phpMyAdmin is a free and open-source tool that allows you to manage MySQL or MariaDB databases via a web interface. This guide will show you how to install and secure the latest version of phpMyAdmin on Debian 12 with two-factor authentication and other best practices.
phpMyAdmin is a widely-used, open-source tool that allows users to interact with MySQL and MariaDB databases through a web-based interface. It’s particularly valuable for database administrators and developers, offering features like:
- Database management: Create, modify, delete databases, tables, fields, and indexes.
- SQL execution: Run complex SQL queries directly within the interface.
- User management: Manage database users and their privileges.
- Data import/export: Easily import/export data in various formats (SQL, CSV, etc.).
- Backup and restore: Simplifies database backups and restoration.
phpMyAdmin’s graphical interface makes database management accessible for users without extensive command-line experience.
Step 1: Create an Instance on Cloud.shape.host
Step 1.1: Access the Dashboard
- Log in to Cloud.shape.host and go to the Dashboard.
Step 1.2: Create a New Instance
- Click on Create in the top menu and choose Instances.
Step 1.3: Select the Datacenter Location
- Pick a datacenter closest to your audience, such as New York or London.
Step 1.4: Choose Your Plan
- Select a Standard or CPU-Optimized plan based on your needs.
Step 1.5: Configure the Instance
- Choose Debian 12 as the operating system.
- Configure the network and authentication options.
Step 1.6: Configure and Launch
Set your network and authentication settings, then click Create Instance.
Step 1.7: Locate your Instance’s IP
Step 1.8: Create and Access the Instance
- Click Create Instance and access it via SSH:
ssh root@<your-instance-ip>
Replace <your-instance-ip>
with the IP address of your instance.
Step 2: Update System and Install Dependencies
First, update your system packages:
apt update -y
Install Apache, MariaDB, and PHP along with necessary modules:
apt install apache2 mariadb-server libapache2-mod-php php-cli php-mysql php-zip php-curl php-xml php-mbstring php-zip php-gd unzip -y
Step 3: Download and Install phpMyAdmin
Download the latest version of phpMyAdmin:
wget https://files.phpmyadmin.net/phpMyAdmin/5.2.1/phpMyAdmin-5.2.1-all-languages.zip
Unzip the downloaded file:
unzip phpMyAdmin-5.2.1-all-languages.zip
Move the extracted files to the web directory:
mv phpMyAdmin-5.2.1-all-languages /usr/share/phpmyadmin
Create a temporary directory for phpMyAdmin:
mkdir -p /var/lib/phpmyadmin/tmp
chown -R www-data:www-data /var/lib/phpmyadmin
Step 4: Configure phpMyAdmin
Copy the sample configuration file:
cp /usr/share/phpmyadmin/config.sample.inc.php /usr/share/phpmyadmin/config.inc.php
Install pwgen
to generate a secure key:
apt-get install pwgen -y
pwgen -s 32 1
Edit the configuration file:
nano /usr/share/phpmyadmin/config.inc.php
In this file, define your secret key and configure other settings. Make sure to set a strong blowfish secret.
Step 5: Set Up the phpMyAdmin Database
Set up the database for phpMyAdmin:
mysql < /usr/share/phpmyadmin/sql/create_tables.sql
Log in to MySQL and grant privileges to the phpMyAdmin user:
mysql
Run the following SQL queries:
GRANT SELECT, INSERT, UPDATE, DELETE ON phpmyadmin.* TO 'pma'@'localhost' IDENTIFIED BY 'password';
CREATE USER 'myadmin'@'localhost' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON *.* TO 'myadmin'@'localhost' WITH GRANT OPTION;
FLUSH PRIVILEGES;
EXIT;
Step 6: Configure Apache for phpMyAdmin
Create a new Apache configuration file for phpMyAdmin:
nano /etc/apache2/conf-available/phpmyadmin.conf
Insert the following configuration:
Alias /phpmyadmin /usr/share/phpmyadmin
<Directory /usr/share/phpmyadmin>
Options SymLinksIfOwnerMatch
DirectoryIndex index.php
<IfModule mod_php5.c>
<IfModule mod_mime.c>
AddType application/x-httpd-php .php
</IfModule>
<FilesMatch ".+\.php$">
SetHandler application/x-httpd-php
</FilesMatch>
php_value include_path .
php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext/:/usr/share/php/php-php-gettext/:/usr/share/javascript/:/usr/share/php/tcpdf/:/usr/share/doc/phpmyadmin/:/usr/share/php/phpseclib/
php_admin_value mbstring.func_overload 0
</IfModule>
<IfModule mod_php.c>
<IfModule mod_mime.c>
AddType application/x-httpd-php .php
</IfModule>
<FilesMatch ".+\.php$">
SetHandler application/x-httpd-php
</FilesMatch>
php_value include_path .
php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext/:/usr/share/php/php-php-gettext/:/usr/share/javascript/:/usr/share/php/tcpdf/:/usr/share/doc/phpmyadmin/:/usr/share/php/phpseclib/
php_admin_value mbstring.func_overload 0
</IfModule>
</Directory>
# Authorize for setup
<Directory /usr/share/phpmyadmin/setup>
<IfModule mod_authz_core.c>
<IfModule mod_authn_file.c>
AuthType Basic
AuthName "phpMyAdmin Setup"
AuthUserFile /etc/phpmyadmin/htpasswd.setup
</IfModule>
Require valid-user
</IfModule>
</Directory>
# Disallow web access to directories that don't need it
<Directory /usr/share/phpmyadmin/templates>
Require all denied
</Directory>
<Directory /usr/share/phpmyadmin/libraries>
Require all denied
</Directory>
<Directory /usr/share/phpmyadmin/setup/lib>
Require all denied
</Directory>
Enable the configuration and reload Apache:
a2enconf phpmyadmin.conf
systemctl reload apache2
Step 7: Secure phpMyAdmin with .htaccess Authentication
To add an extra layer of security, enable .htaccess
authentication.
Edit the phpMyAdmin configuration:
nano /etc/apache2/conf-available/phpmyadmin.conf
Make sure AllowOverride All
is added in the <Directory>
block.
Create the .htaccess
file:
nano /usr/share/phpmyadmin/.htaccess
Insert the following content:
AuthType Basic
AuthName "Restricted Files"
AuthUserFile /usr/share/phpmyadmin/.htpasswd
Require valid-user
Create the .htpasswd
file and set up a secure user:
htpasswd -c /usr/share/phpmyadmin/.htpasswd secureuser
Step 8: Restart Apache
Finally, restart the Apache server to apply the changes:
systemctl restart apache2
Step 9: Access phpMyAdmin
Now, open your web browser and navigate to:
http://<your-server-ip>/phpmyadmin
Log in with your phpMyAdmin credentials.
Provide your admin username, password and click on the Sign in button. You should see the phpMyAdmin dashboard on the following page:
You’ve successfully installed and secured phpMyAdmin on Debian 12. With additional security measures such as .htaccess authentication, your phpMyAdmin setup is now more secure. For optimal performance and reliability, consider hosting your phpMyAdmin installation on Shape.Host’s Cloud VPS, offering fast speeds and secure infrastructure for all your database management needs.