How to Install & Secure PHPMyAdmin on Ubuntu 16

Try it in our public cloud & Get $5 Credit
CLAIM NOW

Most PHP applications use the MySQL database. Direct database access is particularly helpful when developing or upgrading a Website, but the default command line interface can be tricky to use. PHPMyAdmin is a great web-based database administration tool, but installing it securely is imperative to its use, since it gives complete access to a database’s contents.

Getting Started with PHPMyAdmin

To complete this guide, you will need the following:
• 1 Node (Cloud Server or Dedicated Server) with Ubuntu 16.04 and a LAMP stack previously installed.

Tutorial

Use the following commands to install and update PHPMyAdmin.

apt-get update
apt-get install phpmyadmin

During this process, a window will appear asking you to choose between Apache2 or Lighttpd. Choose Apache2.

You’ll also be asked for your MySQL root password. This was set when you configured the initial LAMP stack. If you don’t remember it, you’ll need to rerun the MySQL server configuration and set a new password.

You’ll also be prompted for a PHPMyAdmin password. This should differ from your MySQL and server passwords, and will grant access to the application itself.

We next need to enable some additional PHP modules.

phpenmod mcrypt
phpenmod mbstring

Once done, restart the Apache server so the configuration changes go into effect.

systemctl restart apache2

Your installation should now be available at http://your_ip/phpmyadmin. We’re not quite done, however.

It is necessary to secure the directory against a few common attacks. To start, let’s edit /etc/apache2/conf-available/phpmyadmin.conf, adding the following directive:

nano /etc/apache2/conf-available/phpmyadmin.conf

Options FollowSymLinks
DirectoryIndex index.php
AllowOverride All <--------------- The line you need to add

After saving the file and exiting the editor, restart the Apache server once more.

systemctl restart apache2

A .htaccess file is also required to secure the installation. Edit /usr/share/phpmyadmin/.htaccess with the following content:

nano /usr/share/phpmyadmin/.htaccess
AuthType Basic
AuthName "Restricted Files"
AuthUserFile /etc/phpmyadmin/.htpasswd
Require valid-user

Save and exit.

If you're on Ubuntu 14, you have one additional step to perform. Type the following to install the necessary package:

apt-get install apache2-utils

Then use this command to set the authentication password for the user named "admin":

htpasswd -c /etc/phpmyadmin/.htpasswd admin

Use the same command to add additional users.

Your new installation can be found at http://your_ip/phpmyadmin. Enter your username and password when the browser window prompts for it. You'll then be redirected to a setup screen where you will log into MySQL.

Conclusion

You now have an easy, secure way of administering MySQL databases. MySQL is used heavily in the PHP ecosystem, and a good PHPMyAdmin installation is invaluable to any PHP administrator. If this guide was helpful to you, kindly share it with others who may also be interested.