michaelsanford
Translator, Web Developer
At the time of this writing, phpMyAdmin (2.6.0) requires that you set $cfg['PmaAbsoluteUri'] to the absolute URL of your phpMyAdmin installation. PMA then uses this variable to prefix all its links to form absoute links. I'm not entirely sure why it does this since it only links to files within the PMA folder, so relative links should be fine. That is nonetheless the situation.
However, setting $cfg['PmaAbsoluteUri'] will break PMA if you try to use it remotely through an SSH tunnel. Or, more precisely, it will redirect you to something either insecure or inaccessible. I've just come up with a very simple fix for this.
Please note that this hack assumes your server does not have HTTP SSL capabilities. If it does, you're best to simply replace the PmaAbsoluteUri string with whatever the string for your https server is.
Setp 1 - Edit config.inc.php
Comment out the line:
$cfg['PmaAbsoluteUri'] = "http://myhost.com/path_to_pma/";
and replace it with :
$cfg['PmaAbsoluteUri'] = 'http://' . $_SERVER['HTTP_HOST'] . '/path_to_pma/';
This makes PHP look at the Apache environment variables to determine where you're connecting to.
So, if you connected locally it would replace the host with localhost (or your server name) and if you connected with http://localhost:10080/ to profit from a secure tunnel it would replace the host with localhost:10080 automatically.
This will preserve your SSH tunnel address.
Step 2 - Make an SSH Tunnel
shell> ssh -L 10080:LAN-address-of-your-computer:80 username@myhost.com
Read my article on SSH Tunneling for Mac Users for details.
Step 3 - Use the tunnel
In your browser open http://localhost:10080/path_to_pma/ and voilà, all your data to and from phpMyAdmin is encrypted.
Important note - This hack is not (as far as I know) endorsed by the phpMyAdmin developers.
Call for audits - I would appreciate any and all security comments related to this hack. No (simple or easily exploited) security holes come immediately to mind but if there are any I would like to know and ammend my instructions.
However, setting $cfg['PmaAbsoluteUri'] will break PMA if you try to use it remotely through an SSH tunnel. Or, more precisely, it will redirect you to something either insecure or inaccessible. I've just come up with a very simple fix for this.
Please note that this hack assumes your server does not have HTTP SSL capabilities. If it does, you're best to simply replace the PmaAbsoluteUri string with whatever the string for your https server is.
Setp 1 - Edit config.inc.php
Comment out the line:
$cfg['PmaAbsoluteUri'] = "http://myhost.com/path_to_pma/";
and replace it with :
$cfg['PmaAbsoluteUri'] = 'http://' . $_SERVER['HTTP_HOST'] . '/path_to_pma/';
This makes PHP look at the Apache environment variables to determine where you're connecting to.
So, if you connected locally it would replace the host with localhost (or your server name) and if you connected with http://localhost:10080/ to profit from a secure tunnel it would replace the host with localhost:10080 automatically.
This will preserve your SSH tunnel address.
Step 2 - Make an SSH Tunnel
shell> ssh -L 10080:LAN-address-of-your-computer:80 username@myhost.com
Read my article on SSH Tunneling for Mac Users for details.
Step 3 - Use the tunnel
In your browser open http://localhost:10080/path_to_pma/ and voilà, all your data to and from phpMyAdmin is encrypted.
Important note - This hack is not (as far as I know) endorsed by the phpMyAdmin developers.
Call for audits - I would appreciate any and all security comments related to this hack. No (simple or easily exploited) security holes come immediately to mind but if there are any I would like to know and ammend my instructions.