5

I currently have 3 websites on a dedicated server (running on one IP address).

For one of the sites, SSL is active on the server and phpMyAdmin runs fine. After you log in you are redirected to the correct location (https://example.tld/phpmyadmin for example)

However, for the other two sites, I do not have an SSL certificate for them and so I am using CloudFlare's Flexible Universal SSL. My issue is on logging in to phpMyAdmin (by visting https://example.tld/phpMyAdmin) phpMyAdmin redirects to port 80 e.g. https://example.tld:80/phpMyAdmin and since the SSL no longer is secure (as Apache starts serving unencrypted data), the browser displays an error message saying the connection is not secure.

Any ideas as to how to stop phpMyAdmin redirecting to port 80?

dwilson390
  • 71
  • 2
  • 8
  • I'm unsure who down-voted this and more particularly, why. I can't see any issues with the question, if someone could tell me what is wrong with it, I will edit gladly. – dwilson390 Aug 19 '15 at 19:22
  • Have you tried using `$cfg['ForceSSL'] = true;` or `$cfg['PmaAbsoluteUri'] = 'https://example.tld/phpMyAdmin';` individually or together? What phpMyAdmin version do you have? – ibennetch Sep 01 '15 at 13:41
  • Just tried it. It seems that forcing the SSL stops you from logging in, after clicking 'Go' you are returned to the login screen, effectively, the page just reloads. The issue with using the Absolute URI is, I run multiple sites of this server and so, multiple sites use PHPMyAdmin. – dwilson390 Sep 02 '15 at 17:12
  • Another solution would be setting CloudFlare to "Full". It will connect via port 443 to your server, but won't validate the certificate. Unless you can't use port 443, something who stumbles upon this might consider. :) – ArendE Apr 19 '19 at 23:43

1 Answers1

6

I found a solution that worked for me :D

In phpmyadmin/libraries/Config.class.php Find the following code:

 if (! empty($url['port'])
                && (($url['scheme'] == 'http' && $url['port'] != 80)
                || ($url['scheme'] == 'https' && $url['port'] != 80)
                || ($url['scheme'] == 'https' && $url['port'] != 443)

            )) {
                $pma_absolute_uri .= ':' . $url['port'];
            }

and remove the last OR condition:

 if (! empty($url['port'])
                && (($url['scheme'] == 'http' && $url['port'] != 80)
                || ($url['scheme'] == 'https' && $url['port'] != 80)
                //|| ($url['scheme'] == 'https' && $url['port'] != 443)

            )) {
                $pma_absolute_uri .= ':' . $url['port'];
            }
Oskenso Kashi
  • 161
  • 1
  • 3
  • 2
    This feels like a hack but can confirm it still works on latest phpmyadmin version. – Max Jul 23 '16 at 22:03