PhpMyAdmin is a free and open source web-based database management tool written in PHP programming language. Using phpMyAdmin, the database administrators can easily manage single and/or multiple database servers either via a web browser. This can be useful for those who are not comfortable with MySQL prompt. phpMyAdmin allows the database admins to do all sorts of database management tasks such as creating, editing, renaming, deleting databases, import and export databases, create tables, fields and fields, execute SQL commands and many. In this tutorial, we are going to to install phpMyAdmin with LAMP stack on Ubuntu 20.04 LTS server operating system.
Table of Contents
Install phpMyAdmin With LAMP Stack On Ubuntu 20.04 LTS
To install phpMyAdmin on Ubuntu 20.04 LTS server, you should have a working LAMP stack. If you haven't installed LAMP stack yet, refer the following guide:
Once you've setup LAMP stack, enable 'universe' repository, if is not enabled already.
$ sudo add-apt-repository universe
$ sudo apt update
Now install phpMyAdmin and all other required dependencies on Ubuntu 20.04 using commands:
$ sudo apt install phpmyadmin php-mbstring php-zip php-gd php-json php-curl
Next, select the web server that should be automatically configured to run phpMyAdmin. Choose the web server with UP/DOWN arrows and hit the SPACEBAR key. Once you chose the web server, you will see a * (star) symbol in-front of it. Hit the TAB key to choose OK and again hit ENTER key to continue.
PhpMyAdmin requires a database installed and configured before it can be used. You can do it with dbconfig-command.
Choose Yes to configure database for phpmyadmin with dbconfig-common:
You need to provide a password for phpmyadmin to register with the MySQL database server. If password is not given, a random password will be generated.
Enter a strong password and hit ENTER to continue:
Re-enter password:
As of writing this guide, when I tried to set the password for phpmyadmin, it throws the following error:
An error occurred while installing the database: mysql said: ERROR 1819 (HY000) at line 1: Your password does not satisfy the current policy requirements . Your options are: * abort - Causes the operation to fail; you will need to downgrade, reinstall, reconfigure this package, or otherwise manually intervene to continue using it. This will usually also impact your ability to install other packages until the installation failure is resolved. * retry - Prompts once more with all the configuration questions (including ones you may have missed due to the debconf priority setting) and makes another attempt at performing the operation. * retry (skip questions) - Immediately attempts the operation again, skipping all questions. This is normally useful only if you have solved the underlying problem since the time the error occurred. * ignore - Continues the operation ignoring dbconfig-common errors. This will usually leave this package without a functional database.
This error occurs because we have enabled the VALIDATE PASSWORD component as described under section titled "2.2 Change authentication method for MySQL root user" in the LAMP stack installation guide attached above.
To fix this issue, you need to temporarily disable the Validate Password component and re-enable it after setting the password for phymyadmin. Click OK to close the above error message and choose "abort" to cancel the phpmyadmin installation.
Now log in to the Mysql prompt by running the following command:
$ mysql -u root -p
From the mysql prompt, tun the following command to disable the Validate Password plugin:
mysql> UNINSTALL COMPONENT "file://component_validate_password";
Please note that the above command will only disable the plugin, but do not remove it. You can enable it later. Then type "exit" to exit from Mysql prompt.
mysql> exit
Now try installing phpmyadmin again using command:
$ sudo apt install phpmyadmin php-mbstring php-zip php-gd php-json php-curl
Choose "Yes" and hit ENTER to configure database for phpmyadmin with dbconfig-common. This time phpmyadmin installation will work without any issues.
Once phpmyadmin is installed, re-enable Validate Password plugin. To do so, login to your Mysql prompt:
$ mysql -u root -p
From the mysql prompt, tun the following command to disable the Validate Password plugin:
mysql> INSTALL COMPONENT "file://component_validate_password";
Type exit to quit from mysql prompt.
mysql> exit
Finally, enable mbstring php extension and restart Apache service to update the changes as shown below.
$ sudo phpenmod mbstring
$ sudo systemctl restart apache2
You can now verify if mbstring extension is enabled or not by loading the info.php file from the web browser.
To do so, navigate to http://IP-address/info.php from your browser.
You will see that the mbstring plugin is enabled.
Create dedicated user to access phpMyAdmin dashboard
Once phpMyAdmin is installed, a database user named 'phpmyadmin' will be automatically created with the administrative password you set during the installation. You can login to phpmyAdmin dashboard using 'phpmyadmin' user or mysql root user. However, it is recommended to create a dedicated user to manage databases via phpMyAdmin web interface.
To do so, login to mysql shell using command:
$ mysql -u root -p
Enter your mysql root password. You will now be in mysql shell.
