Debian

phpMyAdmin Installation & Security Guide: Debian 11

HomeDebianphpMyAdmin Installation & Security Guide: Debian 11

phpMyAdmin is a popular web-based application that provides an easy-to-use interface for managing MySQL and MariaDB databases. It allows users to create and manage databases, execute SQL statements, import and export data, and much more. In this article, we will guide you through the process of installing and securing phpMyAdmin on Debian 11.

Prerequisites

Before we begin, make sure you have the following:

  • A server running Debian 11.
  • Root access to the server.

Getting Started

First, let’s update our system packages to ensure we have the latest versions. Open your terminal and run the following command:

apt-get update -y

Once the update is complete, we can proceed to the next step.

Install LAMP Server

phpMyAdmin is a PHP-based application, so we need to install a LAMP (Linux, Apache, MySQL, PHP) stack on our server. Run the following command to install the necessary packages:

apt-get install apache2 mariadb-server libapache2-mod-php php-cli php-mysql php-zip php-curl php-xml php-mbstring php-zip php-gd unzip -y

This command will install Apache web server, MariaDB database server, and PHP along with some additional modules required by phpMyAdmin.

Install and Configure phpMyAdmin

Now, let’s download and configure phpMyAdmin. Run the following commands one by one:

wget https://files.phpmyadmin.net/phpMyAdmin/5.1.1/phpMyAdmin-5.1.1-all-languages.zip
unzip phpMyAdmin-5.1.1-all-languages.zip
mv phpMyAdmin-5.1.1-all-languages /usr/share/phpmyadmin
mkdir -p /var/lib/phpmyadmin/tmp
chown -R www-data:www-data /var/lib/phpmyadmin
cp /usr/share/phpmyadmin/config.sample.inc.php /usr/share/phpmyadmin/config.inc.php
apt-get install pwgen -y
pwgen -s 32 1

The above commands will download phpMyAdmin, extract it to the appropriate directory, create a temporary directory, set proper ownership, copy the configuration file, and generate a secure key.

Next, open the configuration file with your preferred text editor:

nano /usr/share/phpmyadmin/config.inc.php

Find the line that starts with $cfg['blowfish_secret'] and replace the existing value with the generated secure key. Uncomment the line by removing the leading //:

$cfg['blowfish_secret'] = 'YOUR_GENERATED_SECURE_KEY';

Now, let’s configure phpMyAdmin to use the MariaDB database. Locate the following lines in the configuration file and make the necessary changes:

$cfg['Servers'][$i]['controluser'] = 'pma';
$cfg['Servers'][$i]['controlpass'] = 'password';
$cfg['Servers'][$i]['pmadb'] = 'phpmyadmin';

Save and close the file.

Create phpMyAdmin Admin User

We recommend creating a separate user account specifically for managing the database through phpMyAdmin. To do this, follow these steps:

  1. Import the phpMyAdmin tables into the MariaDB database:
mysql < /usr/share/phpmyadmin/sql/create_tables.sql
  1. Connect to the MariaDB shell:
mysql
  1. Grant the necessary privileges to the phpmyadmin database:
GRANT SELECT, INSERT, UPDATE, DELETE ON phpmyadmin.* TO 'pma'@'localhost' IDENTIFIED BY 'password';
  1. Create an admin user:
CREATE USER myadmin;
  1. Grant all privileges to the admin user:
GRANT ALL PRIVILEGES ON *.* TO 'myadmin'@'localhost' IDENTIFIED BY 'password' WITH GRANT OPTION;
  1. Flush the privileges and exit the MariaDB shell:
FLUSH PRIVILEGES;
EXIT;

Configure Apache for phpMyAdmin

To configure Apache for phpMyAdmin, we need to create a virtual host configuration file. Run the following command:

nano /etc/apache2/conf-available/phpmyadmin.conf

Add the following lines to the file:

Alias /phpmyadmin /usr/share/phpmyadmin
<Directory /usr/share/phpmyadmin>
Options SymLinksIfOwnerMatch
DirectoryIndex index.php

<IfModule mod_php5.c>
<IfModule mod_mime.c>
AddType application/x-httpd-php .php
</IfModule>
<FilesMatch ".+\.php$">
SetHandler application/x-httpd-php
</FilesMatch>
</IfModule>

<IfModule mod_php.c>
<IfModule mod_mime.c>
AddType application/x-httpd-php .php
</IfModule>
<FilesMatch ".+\.php$">
SetHandler application/x-httpd-php
</FilesMatch>
</IfModule>
</Directory>

<Directory /usr/share/phpmyadmin/setup>
<IfModule mod_authz_core.c>
<IfModule mod_authn_file.c>
AuthType Basic
AuthName "phpMyAdmin Setup"
AuthUserFile /etc/phpmyadmin/htpasswd.setup
</IfModule>
Require valid-user
</IfModule>
</Directory>

<Directory /usr/share/phpmyadmin/templates>
Require all denied
</Directory>

<Directory /usr/share/phpmyadmin/libraries>
Require all denied
</Directory>

<Directory /usr/share/phpmyadmin/setup/lib>
Require all denied
</Directory>

Save and close the file.

Next, enable the phpMyAdmin configuration file:

a2enconf phpmyadmin.conf

Finally, reload the Apache service to apply the changes:

systemctl reload apache2

You can check the status of the Apache service using the following command:

systemctl status apache2

Access phpMyAdmin

phpMyAdmin is now installed and configured. Open your web browser and enter the following URL:

http://your-server-ip/phpmyadmin

Replace your-server-ip with the actual IP address of your server.

You should see the phpMyAdmin login page. Enter your admin username and password, then click on the “Go” button. You will be redirected to the phpMyAdmin dashboard, where you can start managing your databases.

Secure phpMyAdmin

To enhance the security of your phpMyAdmin installation, we recommend implementing two-factor authentication using .htaccess.

First, open the phpMyAdmin configuration file:

nano /etc/apache2/conf-available/phpmyadmin.conf

Add the following line inside the <Directory /usr/share/phpmyadmin> block:

AllowOverride All

Save and close the file.

Next, create an .htaccess file inside the phpMyAdmin directory:

nano /usr/share/phpmyadmin/.htaccess

Add the following lines to the file:

AuthType Basic
AuthName "Restricted Files"
AuthUserFile /usr/share/phpmyadmin/.htpasswd
Require valid-user

Save and close the file.

Now, create a user for authentication:

htpasswd -c /usr/share/phpmyadmin/.htpasswd secureuser

You will be prompted to set a password for the user.

To verify the two-factor authentication, access phpMyAdmin in your web browser. After entering your username and password, you will be prompted for additional authentication. Once authenticated, you will be redirected to the phpMyAdmin dashboard.

Conclusion

Congratulations! You have successfully installed and secured phpMyAdmin on Debian 11. You can now use this powerful tool to manage your MySQL and MariaDB databases with ease. If you have any questions or need further assistance, feel free to reach out to the team at Shape.host. They offer reliable and scalable cloud hosting solutions, including Cloud VPS services, to meet your specific needs.

Tags:
Christian Wells

Older Post

How to Deploy a Flask Application with uWSGI and Nginx on Ubuntu 20.04

Next Post

How to Configure a Mail Server with PostfixAdmin on Debian 11

Related Product

How to Install LibreNMS on Debian 12 (Nginx + PHP-FPM)

How to Install BoxBilling on Debian 12