location = /pma { rewrite ^ /pma/ permanent; }
location /pma/ {
location /pma/(..php)$ {
set $script_filename /usr/share/phpmyadmin/$1;
# testing file existence for security.
# sadly in this case we can’t use try_files since we’re testing
against actual file on disk
# while try_files tries against uri
if (!-f $script_filename) { return 404; }
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $script_filename;
fastcgi_param HTTPS $fastcgi_https;
fastcgi_pass backend;
}
location ~ ^/pma(|/.)$ {
alias /usr/share/phpmyadmin/$1;
index index.php;
}
}
----- Original Message -----
From: “maxxer” [email protected]
To: [email protected]
Sent: Friday, February 03, 2012 11:01 AM
Subject: running phpmyadmin on non-standard dir
thanks Falko, I’m usually a great fan of your howtos, but I with to
serve phpmyadmin on the url /pma instead of /phpmyadmin, and I wasn’t
able to tweak the config to do this…
Edho thanks, but your config makes the /pma url redirect to /phpmyadmin,
and download the source of index.php.
If you are inexperienced, do not run phpmyadmin publically as
/phpmyadmin or you will fall behind a security update to find your
system compromised (and now the new member in the botnet!) I used to
hunt botnets for awhile and PhpMyAdmin was a common way to get in
If you are inexperienced, do not run phpmyadmin publically as
/phpmyadmin or you will fall behind a security update to find your
system compromised (and now the new member in the botnet!) I used to
hunt botnets for awhile and PhpMyAdmin was a common way to get in
Yep. There’s a FD post by the Gentoo security team that exposes what
an utter complete wreck security wise phpmyadmin is: