![]() ![]() Important: Please note that it is only saying that the connection is not secure because we are using a self-signed certificate. Next, launch your web browser and type (learn how to change PhpMyAdmin login URL) as shown below. Save changes, load the SSL Apache module on Debian/Ubuntu distributions (in CentOS this is loaded automatically when you installed mod_ssl earlier): # a2enmod sslįorce phpmyadmin to use SSL, make sure the following line is present in /etc/phpmyadmin/ or /etc/phpMyAdmin/ file: $cfg = true Īnd restart the web server: # systemctl restart apache2 SSLCertificateKeyFile /etc/httpd/ssl/apache.key SSLCertificateFile /etc/httpd/ssl/apache.crt In CentOS based distributions, tell Apache to listen on port 443 and look for the Listen directive in /etc/httpd/conf/nf and add the above lines below it. SSLCertificateKeyFile /etc/apache2/ssl/apache.key SSLCertificateFile /etc/apache2/ssl/apache.crt In Debian/Ubuntu, make sure that Apache is listening on port 443 for the default site ( /etc/apache2/sites-available/nf) and add the 3 SSL-related lines inside the VirtualHost declaration: SSLEngine on ![]() Organizational Unit Name (eg, section) : TecMintĬommon Name (eg, your name or your server's hostname) : TecMint Organization Name (eg, company) : TecMint State or Province Name (full name) : Maharashtra If you enter '.', the field will be left blank. There are quite a few fields but you can leave some blankįor some fields there will be a default value, What you are about to enter is what is called a Distinguished Name or a DN. You are about to be asked to enter information that will be incorporated Writing new private key to '/etc/httpd/ssl/apache.key' # openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/httpd/ssl/apache.key -out /etc/httpd/ssl/apache.crt # openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt # mkdir /etc/httpd/ssl Ĭreate the key and certificate: - On Debian/Ubuntu based systems. # yum install mod_sslĪlthough we will use the Debian/Ubuntu path and names, the same procedure is valid for CentOS and RHEL if you replace the commands and paths below with the CentOS equivalents.Ĭreate a directory to store the key and certificate: # mkdir /etc/apache2/ssl To do this, install mod_ssl package on CentOS based distributions. To avoid this, let’s secure the login page with a certificate. Please note that we have hidden part of the root password with a blue mark over it: Sniffing HTTP Traffic It will not take us long to realize that the username and password have been sent over the wire in plain text format, as you can see in the truncated output of tcpdump in the image below. To begin sniffing traffic, we typed the following command and pressed Enter: # tcpdump port http -l -A | egrep -i 'pass=|pwd=|log=|login=|user=|username=|pw=|passw=|passwd=|password=|pass:|user:|username:|password:|login:|pass |user ' -line-buffered -B20 See the License for the specific language governing permissions and limitations under the License.To introduce this tip, let’s sniff the HTTP traffic between a client machine and the Debian 8 server where we have made the innocent mistake to login using the database root user’s credentials in our last article at: Change and Secure Default PhpMyAdmin Login URLĪs we mentioned in the previous tip, do not attempt to do this yet if you don’t want to expose your credentials. Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. Licensed under the Apache License, Version 2.0 (the "License") you may not use this file except in compliance with the License. If you have an issue related to one of our containers, please go to its specific repository in our GitHub organization and report an issue there. If you have an issue related to one of our charts, please go to the repository and report an issue there. You can have important information about a Cloud provider: There is an updated documentation at where you can find tutorials and FAQs. If the documentation didn't help you, we strongly suggest you to check the resolved issues and the on going ones before addressing an issue. Popular applications, provided by Bitnami, ready to launch on:īefore continuing, please review our useful guides about how to configure and use your application in our documentation ![]()
0 Comments
Leave a Reply. |