Debian 12 - ispconfig 3.2.11 i have 2 questions:- 1. How to remove faulty server web04.domain from my multi server setup to then rebuild and re add later, after moving all sites to new server web05.domain. 2. web05 works, but i cannot enable or force ssl for phpmyadmin - i have: added server web05 as above following - https://www.howtoforge.com/tutorial/ispconfig-multiserver-setup-debian-ubuntu/ also ran Code: ispconfig_update.sh --force - it states i have a cert already and skipped, made by lets encrypt. I added web05.domain to sites and enabled ssl/lets encrypt and gone to redirect to rewrite http to https I have added to /var/www/web05.domain../web/.htaccess Code: RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} edited /usr/share/phpmyadmin/config.inc.php adding **Th0m improve security and also force ssl** https://forum.howtoforge.com/threads/improving-the-security-of-phpmyadmin-and-rspamd-ui.86544/ --- but not restricting the by IP address section But nothing forces http to https, but i can do https://domain/phpmyadmin and it works fine what am i missing or not doing? thanks dave
Do it at vhost level. For instance, you can use redirect to https for all web settings and conf-custom for apps.vhost (I personally do this because I can't find how to enforce https for apps.vhost other than this way. My bad if there is such config in ISPConfig for it).
Phpmyadmin has an option in it's config to force https. Code: cfg['ForceSSL'] = 'true' But keep in mind you do have to have https be setup properly at domain level as you're using http(s)://domain/phpmyadmin Without proper setup https at domain level phpmyadmin will fail when using http://domain/phpmyadmin
I have added that before and it didnt alter it. I can type http://web05.../phpmyadmin and it is not ssl I can type https://web05...../phpmyadmin and it is. i have Code: cfg['ForceSSL'] = 'true'; and sites->domain (ticked SSL + Lets encrypt ssl) Sites -> redirect (ticked) and according to the web, my other servers and the whole world it should auto go to ssl in address bar.. very odd.
phpmyadmin is not a part of the website and therefore website settings do not apply to it, ist a global alias.
Turns out this setting is deprecated as of phpMyAdmin version 4.6.0 Forcing SSL should be done through the webserver config, which will be hard to do when it's an alias.
