在Nginx或者Apache环境下启用TLS/SSL访问phpMyAdmin

发布于 2020-03-06  24 次阅读

原文链接

https://www.bt.cn/bbs/forum.php?mod=viewthread&tid=16665
https://www.bt.cn/bbs/forum.php?mod=viewthread&tid=12369

转存完善

Nginx:
打开Nginx配置文件
找到改为如下

server
    {
        listen 888 ssl; #此处添加ssl
        server_name phpmyadmin;
        index index.html index.htm index.php;
        root  /www/server/phpmyadmin;

        #error_page   404   /404.html;
        include enable-php.conf;

      ssl_certificate    /www/server/panel/ssl/certificate.pem; #替换为证书路径
      ssl_certificate_key    /www/server/panel/ssl/privateKey.pem; #替换为密钥路径
      ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
      ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
      ssl_prefer_server_ciphers on;
      ssl_session_cache shared:SSL:10m;
      ssl_session_timeout 10m;
      error_page 497  https://$host$request_uri;

Apache:
打开并且编辑 /www/server/apache/conf/extra/httpd-vhosts.conf
添加如下内容

SSLEngine On
SSLCertificateFile /www/server/panel/ssl/certificate.pem #替换为证书路径
SSLCertificateKeyFile /www/server/panel/ssl/privateKey.pem #替换为密钥路径
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
SSLProtocol All -SSLv2 -SSLv3
SSLHonorCipherOrder On

注意是在listen 888 (监听888)端口添加

如果使用宝塔,在以上设置完成后打开宝塔phpMyAdmin设置开启SSL访问

信任是利益的武器,捅伤别人,保护自己