A Step-by-Step Guide to Installing phpMyAdmin on Ubuntu 20.04
Managing databases from the command line is powerful, but it’s not always the most efficient way to handle complex tasks. For developers and system administrators who need a visual interface, phpMyAdmin is an essential, web-based tool for managing MySQL and MariaDB databases. It simplifies common operations like creating databases, managing user privileges, executing SQL statements, and importing or exporting data.
This guide will walk you through the complete process of installing and securing phpMyAdmin on your Ubuntu 20.04 server.
Prerequisites
Before you begin, you must have a properly configured LAMP (Linux, Apache, MySQL, PHP) stack installed on your Ubuntu server. Specifically, you will need:
- An Ubuntu 20.04 server.
- A non-root user with
sudoprivileges. - Apache2 installed and running.
- MySQL or MariaDB installed and secured.
- PHP installed with common extensions like
mbstring,json, andmysql. The standardphppackage on Ubuntu 20.04 usually includes these.
Step 1: Update Your System
First, it’s always best practice to update your server’s package list to ensure you are installing the latest available software versions.
Open your terminal and run the following commands:
sudo apt update
sudo apt upgrade
Step 2: Install phpMyAdmin
With your system up-to-date, you can now install phpMyAdmin directly from Ubuntu’s official repositories. The package also includes all the necessary PHP dependencies.
Execute the following command to begin the installation:
sudo apt install phpmyadmin
The installation process will launch an automated configuration script. You will need to answer a few questions to set up phpMyAdmin correctly.
Step 3: Configure phpMyAdmin During Installation
During the installation, you’ll be presented with a series of interactive prompts. Paying close attention here is crucial for a successful setup.
1. Web Server Selection:
You will be asked to choose the web server to automatically reconfigure.
Use the
Spacekey to select apache2. An asterisk(*)will appear next to your selection.Press
Tabto highlight<Ok>and then pressEnter.(Note: An illustrative image placeholder can be used here in a real blog post)
2. Database Configuration:
Next, you’ll be asked whether to configure a database for phpMyAdmin using the dbconfig-common package.
- Select Yes and press
Enter.
This will automatically create a dedicated database and user for phpMyAdmin to store its internal data.
3. Set a MySQL Application Password:
You will now be prompted to create a password for the new phpmyadmin database user.
- It is critical to create a strong, unique password here.
- Leave the field blank to have a random password generated, or enter your own.
- Confirm the password and complete the installation.
Once the process finishes, the phpmyadmin Apache configuration file will be automatically added to the /etc/apache2/conf-enabled/ directory, and the necessary PHP extensions will be enabled.
Step 4: Verify the Installation
To ensure everything is working, open your web browser and navigate to your server’s IP address or domain name, followed by /phpmyadmin.
http://your_server_ip/phpmyadmin
You should see the phpMyAdmin login page. You can log in using any valid MySQL username and password. To confirm you have full administrative access, try logging in with your MySQL root user or another administrative user you created during the MySQL installation.
Crucial Security Measures for phpMyAdmin
Because it provides direct access to your databases, phpMyAdmin is a common target for malicious attacks. The default installation is functional but not secure. It is highly recommended that you take additional steps to protect your installation.
1. Change the Access URL
Having your phpMyAdmin instance at the default /phpmyadmin URL makes it easy for bots and attackers to find. Changing this to something obscure provides a simple but effective layer of security.
First, edit the Apache configuration file for phpMyAdmin:
sudo nano /etc/apache2/conf-available/phpmyadmin.conf
Find the line that reads Alias /phpmyadmin /usr/share/phpmyadmin. Change /phpmyadmin to a unique path that you will remember, for example:
# Change this line
Alias /managedb-secret /usr/share/phpmyadmin
Save the file (Ctrl+X, then Y, then Enter) and restart Apache to apply the changes:
sudo systemctl restart apache2
Now, you will only be able to access the login page at http://your_server_ip/managedb-secret.
2. Set Up an Authentication Gateway
Adding an extra layer of password protection at the web server level means an attacker would need to bypass two separate passwords to get to your database. This can be done with Apache’s built-in authentication.
First, you need to create a password file. The apache2-utils package contains the tool needed for this.
sudo apt install apache2-utils
Now, create a new password file and an administrative user. Replace admin_user with your desired username.
sudo htpasswd -c /etc/apache2/.pma_passwords admin_user
You will be prompted to create and confirm a password for this user.
Next, edit the phpMyAdmin Apache configuration file again:
sudo nano /etc/apache2/conf-available/phpmyadmin.conf
Inside the <Directory /usr/share/phpmyadmin> block, add the following lines:
<Directory /usr/share/phpmyadmin>
Options FollowSymLinks
DirectoryIndex index.php
AllowOverride All
# Add these lines for authentication
AuthType Basic
AuthName "Restricted Access"
AuthUserFile /etc/apache2/.pma_passwords
Require valid-user
</Directory>
Save the file and restart Apache once more:
sudo systemctl restart apache2
Now, when you visit your new, secret phpMyAdmin URL, you will be met with an authentication pop-up before you even see the phpMyAdmin login screen.
Conclusion
You have successfully installed and, more importantly, secured phpMyAdmin on your Ubuntu 20.04 server. You now have a powerful and convenient tool for managing your databases without sacrificing security. By changing the default URL and adding a web server authentication gateway, you have significantly hardened your server against common automated attacks.
Source: https://kifarunix.com/install-phpmyadmin-on-ubuntu-20-04/
