How to Install and Secure phpMyAdmin on Ubuntu

Jass Web

blog, SysAdmin

Introduction

phpMyAdmin is a free and open source web-based database management tool written in PHP. It is used to manage MySQL and MariaDB databases. It provides a graphical user interface to manage databases, create and modify tables, fields, and indexes, manage users and permissions, and more. Installing and securing phpMyAdmin on Ubuntu is a straightforward process. This guide will walk you through the steps of installing and securing phpMyAdmin on Ubuntu.

How to Install and Secure phpMyAdmin on Ubuntu

18.04

1. Update the system:

sudo apt update
sudo apt upgrade

2. Install phpMyAdmin:

sudo apt install phpmyadmin

3. Configure phpMyAdmin:

sudo dpkg-reconfigure phpmyadmin

4. Create a symbolic link:

sudo ln -s /usr/share/phpmyadmin /var/www/html/phpmyadmin

5. Secure phpMyAdmin:

a. Create an .htaccess file:

sudo nano /usr/share/phpmyadmin/.htaccess

b. Add the following lines to the file:

AuthType Basic
AuthName “Restricted Files”
AuthUserFile /etc/phpmyadmin/.htpasswd
Require valid-user

c. Create a .htpasswd file:

sudo htpasswd -c /etc/phpmyadmin/.htpasswd username

d. Restart Apache:

sudo systemctl restart apache2

Introduction

phpMyAdmin is a free application for managing a MySQL server.

Installing phpMyAdmin allows management of MySQL databases through a user-friendly interface, instead of entering commands into the terminal.

This guide will help you install phpMyAdmin on Ubuntu 18.04 or 20.04, with additional security features.

How to Install and Secure phpMyAdmin on Ubuntu

Prerequisites

This guide assumes you’re installing to a local system. If you need to set up encryption or security certificates for configuring a remote server, please refer to this guide on open SSL.

Note: If you’re connecting to a remote server, there’s a security risk in running phpMyAdmin over plain HTTP. A plain HTTP connection is unencrypted and can be intercepted. Also, since phpMyAdmin is a popular application, it’s a common vector for attacks.

Installing phpMyAdmin on Ubuntu

Step 1: Add and Update Software Repositories

Some Ubuntu 18.04 installations are not configured with the software repositories for phpMyAdmin.

To add them, open a terminal window and enter the following command:

sudo add-apt-repository universe

If the repository is already enabled, skip to the next step. If not, the system asks for your password – enter it, then make sure the process completes successfully. Once completed, refresh the software lists by entering the following commands:

sudo apt-get update && sudo apt-get upgrade

Allow the operation to finish.

Step 2: Install phpMyAdmin

To install phpMyAdmin, enter the command:

sudo apt-get install phpmyadmin

The system asks for confirmation – press Y then Enter, and the system downloads and installs the phpMyAdmin software package.

Step 3: Configure phpMyAdmin on Ubuntu

Shortly the installation starts, the installer prompts to choose the web server to automatically configure.

Select apache2 (use spacebar to choose), press Tab to navigate to <ok> and hit Enter.

package confirmation of apache2

Next, the installer will notes that phpMyAdmin needs a database installed and configured before starting use. Select <Yes> and hit Enter.

configuring phpmyadmin2

Note: If you’re an advanced user, you can manually configure the database, but doing so is outside the scope of this guide. Find more information on dbconfig-common on Debian’s official site.

Shortly after, the installer asks to provide a password. The program creates a default user named “phpMyAdmin” and the password you type here works as an administrator password for this user.

Type a strong password and hit Enter, then confirm the password and hit Enter again.

Leaving the password field blank causes the system to generate a random password.

configuring phpmyadmin3

Step 4: Enable the mbstring Extension

Mbstring is an extension for PHP. It helps email and .pdf files to work correctly, but it’s not enabled by default.

Enter the following in your terminal to enable mbstring:

sudo phpenmod mbstring

Press Enter and allow the process to finish.

Restart the Apache service to refresh the changes by entering the following in a terminal:

sudo systemctl restart apache2

Step 5: Create a New MySQL Administrator Account

By default, MySQL 5.7 and later in Ubuntu, authenticate a root user using auth_socket. This compares the socket username against the name specified in the MySQL user table and is a tightly-secured authentication method. However, this makes using phpMyAdmin difficult.

It is possible to change the authentication type. However, a simpler method to avoid auth_socket is to create a new administrator account for MySQL.

Log in to the MySQL server as follows:

sudo mysql

This changes terminal prompt to show mysql>, indicating that you’re logged into the MySQL shell.

Enter the following commands, replacing UserName with a username of your choice, and PassWord with a strong password of your choice:

CREATE USER 'UserName'@'localhost' IDENTIFIED BY 'PassWord';
GRANT ALL PRIVILEGES ON *.* TO 'UserName'@'localhost' WITH GRANT OPTION;

Once the operation completes, exit the MySQL shell by entering:

exit

Step 6: Test phpMyAdmin

Open up a browser window and enter localhost, your server’s IP address or domain name, followed by /phpMyAdmin:

localhost/phpMyAdmin
192.168.0.1/phpMyAdmin
www.domain.com/phpMyAdmin

The browser displays a screen welcoming you to phpMyAdmin, with a login field. Enter the username and password you created. The browser loads the phpMyAdmin dashboard.

Secure phpMyAdmin on Ubuntu

Being easy to use – and free – makes phpMyAdmin a target for hackers. Follow these steps to use Apache’s built-in features to restrict access and secure phpMyAdmin directories.

