Forcing SSL with phpMyAdmin

phpMyAdmin SSL | HTTPS Certificate with phpMyAdmin

I installed yet another install of phpMyAdmin SSL, and every time I forget how to configure it to force SSL. All phpMyAdmin installs should do this (use SSL). You never want to login without SSL unless you’re on a secured network. Here’s how to get phpMyAdmin ssl to work.

2 1/2 ways to force SSL with phpMyAdmin

1) Using Apache .htaccess (this can also be put in the httpd.conf if you don’t use .htaccess files):

or with nginx:

Note: I don’t like this way but I this is a way some people do it.

2) Using phpMyAdmin’s file:

(NOTE: $cfg[‘ForceSSL’] has been removed as of phpMyAdmin 4.6) via Ken Zalewski

I prefer to use #2 because I don’t have to mess with Apache at all.

If you’re wondering what 1/2 way is to use phpMyAdmin with SSL, well, I count #1 a little bit more since it’s talking about doing it with .htaccess and/or Apache/Nginx conf.

  1. Jacob Reply

    Number 2 is the way to go. Changes are instant :) Thank you

  2. Ken Zalewski Reply

    The ForceSSL configuration directive has been removed from phpMyAdmin 4.6 (release pending). The proper way to handle SSL redirects is via the web server config.

    • The Barton Reply

      Thanks Ken. I’ve updated this blog post with your update. Although, I will miss that configuration.

  3. Matthew Browne Reply

    This was a helpful article to get started, but this didn’t work for me on Ubuntu 16 and Apache 2.4 for some reason…but this worked:

    RewriteEngine On
    RewriteCond %{HTTPS} !=on
    RewriteRule ^/?(.*) https://%{SERVER_NAME}/phpmyadmin$1 [R,L]

Leave a Reply