Howto setup basic authentication for i-MSCP PhpMyAdmin instance?

  • Hi I would like to ask it,how the phpmyadmin may be to a part htacces to add entry to it.

    I put it into this portfolio a htacces file:


    /var/www/imscp/gui/public/tools/pma/


    AuthType Basic

    AuthName "Admin Panel"

    AuthUserFile /var/www/imscp/gui/.htpasswd

    require valid-user



    And password file:


    /var/www/imscp/gui/.htpasswd


    geargelab234IUW:$apr1$NjTDRAGk$ZgIwHK7mKxFPX8d4tmrzc.


    But gets together in no way that let the htacces appear...



    i-MSCP 1.5.3

    Build: 20180516


    :-/

  • Hi,

    /var/www/imscp/gui/ path is served by Nginx, not Apache. Nginx' HTTP Auth is working a little different, there are no .htaccess/.htpasswd files


    But another question, why do do that? PhpMyAdmin is installed by i-MSCP and has Cookie Auth agains SQL Users in the DB

  • Hi,

    /var/www/imscp/gui/ path is served by Nginx, not Apache. Nginx' HTTP Auth is working a little different, there are no .htaccess/.htpasswd files


    But another question, why do do that? PhpMyAdmin is installed by i-MSCP and has Cookie Auth agains SQL Users in the DB


    Apache is the serveren ubuntu 16.04 I would like to make it drawn safer one the servert.

    The phpmyadmin entry I want it to protect.

    Edited once, last by Tudatlan ().

  • Good evening,


    PhpMyAdmin is run through NGINX (as the control panel), not through Apache2... Before starting to play, I would recommend you to learn a bit ;)


    Regarding your question, Nginx suport .htpasswd fil, (basic authentication in fact...) but not the .htaccess files... Therefore, the procedure, should be as follows:

    1. Create the htpasswd file: htpasswd -c /var/www/imscp/gui/data/persistent/.htpasswd <user>
    2. Edit the /etc/nginx/imscp_pma.conf file and then replace the following configuration stanza:
    Code
    1. location ^~ /pma/ {
    2. root /var/www/imscp/gui/public/tools;
    3. location ~ \.php$ {
    4. include imscp_fastcgi.conf;
    5. }
    6. }

    by:

    Code
    1. location ^~ /pma/ {
    2. root /var/www/imscp/gui/public/tools;
    3. auth_basic "PMA Authentication";
    4. auth_basic_user_file /var/www/imscp/gui/data/persistent/.htpasswd;
    5. location ~ \.php$ {
    6. include imscp_fastcgi.conf;
    7. }
    8. }


    Once done, reload the Nginx instance (service nginx reload), and try to access your PMA instance. If all goes well, you should be asked for auth data.


    Note that changes made in the /etc/nginx/imscp_pma.conf will not be persistent, meaning that if you update i-MSCP or trigger a full reconfiguration, changes will be lost. Best would be to inject those changes using an i-MSCP listener file. Regarding the .htpasswd file, you can see that I store it under the /var/www/imscp/gui/data/persistent directory. This effectively make it persistent.

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

  • But according to me whatever which one are apache you are nginx has to go without a panel then I got it over with once to save the phpmyadmin part

  • Hi,

    /var/www/imscp/gui/ path is served by Nginx, not Apache. Nginx' HTTP Auth is working a little different, there are no .htaccess/.htpasswd files


    But another question, why do do that? PhpMyAdmin is installed by i-MSCP and has Cookie Auth agains SQL Users in the DB

    You're right for the .htaccess files but wrong for the .htpasswd file (auth feature in fact) ;) He want double protect PMA access to prevent running PMA itself (PHP) in case there is security hole in PMA auth layer...

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

  • But according to me whatever which one are apache you are nginx has to go without a panel then I got it over with once to save the phpmyadmin part

    Read my previous answer, I given you the full solution.

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

  • Nuxwin

    Changed the title of the thread from “Imscp PMA (PHPMYADMIN) .htacces login create.” to “Howto setup basic authentication for i-MSCP PhpMyAdmin instance?”.
  • so then apache not possible?

    I do not see otherwise conf like this file it apache in a portfolio:

    imscp_pma.conf

  • Nuxwin

    Added the Label question (answered)
  • so then apache not possible?

    I do not see otherwise conf like this file it apache in a portfolio:

    imscp_pma.conf

    Are you stupid? We already said you that the control panel and all its tools (including PMA) are not run through Apache. They are run through Nginx.

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

  • so then apache not possible?

    I do not see otherwise conf like this file it apache in a portfolio:

    imscp_pma.conf

    PMA does not work on apache, so you can not assume the ability to configure anything related to PMA basing on Apache.

    The only option to configure PMA password in i-MSCP installation has been presented to you above.

    Another option is to run PMA by itself on any address (eg subdomain), but then it is an instance independent of i-MSCP. You can secure it by apache password or whatever you want.