phpMyAdmin + SSL + nginx + apache2
Nginx будет отвечать за SSL и статику:
server { set $www_root "/home/pma.example.com/www/htdocs"; server_name pma.example.com; listen pma.example.com:443; ssl on; ssl_certificate /home/pma.example.com/cert.pem; ssl_certificate_key /home/pma.example.com/privatekey.pem; #ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem; #ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key; ssl_session_cache shared:SSL:10m; location /scripts { internal; } location /libraries { internal; } location ~ /\.(ht|svn|git) { internal; } location ~* \.php$ { proxy_pass http://apache; } location / { expires 60d; root $www_root; if (!-f $request_filename) { proxy_pass http://apache; } } }
Апач отвечает только за PHP:
ServerName pma.example.com ServerAdmin webmaster@example.com DocumentRoot /home/pma.example.com/www/htdocs/ Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all LogLevel warn ErrorLog /home/pma.example.com/www/logs/error.log CustomLog /home/pma.example.com/www/logs/access.log combined AssignUserID pma.example.com pma.example.com MaxClientsVHost 10 SetEnv HTTPS on php_admin_value post_max_size "8M" php_admin_value upload_max_filesize "8M" php_admin_value session.gc_maxlifetime "14400" Дополнительно в /etc/apache2/ports.conf заменим:
Listen 80 на
Listen localhost:80 phpMyAdmin настраиваем по инструкции, cертификаты получаем в CAcert.org
server { set $www_root "/home/pma.example.com/www/htdocs"; server_name pma.example.com; listen pma.example.com:443; ssl on; ssl_certificate /home/pma.example.com/cert.pem; ssl_certificate_key /home/pma.example.com/privatekey.pem; #ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem; #ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key; ssl_session_cache shared:SSL:10m; location /scripts { internal; } location /libraries { internal; } location ~ /\.(ht|svn|git) { internal; } location ~* \.php$ { proxy_pass http://apache; } location / { expires 60d; root $www_root; if (!-f $request_filename) { proxy_pass http://apache; } } }
Апач отвечает только за PHP:
ServerName pma.example.com ServerAdmin webmaster@example.com DocumentRoot /home/pma.example.com/www/htdocs/ Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all LogLevel warn ErrorLog /home/pma.example.com/www/logs/error.log CustomLog /home/pma.example.com/www/logs/access.log combined AssignUserID pma.example.com pma.example.com MaxClientsVHost 10 SetEnv HTTPS on php_admin_value post_max_size "8M" php_admin_value upload_max_filesize "8M" php_admin_value session.gc_maxlifetime "14400" Дополнительно в /etc/apache2/ports.conf заменим:
Listen 80 на
Listen localhost:80 phpMyAdmin настраиваем по инструкции, cертификаты получаем в CAcert.org