How to Install and Secure phpMyAdmin in Ubuntu VM Instance Google Cloud Platform

How to Install and Secure phpMyAdmin in Ubuntu VM Instance Google Cloud Platform

In our previous article we created our first Google Cloud Platform Compute VM Instance. In our new VM instance we also installed Apache, PHP and MySQL. Now in this article we are going to download and install phpMyAdmin in our newly created VM instance.  If you are not comfortable with Linux terminal like me then phpMyAdmin is the way to manage your server database. 

Before Installing phpMyAdmin we are assuming you completed all the steps mentioned in the below article. 

https://vlemonn.com/blog/google-cloud-platform/compute-engine-create-your-first-vm-instance/

So, let's start with the installation of phpMyAdmin. 

For the installation of phpMyAdmin we need to first update the local package index. Then by using apt packaging system download and install phpMyAdmin. 

Execute below command in terminal

Code

sudo apt-get update
sudo apt-get install phpmyadmin php-mbstring php-gettext

After executing above command type Y in terminal for Do you want to continue? Question followed by enter. 

During the installation we need to Configure the phpMyAdmin installation. Below is the options for different questions 

  • Please choose the web server that should be automaically configured to run phpmyadmin. Web Server to reconfigure automatically: Select apache2 

  • Configure database for phpmyadmin with dbconfig-common?: Select Yes

  • MySQL application password for phpmyadmin: Provide password and select OK 

  • Confirm Password and then select OK 

Next, we need to enable PHP mcrypt and mbstring extension for this execute below command in terminal

Code

sudo phpenmod mcrypt
sudo phpenmod mbstring

Finally, we need to restart the apache.

Code

sudo systemctl restart apache2

Now we can able to access phpMyAdmin by visiting below URL 

https://<domainname or domainip>/phpmyadmin 

For login use root as user name and MySQL password for root user which we used at the time of MySQL installation in our previous article

Now it's time to secure out phpMyAdmin installation. 

First, we need to enable the use of .htaccess file overrides by editing our Apache configuration file. 

For this we are going to open phpmyadmin config file execute below command in terminal

Code

sudo nano /etc/apache2/conf-available/phpmyadmin.conf

We need to add an AllowOverride All directive within the <Directory /usr/share/phpmyadmin> section of the configuration file, like this:  

Code

<Directory /usr/share/phpmyadmin>
Options FollowSymLinks
DirectoryIndex index.php
AllowOverride All

Finally, for apply the above changes we need to restart the apache  

Code

sudo systemctl restart apache2

Now we are going to create .htaccess file. Execute below command in terminal for creating a new .htaccess file 

Code

sudo nano /usr/share/phpmyadmin/.htaccess

Code

AuthType Basic
AuthName "Restricted Files"
AuthUserFile /etc/phpmyadmin/.htpasswd
Require valid-user

Let's understand all the lines in our .htaccess file: 

AuthType Basic: This line specifies the authentication type that we are implementing. This type will implement password authentication using a password file. 

AuthName: This sets the message for the authentication dialog box. You should keep this generic so that unauthorized users won't gain any information about what is being protected. 

AuthUserFile: This sets the location of the password file that will be used for authentication. This should be outside of the directories that are being served. We will create this file shortly. 

Require valid-user: This specifies that only authenticated users should be given access to this resource. This is what actually stops unauthorized users from accessing phpMyAdmin. 

Now we need to create .htpasswd for storing users and password related information 

For creating .htpasswd we need extra utility execute below command to install the utility 

Code

sudo apt-get install apache2-utils

Now we can use htpasswd utility for creating users 

Execute below command to create first user. In terminal you need to provide a valid password and confirm password for new user. 

Code

sudo htpasswd -c /etc/phpmyadmin/.htpasswd username

If you want to create another user then execute below command 

“sudo htpasswd /etc/phpmyadmin/.htpasswd username2“
Now retry to open below URL 

https://<domainname or domainip>/phpmyadmin 

This time we need to first provide apache authentication the we are able to access regular phpMyAdminPage.

Now if you want to delete an user account execute below command. Assumption we need to delete username2

Code

sudo htpasswd -D /etc/phpmyadmin/.htpasswd username2

Below is the tutorial video on the same topic.

You may also like below articles.

 

0 Comments
Leave A Comment

Please login to post your valuable comments.

Join the newsletter

Get the latest vLemonn news first

share