Enter the following command to create a new dedicated user for phpmyadmin:
mysql> CREATE USER 'phpmyadminuser'@'localhost' IDENTIFIED BY 'Password123#@!';
Here, phpmyadmin is the new user for accessing phpmyadmin dashboard. The password for phpmyadminuser is Password123#@!. Replace these values with your own.
Next give the appropriate privileges to the 'phpmyadminuser' using command:
mysql> GRANT ALL PRIVILEGES ON *.* TO 'phpmyadminuser'@'localhost' WITH GRANT OPTION;
Finally exit from mysql shell:
mysql> exit
We have now created a dedicated user for managing the databases via phpmyadmin web interface. Let us go ahead and access phpmyadmin dashboard.
Access phpMyAdmin dashboard
Open your web browser and navigate to http://ip-address/phpmyadmin or http://domain/phpmyadmin. You should see the phpmyadmin login page. Log in to the phmyadmin interface either using mysql root user or the new user which we created in the previous step.
Here is how phpMyAdmin dashboard looks like:
From now on, you can manage your databases via phpMyAdmin web interface.
Secure phpMyAdmin
This section provides a few tips to secure PhpMyAdmin installation. Please note that the following steps couldn't protect phpMyAdmin 100% secure. However, they will at least slow down any attempts of a perpetrator to break into your phpmyadmin dashboard.
Disable MySQL root login to phpmyadmin dashboard
Allowing mysql root user to access phpMyAdmin dashboard is not safe, especially when managing databases over network. This is why we created a dedicated user in the previous section. Since we already have a dedicated user, we can safely disable mysql root login to access phpmyadmin dashboard to minimize the attacks.
Generally, phpmyadmin is installed under /usr/share/phpmyadmin/ directory and its configuration files are stored in /etc/phpmyadmin directory.
Edit phpmyadmin config file:
$ sudo nano /etc/phpmyadmin/config.inc.php
Add/modify the following parameters:
[...] $cfg['Servers'][$i]['auth_type'] = 'cookie'; $cfg['Servers'][$i]['AllowRoot'] = FALSE; [...]
Save and close the file.
Restart Apache web server using command:
$ sudo systemctl restart apache2
Now try to log in to phpmyadmin as root user. You will get the Access denied error message:
Password-protect phpMyAdmin Login page
Since phpMyAdmin is an easy target for attackers, the next recommended task is to secure phpyMyAdmin web login page. The most common way to protect phpMyAdmin from unauthorized access is by using Apache's built-in .htaccess authentication and authorization functionalities.
First of all, enable the use of .htaccess file overrides by editing the /phpmyadmin.conf file:
$ sudo nano /etc/apache2/conf-available/phpmyadmin.conf
Add "AllowOverride All" line within the <Directory /usr/share/phpmyadmin> section as shown below.
<Directory /usr/share/phpmyadmin> Options SymLinksIfOwnerMatch DirectoryIndex index.php AllowOverride All
Press CTL+X followed by Y to save and close the file.
Restart apache service to update the changes using command:
$ sudo systemctl restart apache2
Next, create a file named .htaccess within /usr/share/phpmyadmin/ directory using command:
$ sudo nano /usr/share/phpmyadmin/.htaccess
Add the following lines in it:
AuthType Basic AuthName "Restricted Files" AuthUserFile /etc/phpmyadmin/.htpasswd Require valid-user
Save and close the file.
Now, run the following command to create a new user, for example ostechnix:
$ sudo htpasswd -c /etc/phpmyadmin/.htpasswd ostechnix
Replace 'ostechnix' with any username of your choice. You will asked to provide a password for the new user. Enter it twice.
Sample output:
New password: Re-type new password: Adding password for user ostechnix
We have now added an extra layer of security to access phpMyAdmin web interface. From now on, whenever you try to access the phpMyAdmin web interface, you will prompted to enter the additional username and its password that you just configured in the previous step.
Once you entered the correct username and password, you will be redirected to the actual phpmyadmin authentication login page. Just enter your database credentials to access the Phpmyadmin dashboard.
Related Read:
Thanks for stopping by!
Help us to help you:
- Subscribe to our Email Newsletter : Sign Up Now
- Support OSTechNix : Donate Via PayPal
- Download free E-Books and Videos : OSTechNix on TradePub
- Connect with us: Reddit | Facebook | Twitter | LinkedIn | RSS feeds
Have a Good day!!
2 comments
php-mbstring depends on libonig4 which is not available in Focal (20.04). Focal universe package does have libonig5 which is still irrelevant to php-mbstring. Refer to the below packages URL.
https://packages.ubuntu.com/focal/libonig4
https://packages.ubuntu.com/focal/libonig5
https://packages.ubuntu.com/bionic/libonig4
Yes, swain this section Terrific article