phpMyAdmin is a free open source software written in PHP. It was developed for beginners to manage MySQL and MariaDB databases via the web interface. It has a simple, user-friendly and powerful web interface with which you can manage MySQL databases, user accounts and authorizations, execute SQL statements and import and export data via the web browser.
In this article, we will show you how to install phpMyAdmin on Ubuntu 22.04 and make it secure.
Requirements
- A server running Ubuntu 22.04.
- A root password is set up on the server.
First steps
It is recommended to update your system packages to the latest version. You can update all packages with the following command:
apt-get update -y apt-get upgrade -y
Once all packages are updated, you can proceed to the next step.
Install Apache, MariaDB and PHP
phpMyAdmin is a PHP-based application that runs on a web server. Therefore, you need to install the LAMP server on your server. You can install it with the following command:
apt-get install apache2 mariadb-server php-fpm libapache2-mod-php php-cli php-mysql php-zip php-curl php-xml php-mbstring php-zip php-gd unzip -y
Once all packages are installed, start the Apache and MariaDB services and enable them so that they are started when the system reboots:
systemctl start apache2 mariadb systemctl enable apache2 mariadb
When you’re done, you can proceed to the next step.
Install and configure phpMyAdmin
First, visit the official phpMyAdmin website, select the URL of the latest version and download the latest version of phpMyAdmin using the following command:
wget https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.tar.gz
Once phpMyAdmin is downloaded, unzip the downloaded file with the following command:
tar -xvzf phpMyAdmin-latest-all-languages.tar.gz
Next, move the unzipped directory to the /usr/share directory using the following command:
mv phpMyAdmin-5.2.0-all-languages /usr/share/phpmyadmin
Next, create a temporary directory for phpMyAdmin with the following command:
mkdir -p /var/lib/phpmyadmin/tmp
Next, set the ownership rights for the phpMyAdmin directory:
chown -R www-data:www-data /var/lib/phpmyadmin
Next, copy the phpMyAdmin sample configuration file:
cp /usr/share/phpmyadmin/config.sample.inc.php /usr/share/phpmyadmin/config.inc.php
Next, install the pwgen tool and generate a secret key using the following command:
apt-get install pwgen -y pwgen -s 32 1
Output:
cnWfKjqshvQqoxFPcy7W950IM3DPe5C0
Next, you need to edit the config.inc.php file and change the default settings:
nano /usr/share/phpmyadmin/config.inc.php
Define your secret key and do not comment the following lines:
$cfg['blowfish_secret'] = 'cnWfKjqshvQqoxFPcy7W950IM3DPe5C0'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */ $cfg['Servers'][$i]['controluser'] = 'pma'; $cfg['Servers'][$i]['controlpass'] = 'password'; $cfg['Servers'][$i]['pmadb'] = 'phpmyadmin'; $cfg['Servers'][$i]['bookmarktable'] = 'pma__bookmark'; $cfg['Servers'][$i]['relation'] = 'pma__relation'; $cfg['Servers'][$i]['table_info'] = 'pma__table_info'; $cfg['Servers'][$i]['table_coords'] = 'pma__table_coords'; $cfg['Servers'][$i]['pdf_pages'] = 'pma__pdf_pages'; $cfg['Servers'][$i]['column_info'] = 'pma__column_info'; $cfg['Servers'][$i]['history'] = 'pma__history'; $cfg['Servers'][$i]['table_uiprefs'] = 'pma__table_uiprefs'; $cfg['Servers'][$i]['tracking'] = 'pma__tracking'; $cfg['Servers'][$i]['userconfig'] = 'pma__userconfig'; $cfg['Servers'][$i]['recent'] = 'pma__recent'; $cfg['Servers'][$i]['favorite'] = 'pma__favorite'; $cfg['Servers'][$i]['users'] = 'pma__users'; $cfg['Servers'][$i]['usergroups'] = 'pma__usergroups'; $cfg['Servers'][$i]['navigationhiding'] = 'pma__navigationhiding'; $cfg['Servers'][$i]['savedsearches'] = 'pma__savedsearches'; $cfg['Servers'][$i]['central_columns'] = 'pma__central_columns'; $cfg['Servers'][$i]['designer_settings'] = 'pma__designer_settings'; $cfg['Servers'][$i]['export_templates'] = 'pma__export_templates'; $cfg['TempDir'] = '/var/lib/phpmyadmin/tmp';
Save and close the file when you’re done.
Create admin user for phpMyAdmin
For security reasons, it is always advisable to create a separate user for managing the database via phpMyAdmin.
First import the phpMyAdmin tables into the MariaDB database with the following command:
mysql < /usr/share/phpmyadmin/sql/create_tables.sql
Next, connect to the MariaDB shell with the following command:
mysql
Once you are connected, grant the PHPMyAdmin database all necessary permissions with the following command:
MariaDB [(none)]> GRANT SELECT, INSERT, UPDATE, DELETE ON phpmyadmin.* TO 'pma'@'localhost' IDENTIFIED BY 'password';
Next, create a user admin with the following command:
MariaDB [(none)]> CREATE USER myadmin;
Grant the admin user all necessary permissions with the following command:
MariaDB [(none)]> GRANT ALL PRIVILEGES ON *.* TO 'myadmin'@'localhost' IDENTIFIED BY 'password' WITH GRANT OPTION;
Delete the permissions and exit the MariaDB shell with the following command:
MariaDB [(none)]> FLUSH PRIVILEGES; MariaDB [(none)]> EXIT;
Once you’re done, you can proceed to the next step.
