How to Install and Secure phpMyAdmin on Ubuntu
phpMyAdmin is a powerful web-based tool for managing MySQL and MariaDB databases. In this guide, we'll walk you through the process of installing phpMyAdmin on Ubuntu, configuring Apache, and securing phpMyAdmin for enhanced system security.
← BackStep 1: Install phpMyAdmin
To install phpMyAdmin on your Ubuntu server, run the following command to install phpMyAdmin and all required dependencies:
sudo apt install phpmyadmin php-mbstring php-zip php-gd php-json php-curl
During the installation, follow these steps:
- Select Apache when prompted.
- Choose Yes to configure the phpMyAdmin database using dbconfig-common.
- Set a password for the phpMyAdmin administrative user.
Step 2: Enable PHP Extensions
Ensure that the necessary PHP extensions are enabled:
sudo phpenmod mbstring
Step 3: Restart Apache Server
After enabling the necessary extensions, restart Apache to apply the changes:
sudo systemctl restart apache2
Step 4: Access phpMyAdmin
To access phpMyAdmin from your browser, visit:
http://your_server_ip/phpmyadmin
Log in using your MySQL root credentials or any other MySQL user you've configured.
Step 5: Secure phpMyAdmin (Optional but Highly Recommended)
For better security, it’s advisable to restrict access to phpMyAdmin by adding an extra login layer through Apache's basic authentication:
Create a Password File:
sudo htpasswd -c /etc/phpmyadmin/.htpasswd youruser
Edit Apache Configuration:
Edit the phpMyAdmin configuration file:
sudo nano /etc/apache2/conf-available/phpmyadmin.conf
Insert the following lines inside the <Directory /usr/share/phpmyadmin> block:
AuthType Basic
AuthName "Restricted Access"
AuthUserFile /etc/phpmyadmin/.htpasswd
Require valid-user
Restart Apache to Apply Changes:
sudo systemctl restart apache2
Now, whenever you access phpMyAdmin, you’ll be prompted to enter your additional login credentials before reaching the login screen.
← Back