Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Secure adminer nginx setup
# Secure adminer setup
# Author Taras Kozlov
# download adminer to separate directory
mkdir -p /var/www/admin
cd /var/www/admin
wget http://www.adminer.org/latest.php -O adminer.php
echo '<?php phpinfo(); >' > info.php
sudo -i
# Generate self-signed certificate
mkdir -p /etc/nginx/ssl
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/admin.key -out /etc/nginx/ssl/admin.crt
# Generate htpasswd
apt-get install apache2-utils
mkdir -p /etc/nginx/.htpasswd
htpasswd -c /etc/nginx/.htpasswd/admin admin
# setup site to this directorty
# example site http://admin.example.com
nano /etc/nginx/sites-available/admin
server {
listen 80;
server_name admin.example.com;
return 301 https://$server_name$request_uri;
}
server {
server_name admin.example.com;
listen 443 ssl;
access_log /var/log/nginx/admin.access.log;
error_log /var/log/nginx/admin.error.log;
ssl_certificate /etc/nginx/ssl/admin.crt;
ssl_certificate_key /etc/nginx/ssl/admin.key;
root /var/www/admin;
index index.php;
# Get file here https://codex.wordpress.org/Nginx
include global/restrictions.conf;
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/.htpasswd/admin;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass php;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
# enabling this site
cd /etc/nginx/sites-enabled
ln -s ../sites-available/admin admin
service nginx reload
@GerBreOwn
Copy link

GerBreOwn commented May 3, 2018

Just followed this post and when I browse "localhost/adminer" I get a 404 error. What have I missed, as I thought I went through all steps.
Thanks

@ezriharmusial
Copy link

ezriharmusial commented Jul 18, 2018

The index file this Config file is refering to is named adminer.php not index.php. So either Change the /var/www/admin/adminer.php to /var/www/admin/index.php or replace the index.php notations in the config file to adminer.php and it will work.

@larrynalzaro
Copy link

larrynalzaro commented Feb 26, 2021

Dang ... it works like a dream.

@LucioSaldivar
Copy link

LucioSaldivar commented Apr 3, 2021

This keeps failing for me. Is there any way to share a screen shot of the server block?

@larrynalzaro
Copy link

larrynalzaro commented Apr 3, 2021

This keeps failing for me. Is there any way to share a screen shot of the server block?

Failing? Here's a screenshot:

scr

@LucioSaldivar
Copy link

LucioSaldivar commented Apr 3, 2021

where did you put the first Serve{}?? the one with the listen 80 and the return?

@larrynalzaro
Copy link

larrynalzaro commented Apr 4, 2021

right above it ... here:

scr2

If you followed the setup described above there's no way it wouldn't work.

@iftekharriyad
Copy link

iftekharriyad commented Oct 29, 2021

Since nano /etc/nginx/sites-available/admin creates a directiory named admin in which file do I have to write the code below:

server {
    listen         80;
    server_name    admin.example.com;
    return         301 https://$server_name$request_uri;
}

server {
    server_name	   admin.example.com;
    listen	       443 ssl;
    access_log     /var/log/nginx/admin.access.log;
    error_log      /var/log/nginx/admin.error.log;

    ssl_certificate /etc/nginx/ssl/admin.crt;
    ssl_certificate_key /etc/nginx/ssl/admin.key;

    root           /var/www/admin;
    index          index.php;

    # Get file here https://codex.wordpress.org/Nginx
    include        global/restrictions.conf;

    auth_basic "Restricted";
    auth_basic_user_file /etc/nginx/.htpasswd/admin;

    location / {
        try_files $uri $uri/ =404;
    }

    location ~ \.php$ {
    	try_files $uri =404;
    	fastcgi_split_path_info ^(.+\.php)(/.+)$;
    	fastcgi_pass php;
    	fastcgi_index index.php;
    	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    	include fastcgi_params;
    }
}

@iftekharriyad
Copy link

iftekharriyad commented Oct 29, 2021

Since nano /etc/nginx/sites-available/admin creates a directiory named admin in which file do I have to write the code below:

server {
    listen         80;
    server_name    admin.example.com;
    return         301 https://$server_name$request_uri;
}

server {
    server_name	   admin.example.com;
    listen	       443 ssl;
    access_log     /var/log/nginx/admin.access.log;
    error_log      /var/log/nginx/admin.error.log;

    ssl_certificate /etc/nginx/ssl/admin.crt;
    ssl_certificate_key /etc/nginx/ssl/admin.key;

    root           /var/www/admin;
    index          index.php;

    # Get file here https://codex.wordpress.org/Nginx
    include        global/restrictions.conf;

    auth_basic "Restricted";
    auth_basic_user_file /etc/nginx/.htpasswd/admin;

    location / {
        try_files $uri $uri/ =404;
    }

    location ~ \.php$ {
    	try_files $uri =404;
    	fastcgi_split_path_info ^(.+\.php)(/.+)$;
    	fastcgi_pass php;
    	fastcgi_index index.php;
    	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    	include fastcgi_params;
    }
}

I have put this code to nginx.conf and followed everything mentioned and nginx is running but getting 404 error.
And localhost/adminer is redirecting to https://admin.example.com/adminer.

@larrynalzaro
Copy link

larrynalzaro commented Oct 29, 2021

You got it wrong. It's not supposed to be a directory; it's a file and that's what its contents are supposed to be.

@iftekharriyad
Copy link

iftekharriyad commented Oct 29, 2021

It's supposed to be a file inside the /etc/nginx/sites-available/admin directory?
If so, what is the name of the file?

@larrynalzaro
Copy link

larrynalzaro commented Oct 29, 2021

Noooo. It's just a file under /etc/nginx/sites-available.

@iftekharriyad
Copy link

iftekharriyad commented Oct 29, 2021

Okay. let me try with this. By the way, I have also changed the nginx.conf should I also undo the changes?

@iftekharriyad
Copy link

iftekharriyad commented Oct 29, 2021

Noooo. It's just a file under /etc/nginx/sites-available.

So, I can give the file name whatever I want to?
What extension the file need to have?

@larrynalzaro
Copy link

larrynalzaro commented Oct 29, 2021

You can give it any name you want. No extension.

@iftekharriyad
Copy link

iftekharriyad commented Oct 30, 2021

Note: I am trying to set up adminer in my local machine.
@larrynalzaro Made the changes and nginx is running fine but still getting 404 error and redirected to https://admin.example.com/adminer:
image

@larrynalzaro
Copy link

larrynalzaro commented Oct 30, 2021

Dude,

You're not getting it. Read the author's original post at the top of this thread. It's meant to be an example; you're supposed to modify it to conform to your needs. It's the same thing with the server block definition I posted: it's an example. You have to modify it according to your specific requirements.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment