ProxyPassReverse http://phpMyAdmin.yourdomain.com/
</Location>
Alias /phpMyAdmin /usr/share/phpMyAdmin
Alias /phpmyadmin /usr/share/phpMyAdmin
<Directory /usr/share/phpMyAdmin/>
<IfModule mod_authz_core.c>
# Apache 2.4
Require local
</IfModule>
<IfModule !mod_authz_core.c>
# Apache 2.2
Order Deny,Allow
Deny from All
Allow from 192.168.1.100
Allow from ::1
</IfModule>
</Directory>
<Directory /usr/share/phpMyAdmin/setup/>
<IfModule mod_authz_core.c>
# Apache 2.4
Require local
</IfModule>
<IfModule !mod_authz_core.c>
# Apache 2.2
Order Deny,Allow
Deny from All
Allow from 192.168.1.100
Allow from ::1
</IfModule>
</Directory>
<Directory /usr/share/phpMyAdmin/libraries/>
Order Deny,Allow
Deny from All
Allow from None
</Directory>
<Directory /usr/share/phpMyAdmin/setup/lib/>
Order Deny,Allow
Deny from All
Allow from None
</Directory>
<Directory /usr/share/phpMyAdmin/setup/frames/>
Order Deny,Allow
Deny from All
Allow from None
</Directory>
ErrorLog /var/log/httpd/phpmyadmin.yourdomain.com-error_log
CustomLog /var/log/httpd/phpmyadmin.yourdomain.com-access_log common
</VirtualHost>