This brief tutorial is going to show students and new users how to easily install phpMyAdmin and password protect its logon page. By default when you install phpMyAdmin it will allow anyone to sign on using the root account created from anywhere.
If you want to add additional protection, create a separate layer of authentication using Apache2 htpassword module. Doing this will only allow folks who are authenticated via Apache2 to continue to phpMyAdmin logon age.
This is a great way to filter out legitimate users verses those who want to access the site and cause trouble.
To setup phpMyAdmin with Apache2 password authentication, continue with the steps below:
Step 1: Install LAMP
First, understand that phpMyAdmin requires that you have a webserver, database servers and PHP to function. It works with Apache2, Nginx webservers and MySQL and MariaDB database servers and PHP.
For this post, we’re going to be using Apache2, MySQL/MariaDB and PHP or the LAMP stack on Ubuntu 17.04/17.10.
To install LAMP, read the post below:
Step 2: Install phpMyAdmin
After installing LAMP, run the commands below to install phpMyAdmin
sudo apt-get update sudo apt-get install phpmyadmin
During the installation, you’ll be prompted to choose a webserver to use with phpMyAdmin. Apache2 should be the default.. hit the spacebar to select.. then the tab key and press enter to continue.
You should also be asked if you want to configure database for phpmyadmin with dbconfig-common,
You’ll then be prompted for the root password for MySQL/MariaDB. Type it to continue.
After the installation, you should be able to go to the server host name or IP followed by phpmyadmin/
You should see the default login page for the app. Again, no extra security, anyone can just browse there and attempt to login.
Step 3: Add Apache2 Password Authentication
Now that phpMyAdmin is installed, open its main configuration file and make the highlighted changes below.
sudo nano /etc/apache2/conf-available/phpmyadmin.conf
Add the highlighted line below and save the file.
Directory /usr/share/phpmyadmin> Options FollowSymLinks DirectoryIndex index.php AllowOverride All . . . . . .
Restart Apache2 webserver
sudo systemctl reload apache2.service
Next, create a .htaccess file by running the commands below
sudo nano /usr/share/phpmyadmin/.htaccess
Then add the content below in the file and save
AuthType Basic AuthName "Restricted Files" AuthUserFile /etc/phpmyadmin/.htpasswd Require valid-user
Next, run the commands below to install Apache2 utility to create htpasswd
sudo apt-get install apache2-utils
Finally, run the commands below to create an account for richard.
sudo htpasswd -c /etc/phpmyadmin/.htpasswd richard
You should be prompted to create a password.
Then next time you reload the page, you should see a prompt for a username and password.
That’s it! Now users should be authenticated twice to access phpMyAdmin.
This post shows students and new users an easy way to install phpMyAdmin and add additional layer of protection when using Ubuntu.
It allows users to be authenticated twice before access is granted.
You may also like the post below