phpmyadmin

How To Install and Secure phpMyAdmin on Ubuntu 24.04

phpMyAdmin is a popular web-based interface for managing MySQL and MariaDB databases. It provides an easy way to perform database operations without using command-line tools. In this blog post, we will guide you through the installation and securing of phpMyAdmin on Ubuntu 24.04.

Prerequisites

Before you proceed with the installation, ensure that you have:

  • An Ubuntu 24.04 server with root or sudo access.
  • A working LAMP (Linux, Apache, MySQL/MariaDB, PHP) stack. If you haven’t set up your LAMP server yet, you can follow a guide to install Apache, MySQL/MariaDB, and PHP.

Step 1: Update Your System

Start by updating your package index to ensure you have the latest version of available packages.

sudo apt update
sudo apt upgrade -y

Step 2: Install phpMyAdmin

You can install phpMyAdmin from the default Ubuntu repositories. Run the following command:

sudo apt install phpmyadmin -y

During the installation, you’ll be prompted to select the web server that should be automatically configured to run phpMyAdmin. Choose Apache by pressing the space bar, and then press Enter.

You will also be asked whether to use dbconfig-common to set up the database. Select “Yes” and provide your MySQL/MariaDB credentials to configure phpMyAdmin automatically.

Step 3: Configure Apache

After the installation is complete, you need to include the phpMyAdmin configuration file in Apache’s main configuration folder.

sudo nano /etc/apache2/apache2.conf

At the end of the file, add the following line:

Include /etc/phpmyadmin/apache.conf

Save and exit the file (Ctrl+X followed by Y and Enter).

To apply the changes, restart Apache:

sudo systemctl restart apache2

Step 4: Secure phpMyAdmin

4.1: Change the Default phpMyAdmin URL

To make it harder for attackers to find your phpMyAdmin instance, it’s best to change the default URL. Here’s how to do that:

  1. Open the phpMyAdmin Apache configuration file.
   sudo nano /etc/phpmyadmin/apache.conf
  1. Change the default location from /phpmyadmin to something unique. Look for this line:
   Alias /phpmyadmin /usr/share/phpmyadmin

and change it to:

   Alias /your_custom_url /usr/share/phpmyadmin

Replace your_custom_url with a unique string, such as dbmanager or adminconsole.

  1. Save and close the file, then restart Apache:
   sudo systemctl restart apache2

4.2: Set Up Basic Authentication

You can add an extra layer of security by using Apache’s basic authentication. Here’s how to set it up:

  1. Install the apache2-utils package if it’s not already installed:
   sudo apt install apache2-utils
  1. Create a password file to store user credentials:
   sudo htpasswd -c /etc/phpmyadmin/.htpasswd your_username

Replace your_username with a username of your choice. You’ll be prompted to enter a password.

  1. Now, configure the authentication by editing the phpMyAdmin Apache configuration file again:
   sudo nano /etc/phpmyadmin/apache.conf

Add the following lines within the <Directory /usr/share/phpmyadmin> block:

   AuthType Basic
   AuthName "Restricted Access"
   AuthUserFile /etc/phpmyadmin/.htpasswd
   Require valid-user

Save and close the file, then restart Apache:

   sudo systemctl restart apache2

Step 5: Enable HTTPS

To further secure your phpMyAdmin installation, it’s essential to use HTTPS. If you don’t have an SSL certificate, consider using Let’s Encrypt to obtain one.

  1. Install Certbot:
   sudo apt install certbot python3-certbot-apache -y
  1. Obtain and install the SSL certificate:
   sudo certbot --apache

Follow the prompts to configure your SSL settings.

  1. Test the configuration and ensure that your site is accessible over HTTPS.

Conclusion

You have successfully installed and secured phpMyAdmin on your Ubuntu 24.04 server. By following these steps, you have not only set up a powerful tool to manage your databases but also implemented several security measures to protect it from unauthorized access. Regularly update your phpMyAdmin installation and consider additional security practices to maintain the integrity of your database management environment.

Happy database managing!