Nginx SSL conf to access phpMyAdmin

Edho P Arief edhoprima at gmail.com
Fri May 7 20:00:50 MSD 2010


On Fri, May 7, 2010 at 8:30 PM, ideanet <nginx-forum at nginx.us> wrote:
> Hi,
> I have some trouble to configure correctly the access to phpMyAdmin via SSL.
> 1. problem: when i call the URL https://mydomain.com/phpmyadmin/ I don't have access.
> 2. problem: If I call the URL https://mydomain.com/phpmyadmin/index.php, I see the login page. I enter the account and password and after I'm redirected to the port 443 (http://mydomain.com:443/phpmyadmin/) with the message:
>
> 400 Bad Request
> The plain HTTP request was sent to HTTPS port
>
> At this point, if I press the back button of the browser and reload the login page, I can enter on the phpMyAdmin.
>
> I read that is needed the conf "fastcgi_param HTTPS on;", that I have included on my SSL section, but doesn't have any effect...
>
> Here my SSL conf:
>
> [i]server {
>                listen                  443;
>                server_name             mydomain.com;
>                server_tokens           off;
>                root                    /var/www/html;
>
>                ssl                     on;
>                ssl_certificate         /etc/nginx/mydomain.crt;
>                ssl_certificate_key     /etc/nginx/mydomain.key;
>
>                keepalive_timeout       70;
>                add_header              Front-End-Https    on;
>
>                client_max_body_size    50M;
>
>                fastcgi_param           HTTPS on;
>
>                ## Protect some directory and files
>                location ~ (^/(app/|includes/|lib/|/pkginfo/|var/|report/config.xml)|/\.svn/|/.hta.+) {
>                        deny all;
>                }
>
>                ## Specific SSL log files
>                access_log              /var/log/nginx/ssl.access.log;
>                error_log               /var/log/nginx/ssl.error.log;
>
>                ## this rewrites all the requests to the maintenance.html
>                if (-f $document_root/system/maintenance.html) {
>                        rewrite    ^(.*)$    /system/maintenance.html last;
>                        break;
>                }
>
>                ## Handle all .php files, /downloader and /report
>                location ~ (\.php|/downloader/?|/report/?)$ {
>                        if ($request_uri ~ /(downloader|report)$){
>                                # no trailing /, redirecting
>                                rewrite  ^(.*)$ $1/ permanent;
>                        }
>
>                        fastcgi_index index.php;
>                        include /etc/nginx/fastcgi_params;
>                        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
>
>                        if (-e $request_filename) { # check if requested path exists
>                        fastcgi_pass backend;
>                        }
>
>                }
>
>                ## Magento specific configuration
>                location / {
>                        # set expire headers
>                        if ($request_uri ~* "\.(ico|css|js|gif|jpe?g|png)$") {
>                                expires max;
>                        }
>
>                        # set fastcgi settings, not allowed in the "if" block
>                        include /etc/nginx/fastcgi_params;
>                        fastcgi_param SCRIPT_FILENAME $document_root/index.php;
>                        fastcgi_param SCRIPT_NAME /index.php;
>                        fastcgi_param HTTPS on;
>                        fastcgi_read_timeout 240;
>
>                        # rewrite a file not found, pass it to the backend
>                        if (!-f $request_filename) {
>                                fastcgi_pass backend;
>                                break;
>                                }
>                }
>
>        }[/i]
>

I'm so confused on where to start. Is that config only for running phpmyadmin?

Here's my phpmyadmin config:

server {
  listen 443 ssl;
  server_name myserver.com;
  ssl_certificate /srv/conf/cert/myserver.pem;
  ssl_certificate_key /srv/conf/cert/myserver.key;
  location ~ ^/phpmyadmin/.*\.php$ {
    root /srv/http/php;
    fastcgi_params HTTPS on;
    fastcgi_pass 127.0.0.1:9100;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME $request_filename;
    include fastcgi_params;
  }
  location = /phpmyadmin {
    rewrite ^ $scheme://$host$uri/?$args permanent;
  }
  location /phpamyadmin/ {
    index index.php;
    root /srv/http/php;
    expires max;
  }
}

-- 
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org


More information about the nginx mailing list