hello everybody, this is my first post here :-) I am running an ubuntu server with 8.04 release . I am using phpmyadmin to manage my databases - it is more confortable than the console. I am not at ease however sending my mysql root password over the internet and I would like to secure access to phpmyadmin with SSL encryption.
I am using virtualhosts but phpmyadmin is not a virtual host. It can be reached at http://IP_server_adress/phpmyadmin I have generated my own SSL certificate with sudo make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/ssl/private/localhost.pem I guess I should add the following directives somewhere SSLEngine On SSLCertificateFile /etc/ssl/private/localhost.pem But I wonder where I should add these instructions ? in /etc/phpmyadmin/apache.conf ? in a tailored made virtualhost ? here is /etc/phpmyadmin/apache.conf $ more /etc/phpmyadmin/apache.conf # phpMyAdmin default Apache configuration Alias /phpmyadmin /usr/share/phpmyadmin <Directory /usr/share/phpmyadmin> Options Indexes FollowSymLinks DirectoryIndex index.php # Authorize for setup <Files setup.php> # For Apache 1.3 and 2.0 <IfModule mod_auth.c> AuthType Basic AuthName "phpMyAdmin Setup" AuthUserFile /etc/phpmyadmin/htpasswd.setup </IfModule> # For Apache 2.2 <IfModule mod_authn_file.c> AuthType Basic AuthName "phpMyAdmin Setup" AuthUserFile /etc/phpmyadmin/htpasswd.setup </IfModule> Require valid-user </Files> <IfModule mod_php4.c> AddType application/x-httpd-php .php php_flag magic_quotes_gpc Off php_flag track_vars On php_flag register_globals Off php_value include_path . </IfModule> <IfModule mod_php5.c> AddType application/x-httpd-php .php php_flag magic_quotes_gpc Off php_flag track_vars On php_flag register_globals Off php_value include_path . </IfModule> </Directory> thanks a lot cheers etienne
