You want to use PHPMyAdmin. You want to force HTTPS so you don’t send plain-text MySQL credentials over the wire/air. You start fiddling with
mod_rewrite and troubleshooting your Apache’s myriad of virtual hosts and included config files. There’s a better way!
In /etc/phpMyAdmin/config.inc.php, add this to the bottom:
$cfg['ForceSSL'] = true;
mod_rewrite and all, but when you have overlapping virtual hosts, different web servers (nginx is hawt), etc, sometimes it is confusing to do such a “simple” thing like redirect requests for
/phpmyadmin to HTTPS. This will work no matter what. 🙂
2 thoughts on “Force PHPMyAdmin to use HTTPS”
Good little trick. Even better is to not use PHPMyAdmin. There are many high quality MySQL GUIs and CLIs that run from the user’s workstation and then you can force the traffic over SSL: http://dev.mysql.com/doc/refman/5.6/en/configuring-for-ssl.html
Good point! In other news, a developer just asked me for SSH access to the MySQL server. *facepalm*.
Comments are closed.