Create Apache Virtual Host for phpMyAdmin
Next, you need to create a configuration file for an Apache virtual host for phpMyAdmin. You can create it with the following command:
nano /etc/apache2/conf-available/phpmyadmin.conf
Paste the following lines:
Alias /phpmyadmin /usr/share/phpmyadmin Options SymLinksIfOwnerMatch DirectoryIndex index.php AddType application/x-httpd-php .php SetHandler application/x-httpd-php php_value include_path . php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext/:/usr/share/php/php-php-gettext/:/usr/share/javascript/:/usr/share/php/tcpdf/:/usr/share/doc/phpmyadmin/:/usr/share/php/phpseclib/ php_admin_value mbstring.func_overload 0 AddType application/x-httpd-php .php SetHandler application/x-httpd-php php_value include_path . php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext/:/usr/share/php/php-php-gettext/:/usr/share/javascript/:/usr/share/php/tcpdf/:/usr/share/doc/phpmyadmin/:/usr/share/php/phpseclib/ php_admin_value mbstring.func_overload 0 # Authorize for setup AuthType Basic AuthName "phpMyAdmin Setup" AuthUserFile /etc/phpmyadmin/htpasswd.setup Require valid-user # Disallow web access to directories that don't need it Require all denied Require all denied Require all denied
Save and close the file when you’re done, then activate the phpMyAdmin configuration file with the following command:
a2enconf phpmyadmin.conf
Next, you’ll need to reload the Apache service for the changes to take effect:
systemctl reload apache2
You can check the status of the Apache service with the following command:
systemctl status apache2
You should see the following output:
? apache2.service - The Apache HTTP Server Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled) Active: active (running) since Sat 2022-08-06 09:58:37 UTC; 11min ago Docs: https://httpd.apache.org/docs/2.4/ Process: 91902 ExecReload=/usr/sbin/apachectl graceful (code=exited, status=0/SUCCESS) Main PID: 90122 (apache2) Tasks: 7 (limit: 2242) Memory: 14.3M CPU: 423ms CGroup: /system.slice/apache2.service ??90122 /usr/sbin/apache2 -k start ??91906 /usr/sbin/apache2 -k start ??91907 /usr/sbin/apache2 -k start ??91908 /usr/sbin/apache2 -k start ??91909 /usr/sbin/apache2 -k start ??91910 /usr/sbin/apache2 -k start ??91911 /usr/sbin/apache2 -k start Aug 06 09:58:37 ubuntu2204 systemd[1]: Starting The Apache HTTP Server... Aug 06 09:58:37 ubuntu2204 apachectl[90121]: AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 2> Aug 06 09:58:37 ubuntu2204 systemd[1]: Started The Apache HTTP Server. Aug 06 10:09:41 ubuntu2204 systemd[1]: Reloading The Apache HTTP Server... Aug 06 10:09:41 ubuntu2204 apachectl[91905]: AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 2> Aug 06 10:09:41 ubuntu2204 systemd[1]: Reloaded The Apache HTTP Server.
Accessing phpMyAdmin
Now phpMyAdmin is installed and configured. You can now open your web browser and access phpMyAdmin via the URL http://your-server-ip/phpmyadmin. You should see the phpMyAdmin login screen:
Enter your admin username and password and click on the “Login ” button. On the following page you will see the phpMyAdmin dashboard:
Enable two-factor authentication
It’s a good idea to secure phpMyAdmin with two-factor authentication. You can use the authentication and authorization functions in .htaccess to do this.
First edit the phpMyAdmin configuration file:
nano /etc/apache2/conf-available/phpmyadmin.conf
Add the line “AllowOverride All” to the following server block:
Options SymLinksIfOwnerMatch DirectoryIndex index.php AllowOverride All
Save and close the file when you’re done, then restart the Apache service:
systemctl restart apache2
Next, create an .htaccess file and define the Apache authentication type:
nano /usr/share/phpmyadmin/.htaccess
Add the following lines:
AuthType Basic AuthName "Restricted Files" AuthUserFile /usr/share/phpmyadmin/.htpasswd Require valid-user
Save and close the file, then create a user with the following command:
htpasswd -c /usr/share/phpmyadmin/.htpasswd phpuser
You will be prompted to set a password (see below):
New password: Re-type new password: Adding password for user secureuser
Test phpMyAdmin two-factor authentication
At this point, phpMyAdmin is secured with two-factor authentication. To test it, open your web browser and access phpMyAdmin via the URL http://your-server-ip/phpmyadmin . You will be asked for the additional username and password (see below):
After entering your username and password, you will be redirected to the normal phpMyAdmin login page.
Conclusion
Congratulations! You have successfully installed and secured phpMyAdmin on Ubuntu 22.04. Now you can install phpMyAdmin in your development environment and manage your database via the web browser.