Enable .htaccess

In a terminal window, enter the following command to edit the phpmyadmin.conf file:

sudo nano /etc/apache2/conf-available/phpmyadmin.conf

In the editor, find the section labeled <Directory /usr/share/phpMyAdmin>. You should see the following two lines:

Options SymLinksIfOwnerMatch
DirectoryIndex index.php

Just below these entries, add the following text:

AllowOverride All

Save the file and exit. Then, apply the changes by restarting Apache with the following terminal command:

sudo systemctl restart apache2

Create .htaccess File

The .htaccess file allows a more detailed configuration of the Apache web server. Enter the following in the terminal:

sudo nano /usr/share/phpmyadmin/.htaccess

This creates a new file and opens it in a text editor.

In the text editor, add the following lines:

AuthType Basic

AuthName "Restricted Files"

AuthUserFile /etc/phpmyadmin/.htpasswd

Require valid-user

Save the file and close.

These commands configure .htaccess to use basic authentication, to secure restricted files only to valid users, and where to find a list of valid users.

Setup .htaccess Users

This step creates a username and password to access the phpMyAdmin directory. The process generates a prompt, forcing anyone trying to access the phpMyAdmin directory to enter a username and password.

In the terminal window, enter the following:

sudo htpasswd -c /etc/phpmyadmin/.htpasswd UserName

Replace UserName with the actual username you want to use to access the phpMyAdmin directory. The system asks to enter and confirm a password.

If you need to add additional users, use the same command without the –c switch, as follows:

sudo htpasswd /etc/phpmyadmin/.htpasswd SecondUser

Test the Login

Go back to your browser window, and open IP_address/phpMyAdmin

The system activates a pop-up that asks for credentials, saying “Restricted files”. Enter the username and password you created earlier.

You should now see the phpMyAdmin login screen. Enter your credentials, and the system displays the phpMyAdmin user interface.

Conclusion

Great job, you now know how to install phpMyAdmin on Ubuntu.

You should now be able to manage your MySQL database from the phpMyAdmin tool. This includes managing users, creating databases, and much more.

PhpMyAdmin replaces the command line interface used in this guide with a more intuitive utility to simplify database management tasks.

How to Install and Secure phpMyAdmin on Ubuntu

phpMyAdmin is a free and open source web-based database management tool written in PHP. It is used to manage MySQL and MariaDB databases. It provides a graphical user interface to manage databases, create and modify tables, add, delete and edit fields, execute SQL statements, manage users and permissions, and more.

Prerequisites

  • A server running Ubuntu 18.04.
  • A root user or a user with sudo privileges.
  • Apache web server installed and running.
  • MySQL or MariaDB installed and running.

Step 1: Install phpMyAdmin

The first step is to install phpMyAdmin on your Ubuntu server. You can do this by running the following command:

sudo apt-get install phpmyadmin

During the installation, you will be asked to select a web server. Select Apache2 and press Enter. Then, you will be asked to configure a database for phpMyAdmin with dbconfig-common. Select Yes and press Enter.

You will be asked to provide a MySQL application password for phpMyAdmin. Enter a secure password and press Enter.

Once the installation is complete, you can proceed to the next step.

Step 2: Configure Apache for phpMyAdmin

The next step is to configure Apache for phpMyAdmin. You can do this by creating a new Apache configuration file for phpMyAdmin. To do this, run the following command:

sudo nano /etc/apache2/conf-available/phpmyadmin.conf

Add the following lines to the file:

Alias /phpmyadmin /usr/share/phpmyadmin


    Options FollowSymLinks
    DirectoryIndex index.php
    AllowOverride All
    Require all granted

Save and close the file. Then, enable the configuration by running the following command:

sudo a2enconf phpmyadmin

Restart Apache for the changes to take effect:

sudo systemctl restart apache2

Step 3: Secure phpMyAdmin

The last step is to secure phpMyAdmin. You can do this by creating an .htaccess file in the phpMyAdmin directory. To do this, run the following command:

sudo nano /usr/share/phpmyadmin/.htaccess

Add the following lines to the file:

AuthType Basic
AuthName "Restricted Files"
AuthUserFile /etc/phpmyadmin/.htpasswd
Require valid-user

Save and close the file. Then, create a password file for authentication by running the following command:

sudo htpasswd -c /etc/phpmyadmin/.htpasswd username

Replace username with the username you want to use for authentication. You will be asked to provide a password for the user. Enter a secure password and press Enter.

Restart Apache for the changes to take effect:

sudo systemctl restart apache2

You have now successfully installed and secured phpMyAdmin on your Ubuntu server.

Fix Microsoft Teams Keeps Saying I’m Away but I’m Not Error

How to Change Batteries in Oculus Controller

Jaspreet Singh Ghuman

Jaspreet Singh Ghuman

Jassweb.com/

Passionate Professional Blogger, Freelancer, WordPress Enthusiast, Digital Marketer, Web Developer, Server Operator, Networking Expert. Empowering online presence with diverse skills.

jassweb logo

Jassweb always keeps its services up-to-date with the latest trends in the market, providing its customers all over the world with high-end and easily extensible internet, intranet, and extranet products.

Services

Web Design and Development

Web Server Solutions

Website Maintenance

Fix WordPress Website

SEO and Digital Marketing

E-commerce Solutions

Quick Links

DMCA

Disclaimer

Privacy Policy

Shipping and Delivery

Terms and Conditions

Cancellation and Refund

Contact
[email protected]
+9179000-01331
San Vito Al Tagliamento 33078
Pordenone Italy
Continue Shopping →
Item added to cart.
0 items - 0.00
Checkout
Open chat
Scan the code
Hello 👋
Can we help you?