How to install and secure phpMyAdmin with Apache on Ubuntu 18.04

s2 0

phpMyAdmin is an open source PHP application designed to manage MySQL and MariaDB servers through a web-based interface.

With phpMyAdmin you can manage MySQL databases, user accounts and permissions, execute SQL statements, import and export data in various data formats and much more.

This tutorial covers the steps required to install and secure phpMyAdmin with Apache on Ubuntu 18.04.

requirements

Make sure you meet the following requirements before proceeding with this tutorial:

  • Have LAMP (Linux, Apache, MySQL and PHP) installed on your Ubuntu server.
  • Logged in as a user with sudo permissions.

Although not required, it is recommended that you access your phpMyAdmin installation over HTTPS. If your domain is not yet protected by SSL, you can follow these instructions and secure your Apache with Let’s Encrypt on Ubuntu 18.04.

Install phpMyAdmin

To install phpMyAdmin on your Ubuntu 18.04 server, do the following:

  1. Update the package index and update the system packages to the latest versions:

    sudo apt update && sudo apt upgrade
  2. Install the phpMyAdmin package from the standard Ubuntu repositories with the following command:

    sudo apt install phpmyadmin

    The installation program will ask you to select the web server that should be automatically configured to run phpMyAdmin. Select Apache by pressing Space and then Enter.

    Next, you will be asked if you want to use dbconfig-common To set up the database, choose Yes and hit Enter.

    Enter a password for phpMyAdmin to register with the database, select OK and press Enter.

    You will be asked to confirm the password, enter the same password, select OK and press Enter.

  3. Once the installation process is complete, restart Apache for the changes to take effect:

    sudo systemctl restart apache2

Create a MySQL administrative user

On Ubuntu systems running MySQL 5.7 (and higher), the root user is set to use the auth_socket Authentication method by default.

the auth_socket Plugin authenticates users who connect from localhost via the Unix socket file. This means that you cannot authenticate as root by providing a password.

Instead of changing the authentication method for the MySQL user root, we will create a new MySQL administrative user. This user has the same permissions as the root user and is set to have the mysql_native_password Authentication method.

We use this user to log into the phpMyAdmin dashboard and perform administrative tasks on our MySQL or MariaDB server.

First log in to the MySQL server as the root user:

sudo mysql

In the MySQL shell, run the following commands that will create a new administrative user and grant the appropriate permissions:

CREATE USER 'padmin'@'localhost' IDENTIFIED BY 'super-strong-password';GRANT ALL PRIVILEGES ON *.* TO 'padmin'@'localhost' WITH GRANT OPTION;

In our example we named the administrative user padmin. You can use any name you want, just make sure you set a strong password.

Access to phpMyAdmin

To access the phpMyAdmin interface, open your preferred browser and enter the domain name or public IP address of your server followed by /phpmyadmin:

https://your_domain_or_ip_address/phpmyadmin

Enter the administrative user credentials created earlier and click Go.

Once you’re signed in, you’ll see the phpMyAdmin dashboard, which looks something like this:

Backup of phpMyAdmin

To add an extra layer of security, we’re going to password protect the phpMyAdmin directory by setting up basic authentication.

First, we’ll create a password file with users who will use the htpasswd Tool that comes with the Apache package. We save the .htpasswd File in /etc/phpmyadmin Directory:

sudo htpasswd -c /etc/phpmyadmin/.htpasswd padmin

In this example we are creating a user named padmin. You can choose any user name, it does not have to be the same as the administrative MySQL user.

The above command will ask you to enter and confirm the user’s password.

New password:
Re-type new password:
Adding password for user padmin

If you want to add another user you can use the same command without the -c Flag:

sudo htpasswd /etc/phpmyadmin/.htpasswd padmin2

The next step is to configure Apache so that the phpMyAdmin directory is password protected and the .htpasswd File.

To do this, open the phpmyadmin.conf File that was automatically created when phpMyAdmin was installed:

sudo nano /etc/apache2/conf-available/phpmyadmin.conf

And edit / paste the following lines highlighted in yellow:

/etc/apache2/conf-available/phpmyadmin.conf
<Directory /usr/share/phpmyadmin>
    Options  +FollowSymLinks +Multiviews +Indexes  # edit this line
    DirectoryIndex index.php

    AllowOverride None
    AuthType basic
    AuthName "Authentication Required"
    AuthUserFile /etc/phpmyadmin/.htpasswd
    Require valid-user

    <IfModule mod_php5.c>
    ...

Save and close the file and restart Apache for the changes to take effect:

sudo systemctl restart apache2

If you now access your phpMyAdmin, you will be asked to enter the login details of the user you created earlier:

https://your_domain_or_ip_address/phpmyadmin

After entering basic authentication you will be redirected to the phpMyAdmin login page where you will need to enter your MySQL administrator login information.

It’s also a good idea that /phpmyadmin Alias ​​for something more unique and safer.

diploma

Congratulations, you have successfully installed phpMyAdmin on your Ubuntu 18.04 server. You can now begin creating MySQL databases, users, and tables, and performing various MySQL queries and operations.

If you have any questions, feel free to leave a comment below.