Stefan Scott lists at
Sat Feb 14 03:27:21 MSK 2009

Hi -

I have a solution which seems to work now - I'm just not sure if this is 
the best and most secure way to do this.

I want to use a URL like:

And phpMyAdmin is installed on the server in directory:


Previously I was using a rewrite to remove the "phpmyadmin" part from 
the of all requests, and I was using /home/myname/sources/phpmyadmin as 
the root:

    rewrite ^/phpmyadmin(/.*)$ $1 break;

    root /home/myname/sources/phpmyadmin/;

Now, I'm doing something equivalent which doesn't involve 'rewrite': I 
keep the "phpmyadmin" part at start of the requests, and I use a shorter 
root which no longer has "phpmyadmin" at the end:

    # no rewrite

    root /home/myname/sources/;

This seems simpler and it does work.

There's a few things I'm worried about though:

1) The directory /home/myname/sources has lots of other programs in it. 
Supposedly they can't be accessed since the location is /phpmyadmin/ - 
is this true? If I point the browser at another program in the sources 
directory, eg:

I get a 404 File Not Found error - which is good.

2) Because of the rewrite from http to https, the above URL actually 
changes to https protocol before returning 404 File Not Found. Not quite 
perfect, but OK I guess.

3) Ultimately I'd like to rewrite from http to https only for the 
phpMyAdmin login page, and then use http (no SSL) while I'm already 
logged into the phpMyAdmin session, so it will be faster. I'll look into 
this later.

- Stefan Scott

Posted via

More information about the nginx mailing list