Ubuntu 18.04 Install phpMyAdmin for NGINX Web Server

Ubuntu 18.04 Install phpMyAdmin for NGINX Web Server

In the previous article, we learned How to install NGINX, PHP, and MySQL on Ubuntu 18.04 Google Cloud VM instance. For executing the MySQL command we used MySQL Shell. MySQL shell is the good option for executing small queries. For the large-scale development, we need a graphical user interface.
phpMyAdmin is a free, open source web-based administration tool for MariaDB and MySQL. phpMyAdmin is written in PHP. It is one of the most popular administration tools for MariaDB and MySQL. 
This article is a Step-by-Step guide for installing phpMyAdmin on Ubuntu 18.04.

Prerequisites

As we mentioned previously phpMyAdmin is a web-based tool written in PHP. To use phpMyAdmin, we need to first complete the LEMP (Linux, Nginx, MySQL, and PHP) installation on our Ubuntu 18.04 Google Cloud Compute Engine VM Instance.
We are assuming you have proper access on Ubuntu Server to execute the "sudo" commands in the terminal.

Step 1 Install phpMyAdmin

We are assuming our LEMP installation is completed and running properly. To install phpMyAdmin, we first need to update the server's local package index to make sure, we have the latest set of reference for the available packages. Execute the following command to get the latest package lists from the repositories and "updates" them to get information on the newest versions of packages.

Code

sudo apt-get update

To install the phpMyAdmin on Ubuntu 18.04 execute the following command.

Code

sudo apt-get install phpmyadmin

During the installation, we will prompt for the web server configuration. In the list, we have only two options. First one is apache and another one is lighttpd. Since we are using NGINX we need to bypass this prompt. Use the tab from your keyboard to highlight the "<ok>" button and hit enter.

At the second prompt, it will ask to configure a database for phpMyAdmin to use. Use the tab key from your keyboard to select "" and hit enter.

In the next two prompts, we need to create a new password for the phpMyAdmin application and its database.

After providing the above information, Ubuntu will install and configure phpMyAdmin on our server. 
Once the installation completed successfully try to access phpMyAdmin to the following URL 
http://<ServerIP>/phpMyAdmin 
NGINX unable to find the phpMyAdmin files. Why? 
After the successful installation, we need to configure NGINX web server to find the correct phpMyAdmin files. 
phpMyAdmin files are available in "/usr/share/phpmyadmin". To fix the 404 issue, we need to create the symbolic link from the installation files to our NGINX document root directory. 
Execute the following command to create the symbolic link.

Code

sudo ln -s /usr/share/phpmyadmin /var/www/html 

Finally, restart the PHP Fpm with the following command.

Code

sudo systemctl restart php7.2-fpm

After executing the above commands, our phpMyAdmin installation is finally operational. 
We can confirm it by again visiting the following URL 
http://<ServerIP>/phpMyAdmin

Step 2 Secure phpMyAdmin Installation

phpMyAdmin is designed to access the MySQL or MariaDB Database. A database is used to store important data for your organization or for your website. It is important to secure the data. If any authorized personnel gain access to phpMyAdmin, then the person can do anything with your data. To prevent the unauthorized or the malicious access to phpMyAdmin, we need to secure the phpMyAdmin installation. To secure the phpMyAdmin installation, we have two options.

First, change the phpMyAdmin URL
Second, enable NGINX authorization.
 
Let's first check How to change the phpMyAdmin URL. 
At the time of phpMyAdmin installation, we use the following URL to access the phpMyAdmin panel. 

http://<ServerIP>/phpmyadmin 
 
It is obvious if I am a hacker I will try to use the same URL to check the phpmyadmin installation status. If it is installed and configured on the same path, then I need to move to the next phase of the attack. I will try to use the brute force attack to find the user-name and password. It is hard with the strong password. But it is possible. To make the life of hacker harder, let's change the phpmyadmin access path. What if on my server to access phpmyadmin we need to use the following URL? 
 
http://<ServerIP>/mysecreturl 
 
Then hackers first need to find the correct phpmyadmin access path. Which is only known to you? 
Let's check How to change the phpmyadmin access path. For us, the phpmyadmin symbolic link is available in /var/www/html. Let's open the directory.

Code

cd /var/www/html

Next list down the directory content with the following URL.

Code

ls -l

Following output is for us

In the output check the line with phpmyadmin. We need to move it on mysecreturl. Use the following command to move phpMyAdmin symbolic link from phpmyadmin to mysecreturl

Code

sudo mv phpmyadmin mysecreturl

Let's try to access the phpMyAdmin with the following URL http:///mysecreturl

Note: mysecretpath is only for the explanation purpose. You need to decide your own secrets.

For the second step to secure the phpMyAdmin, we need to enable the NGINX authentication gateway. Let's assume hackers able to find out our secret. What if you are using the NGINX authentication? Then hackers first need to guess the username and password for the authentication gateway to access the phpMyAdmin. Now we make, it is harder for hackers to hack on our server. To enable the authentication gateway we first need to create the authentication credentials. Nginx required the password to be encrypted using the crypt () function. The OpenSSL suite, which is already available on our include the functionality to encrypt a password. To create an encrypted password execute the following command in the terminal.

Code

openssl passwd

We will be prompted for the new password. Enter and confirm the password. The OpenSSL utility will return an encrypted password. Copy the result value. For us, it is "yuw2tFQCbsnzQ" 
Next, to enable the NGINX authentication we first need to create an authentication file. It used to store all the username and password. Execute the following command to create a new password file.

Code

sudo nano /etc/nginx/phpmyadmin_pass

In this file, we need to store the user-name and password. Store the user-name and password in the following format
username1: password
username2: password
I want to create a user with user name mayanksanghvi then I need to add the following line our phpmyadmin_pass file
mayanksanghvi:password_generatedby_OpenSSL

Save the file (Ctrl + O) and close the nano editor (Ctrl+X).
Finally, to enable NGINX authentication at http://<ServerIP>/mysecretpath we need to edit the NGINX config file. Open the config file in the nano editor.

Code

sudo nano /etc/nginx/sites-available/default

Add the following line

Code

location /MySecretPath  {
        auth_basic "Admin Login";
        auth_basic_user_file /etc/nginx/phpmyadmin_pass;
    }

Save the file (Ctrl + O) and close the nano editor (Ctrl+X).
To apply the above config file changes restart the NGINX web server

Code

sudo service nginx restart

After the NGINX server restart if you try to visit http://<ServerIP>/mysecret then first we need to enter the username and password available in phpmyadmin_pass file.

Installation of phpMyAdmin is done. In our next article, we will more about the following topics.

0 Comments
Leave A Comment

Please login to post your valuable comments.

Join the newsletter

Get the latest vLemonn news first

share