Setting up phppgadmin under https/ssl (Apache)

samslists@gmail.com wrote:

Hi...

This is as much an apache question as anything else, but I think it's
appropriate here.

I've been using phppgadmin on my local machine. Now I've installed it
on a remote server running Ubuntu lts 8.04.

I figured I'd try and put it under ssl/https under Apache (mod_ssl).
I've created a test certificate, but I'm having trouble figuring out
exactly how to get phppgadmin working under SSL. Can someone step me
through the process?

First, make sure your SSL virtual server is working correctly for
serving simple static pages.

On Ubuntu, Debian, and other Debian derivatives the apache config is
structured like:

apache2/
mods_available/
alias.load
....
mods_enabled
alias.load -> ../mods_available/alias.load
...
sites_available/
default
sites_enabled/
default -> ../sites_available/default

If you copy sites_available/default to sites_available/ssl and then edit
it to add the appropriate directives to enable SSL, specify your
cert/key paths, etc. See:

http://httpd.apache.org/docs/2.0/mod/mod_ssl.html

If you already have access to phppgadmin in your default HTTP virtual
server, it should now work in your HTTPs virtual server as well. If not,
you'll have to add an appropriate Alias directive to map the phppgadmin
directory into the server's virtual tree. You may also need to enable
the PHP modules by symlinking them from modules-available to
modules-enabled.

Note that if you want your SSL and non-SSL servers to provide exactly
the same content you should use an include file to pull in most of the
body of the <NameVirtualHost> directive in each file.

You might want to direct further questions to somewhere like:
http://www.linuxquestions.org/

--
Craig Ringer

Wow...so does no one use phppgadmin on servers that they are connected
to via the internet? Or if you do, how do you go about securing it so
that no one snoops your password?

Thanks

On May 16, 12:34 am, "samsli...@gmail.com" <samsli...@gmail.com>
wrote:

On Sun, 2008-05-18 at 23:33 -0700, samslists@gmail.com wrote:

Wow...so does no one use phppgadmin on servers that they are connected
to via the internet? Or if you do, how do you go about securing it so
that no one snoops your password?

Thanks

On May 16, 12:34 am, "samsli...@gmail.com" <samsli...@gmail.com>
wrote:

Hi...

This is as much an apache question as anything else, but I think it's
appropriate here.

I've been using phppgadmin on my local machine. Now I've installed it
on a remote server running Ubuntu lts 8.04.

I figured I'd try and put it under ssl/https under Apache (mod_ssl).
I've created a test certificate, but I'm having trouble figuring out
exactly how to get phppgadmin working under SSL. Can someone step me
through the process?

----
I wouldn't recommend making phppgadmin available from the Internet in
any form but...

<Directory "/var/www/html/phpldapadmin">
SSLRequireSSL
</Directory>

would require SSL to access...adjust paths to suit.

I also would require user authentication to access the path (I use
mod_authz_ldap) so that the user accessing it is logged and of course,
then the security aspects of postgres would then apply too.

Craig

I can't imagine you have to do much of anything to it. Once apache is
set up to handle https:// requests, the rest should just happen.

On Mon, May 19, 2008 at 12:33 AM, samslists@gmail.com
<samslists@gmail.com> wrote: