Nginx SSL conf to access phpMyAdmin
Igor Sysoev
igor at sysoev.ru
Sat May 8 15:14:51 MSD 2010
On Sat, May 08, 2010 at 12:59:02AM +0400, Igor Sysoev wrote:
> On Fri, May 07, 2010 at 09:30:18AM -0400, ideanet wrote:
>
> > Hi,
> > I have some trouble to configure correctly the access to phpMyAdmin via SSL.
> > 1. problem: when i call the URL https://mydomain.com/phpmyadmin/ I don't have access.
> > 2. problem: If I call the URL https://mydomain.com/phpmyadmin/index.php, I see the login page. I enter the account and password and after I'm redirected to the port 443 (http://mydomain.com:443/phpmyadmin/) with the message:
> >
> > 400 Bad Request
> > The plain HTTP request was sent to HTTPS port
> >
> > At this point, if I press the back button of the browser and reload the login page, I can enter on the phpMyAdmin.
> >
> > I read that is needed the conf "fastcgi_param HTTPS on;", that I have included on my SSL section, but doesn't have any effect...
> >
> > Here my SSL conf:
> >
> > [i]server {
> > listen 443;
> > server_name mydomain.com;
> > server_tokens off;
> > root /var/www/html;
> >
> > ssl on;
> > ssl_certificate /etc/nginx/mydomain.crt;
> > ssl_certificate_key /etc/nginx/mydomain.key;
> >
> > keepalive_timeout 70;
> > add_header Front-End-Https on;
> >
> > client_max_body_size 50M;
> >
> > fastcgi_param HTTPS on;
> >
> > ## Protect some directory and files
> > location ~ (^/(app/|includes/|lib/|/pkginfo/|var/|report/config.xml)|/\.svn/|/.hta.+) {
> > deny all;
> > }
> >
> > ## Specific SSL log files
> > access_log /var/log/nginx/ssl.access.log;
> > error_log /var/log/nginx/ssl.error.log;
> >
> > ## this rewrites all the requests to the maintenance.html
> > if (-f $document_root/system/maintenance.html) {
> > rewrite ^(.*)$ /system/maintenance.html last;
> > break;
> > }
> >
> > ## Handle all .php files, /downloader and /report
> > location ~ (\.php|/downloader/?|/report/?)$ {
> > if ($request_uri ~ /(downloader|report)$){
> > # no trailing /, redirecting
> > rewrite ^(.*)$ $1/ permanent;
> > }
> >
> > fastcgi_index index.php;
> > include /etc/nginx/fastcgi_params;
> > fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
> >
> > if (-e $request_filename) { # check if requested path exists
> > fastcgi_pass backend;
> > }
> >
> > }
> >
> > ## Magento specific configuration
> > location / {
> > # set expire headers
> > if ($request_uri ~* "\.(ico|css|js|gif|jpe?g|png)$") {
> > expires max;
> > }
> >
> > # set fastcgi settings, not allowed in the "if" block
> > include /etc/nginx/fastcgi_params;
> > fastcgi_param SCRIPT_FILENAME $document_root/index.php;
> > fastcgi_param SCRIPT_NAME /index.php;
> > fastcgi_param HTTPS on;
> > fastcgi_read_timeout 240;
> >
> > # rewrite a file not found, pass it to the backend
> > if (!-f $request_filename) {
> > fastcgi_pass backend;
> > break;
> > }
> > }
> >
> > }[/i]
> >
> > Thank you for any help
> > Luca
>
> Try to simplify configuration and to make it more scaleable:
>
> fastcgi_read_timeout 240;
>
> location ~ (^/(app/|includes/|lib/|pkginfo/|var/|report/config.xml)|/\.svn/|/.hta.+) {
> deny all;
> }
>
> location ~ (\.php|/downloader/?|/report/?)$ {
- location ~ (\.php|/downloader/?|/report/?)$ {
+ location ~ \.php$ {
> try_files /system/maintenance.html $uri =404;
>
> fastcgi_pass backend;
> include /etc/nginx/fastcgi_params;
> fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
> fastcgi_param HTTPS on;
> }
>
> location = /downloader { rewrite ^ /downloader/ permanent; }
>
> location = /downloader/ {
> try_files /system/maintenance.html $uri/ =404;
>
> fastcgi_pass backend;
> include /etc/nginx/fastcgi_params;
> fastcgi_param SCRIPT_FILENAME $document_root/downloader/index.php;
> fastcgi_param HTTPS on;
> }
>
> location = /report { rewrite ^ /report/ permanent; }
>
> location = /report/ {
> try_files /system/maintenance.html $uri/ =404;
>
> fastcgi_pass backend;
> include /etc/nginx/fastcgi_params;
> fastcgi_param SCRIPT_FILENAME $document_root/report/index.php;
> fastcgi_param HTTPS on;
> }
>
> location ~* "\.(ico|css|js|gif|jpe?g|png)$") {
> try_files $uri @magento;
> expires max;
> }
>
> location / {
> try_files $uri $uri/ @magento;
> index index.php;
> expires max;
> }
>
> location @magento {
> fastcgi_pass backend;
> include /etc/nginx/fastcgi_params;
> fastcgi_param SCRIPT_FILENAME $document_root/index.php
> fastcgi_param HTTPS on;
> }
>
> location = /phpmyadmin { rewrite ^ /phpmyadmin/ permanent; }
>
>
> --
> Igor Sysoev
> http://sysoev.ru/en/
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://nginx.org/mailman/listinfo/nginx
--
Igor Sysoev
http://sysoev.ru/en/
More information about the nginx
mailing list