----------

Secure phpMyAdmin with Apache on Ubuntu 18.04

Installing phpMyAdminTo install phpMyAdmin on your Ubuntu 18.04 server, follow these steps:

• • Update the package index and upgrade the system packages to the latest versions:

    • • • sudo apt update && sudo apt upgrade

• • • Copy

• • Install the phpMyAdmin package from the default Ubuntu repositories with the following command:

    • • • sudo apt install phpmyadmin

• • • Copy

    • The installer will prompt you to choose the web server that should be automatically configured to run phpMyAdmin, choose apache by pressing Space and then Enter.

Next, you will be asked whether to use dbconfig-common to set up the database, select Yesand hit Enter.

Enter a password for phpMyAdmin to register with the database, select OK and press Enter.

You will be prompted to confirm the password, enter the same password, select OK and press Enter.

• • Once the installation process is complete, restart Apache for changes to take effect:

    • • • sudo systemctl restart apache2

• • • Copy

Create an Administrative MySQL UserIn Ubuntu systems running MySQL 5.7 (and later), the root user is set to use the auth_socketauthentication method by default.

The auth_socket plugin authenticates users that connect from the localhost through the Unix socket file. This means that you can’t authenticate as a root by providing a password.

Instead of changing the authentication method for the MySQL user root , we will create a new administrative MySQL user. This user will have the same privileges as the root user and will be set to use the mysql_native_password authentication method.

We will use this user to login to the phpMyAdmin dashboard and preform administrative tasks on our MySQL or MariaDB server.

Start by log in to the MySQL server as the root user:

sudo mysql

Copy

From within the MySQL shell execute the following commands which will create a new administrative user and grant appropriate permissions:

CREATE USER 'padmin'@'localhost' IDENTIFIED BY 'super-strong-password';

GRANT ALL PRIVILEGES ON *.* TO 'padmin'@'localhost' WITH GRANT OPTION;

Copy

In our example we named the administrative user padmin. You can use any name you like, just be sure to set a strong password.

Accessing phpMyAdminTo access the phpMyAdmin interface open your favorite browser and type your server’s domain name or public IP address followed by /phpmyadmin:

https://your_domain_or_ip_address/phpmyadmin

Copy

Enter the administrative user login credentials you previously created and click Go.

Securing phpMyAdminTo add an extra layer of security we will password protect the phpMyAdmin directory by setting up a basic authentication.

First we will create a password file with users using the htpasswd tool that comes with the Apache package. We will store the .htpasswd file in /etc/phpmyadmin directory:

sudo htpasswd -c /etc/phpmyadmin/.htpasswd padmin

Copy

In this example we are creating a user named padmin. You can choose any username, it doesn’t have to be same as the administrative MySQL user.

The command above will prompt you to enter and confirm the user’s password.

New password: Re-type new password: Adding password for user padmin

Copy

If you want to add an additional user, you can use the same command without the -c flag:

sudo htpasswd /etc/phpmyadmin/.htpasswd padmin2

Copy

The next step is to configure Apache to password protect the phpMyAdmin directory and use the .htpasswd file.

To do so open the phpmyadmin.conf file which was automatically created during the phpMyAdmin installation:

sudo nano /etc/apache2/conf-available/phpmyadmin.conf

Copy

And edit / insert the following lines highlighted in yellow:

/etc/apache2/conf-available/phpmyadmin.conf

<Directory /usr/share/phpmyadmin>

-----------