Nginx with phpmyadmin wrong redirect after login

You can do as simple as editing phpmyadmin config file without overheading NGINX

• Open config.inc.php filesudo nano /etc/phpmyadmin/config.inc.php

• Add the following code to it

  $cfg['PmaAbsoluteUri'] = $_SERVER[HTTP_HOST].dirname($_SERVER[SCRIPT_NAME]);

• Done

Credits : xaz0r

I have actually been through so many solutions on StackOverflow today and sadly none of which work and some even given some horrid recommendations. What's scary is how many I came across that were marked as answers.

I just did a brand new Ubuntu 16.04 LEMP server, everything cleanly installed this morning Nginx, mySQL, PHP7.0 and PhpMyAdmin.

This problem of redirecting to

h**p://my.server.ip/

after logging into phpymadmin instead of

h**p://my.server.ip/phpmyadmin

is nothing actually to do with the cgi.fix_pathinfo being set to 0 as recommended by all those guides you read. Read up a little more on why it should be set to 0 in your php.ini file and don't just go and disable it as above.

So in other words leave (as recommended to you) cgi.fix_pathinfo = 0 in your config file for PHP.

THE FIX from this web site (the only one with the correct answer) is to add the following to your /etc/nginx/sites-available/default configuration file. Then restart Nginx ... works immediately, no more re-directing back to root after login.

# Phpmyadmin Configurations    location /phpmyadmin {       root /usr/share/;       index index.php index.html index.htm;       location ~ ^/phpmyadmin/(.+\.php)$ {               try_files $uri =404;               root /usr/share/;               fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;               fastcgi_index index.php;               fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;               include fastcgi_params;       }       location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {               root /usr/share/;       }   }   location /phpMyAdmin {       rewrite ^/* /phpmyadmin last;   }

Changing cgi.fix_pathinfo back to 1 fixed the issue for me as well. However, I'm not certain that this is a good solution since guides tell:

"This is an extremely insecure setting because it tells PHP to attempt to execute the closest file it can find if the requested PHP file cannot be found. This basically would allow users to craft PHP requests in a way that would allow them to execute scripts that they shouldn't be allowed to execute."

So it seems there should be a better fix to this so I wouldn't have to compromise on security.

The first post in this topic doesn't work for me. It just disables phpmyadmin... So at the moment I'm left only with cgi.fix_pathinfo workaround.