I have VPS with several sites and applications, and I want to run MySQL administration tool over https to avoid possibility of man-in-the-middle attack, since I often have to use mysql root password.
Now, it would not be problem at all if I had domain name specially for that purpose, since it's no problem to set up ssl virtual host. My task is to make only one (sub)folder of default virtual host https-forced.
Let's say I have /var/www with vhosts folder and everything below. If i type http://{ip-adress-of-vps} i get file that serves as index for /var/www which is default host. I want to create phpmyadmin dir below /var/www (/var/www/phpmyadmin) and to access it via https only when calling http://{ip-adress-of-vps}/phpmyadmin.
Is that possible? How to do that? If not possible, what's your best practice?
Thanks in advance.
It is not possible in apache. The SSLEngine is enabled per virtual host.
What you need to do is create an additional virtual host, and create a specific directory block for the directory you want to work like this. Deny all access to it. Then, use mod_rewrite to redirect users to the HTTPS URL when they query that part of the site with HTTP.
A better solution is to use a separate domain name for your secure content.