Re: [users@httpd] securing phpmyadmin access with SSL encryption

Sun, 09 Aug 2009 00:28:37 -0700 

Yes, in a tailored made virtualhost.


On Sat, Aug 8, 2009 at 5:25 PM, Etienne Loutrel <etie...@gnulinux.fr> wrote:

> hello everybody,
>
> this is my first post here :-)       I am running an ubuntu server with
> 8.04 release
> .
> I am using phpmyadmin to manage my databases - it is more confortable than
> the console.
> I am not at ease however sending my mysql root password over the internet
> and I would like to secure access to phpmyadmin with SSL encryption.
>
> I am using virtualhosts but phpmyadmin is not a virtual host. It can be
> reached at http://IP_server_adress/phpmyadmin
>
> I have generated my own SSL certificate with
> sudo make-ssl-cert /usr/share/ssl-cert/ssleay.cnf
> /etc/ssl/private/localhost.pem
>
>
> I guess I should add the following directives somewhere
> SSLEngine On
> SSLCertificateFile /etc/ssl/private/localhost.pem
>
>
> But I wonder where I should add these instructions ? in
> /etc/phpmyadmin/apache.conf ? in a tailored made virtualhost ?
>
>
>
>
> here is /etc/phpmyadmin/apache.conf
>
> $ more /etc/phpmyadmin/apache.conf
> # phpMyAdmin default Apache configuration
>
> Alias /phpmyadmin /usr/share/phpmyadmin
>
> <Directory /usr/share/phpmyadmin>
>         Options Indexes FollowSymLinks
>         DirectoryIndex index.php
>
>         # Authorize for setup
>         <Files setup.php>
>             # For Apache 1.3 and 2.0
>             <IfModule mod_auth.c>
>                 AuthType Basic
>                 AuthName "phpMyAdmin Setup"
>                 AuthUserFile /etc/phpmyadmin/htpasswd.setup
>             </IfModule>
>             # For Apache 2.2
>             <IfModule mod_authn_file.c>
>                 AuthType Basic
>                 AuthName "phpMyAdmin Setup"
>                 AuthUserFile /etc/phpmyadmin/htpasswd.setup
>             </IfModule>
>             Require valid-user
>         </Files>
>         <IfModule mod_php4.c>
>                 AddType application/x-httpd-php .php
>
>                 php_flag magic_quotes_gpc Off
>                 php_flag track_vars On
>                 php_flag register_globals Off
>                 php_value include_path .
>         </IfModule>
>         <IfModule mod_php5.c>
>                 AddType application/x-httpd-php .php
>
>                 php_flag magic_quotes_gpc Off
>                 php_flag track_vars On
>                 php_flag register_globals Off
>                 php_value include_path .
>         </IfModule>
> </Directory>
>
>
> thanks a lot
>
> cheers
>
> etienne
>
>
>

Reply via email to