Thursday, January 13, 2022

[FIXED] phpmyadmin 500 Internal Server Error after enabling authentication gateway

      ,      No comments   

Issue

I'm running it on NGINX server, it worked fine untill I enabled authentication gateway. I generated encrypted passsword using openssl passwd and added /etc/nginx/pma_pass file with user: encryptedPassword line. Also I added location block inside server block in /etc/nginx/sites-available/default. It looks like this

location /urlpath { 
    auth_basic "Admin Login";
    auth_basic_user_file /etc/nginx/pma_pass;
}

I get authentication prompt followed by 500 no matter what I put in it. What could be the problem here ?

Here's my entire server block:

server {
        root /var/www/html;

        index index.php index.html index.htm index.nginx-debian.html;

        server_name www.domain domain ipaddress;

        location ^~ /urlpath {
                auth_basic "Admin Login";
                auth_basic_user_file /etc/nginx/pma_pass;
                try_files $uri $uri/ =404;
                location ~ \.php$ {
                       include snippets/fastcgi-php.conf;
                       fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
                }
        }

  
        location / {
                try_files $uri $uri/ =404;
        }

        location ~ \.php$ {
                include snippets/fastcgi-php.conf;
                fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
        }

        location ~ /\.ht {
                deny all;
        }

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/path; 
    ssl_certificate_key /etc/letsencrypt/path; 
    include /etc/letsencrypt/path; 
    ssl_dhparam /etc/letsencrypt/path; 

}

/var/log/nginx/error.log last entry

2020/07/04 10:57:44 [crit] 18699#18699: *530 crypt_r() failed (22: Invalid argument), client: 82.208.215.144, server: www.whatevs.info, request: "GET /path_phpadmin_is_located_at/ HTTP/1.1", host: "domain"

Solution

Summing up all the discussion in the comments, the solution is

  • such a protected location should have its own nested PHP handler and use ^~ location modifier (to aviod the requests like /urlpath/index.php to be captured by location ~ \.php$ { ... } location below):

    location ^~ /urlpath {
    auth_basic "Admin Login";
    auth_basic_user_file /etc/nginx/pma_pass;
    try_files $uri $uri/ =404;
    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
    }
}

  • password file should contain the lines in form of <user_name>:<hashed_password> and should not contain any extra spaces within such a line.



Answered By - Ivan Shatsky

0 Comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Total Pageviews

Featured Post

Why Learn PHP Programming

Why Learn PHP Programming A widely-used open source scripting language PHP is one of the most popular programming languages in the world. It...