Home » Categories » Multiple Categories |
How To Install and Secure phpMyAdmin on Debian 7 |
Article Number: 198 | Rating: Unrated | Last Updated: Sun, Jan 5, 2014 at 8:18 PM
|
phpMyAdminphpMyAdmin is a free web software to work with MySQL on the web. It provides a convenient visual front end to the MySQL capabilities.SetupBefore working with phpMyAdmin, you need to have LAMP installed on your server. If you don't have the Linux, Apache, MySQL, PHP stack on your server, you can find the tutorial for setting it up here.Once you have the user and required software, you can start installing phpMyAdmin on your server! Install phpMyAdminThe easiest way to install phpmyadmin is through apt-get:sudo apt-get install phpmyadminDuring the installation, phpMyAdmin will walk you through a basic configuration. Once the process starts up, follow these steps:
sudo nano /etc/apache2/apache2.confAdd the phpmyadmin config to the file. Include /etc/phpmyadmin/apache.confRestart apache: sudo service apache2 restartYou can then access phpmyadmin by going to youripaddress/phpmyadmin. The screen should look like this. SecurityUnfortunately, older versions of phpMyAdmin have had serious security vulnerabilities, including allowing remote users to eventually exploit root on the underlying virtual private server. One can prevent a majority of these attacks through a simple process: locking down the entire directory with Apache's native user/password restrictions which will prevent these remote users from even attempting to exploit older versions of phpMyAdmin.Set Up the .htaccess FileTo set this up, start off by allowing the .htaccess file to work within the phpmyadmin directory. You can accomplish this in the phpmyadmin configuration file:sudo nano /etc/phpmyadmin/apache.confUnder the directory section, add the line "AllowOverride All” under "Directory Index”, making the section look like this: <Directory /usr/share/phpmyadmin> Options FollowSymLinks DirectoryIndex index.php AllowOverride All [...] Configure the .htaccess fileWith the .htaccess file allowed, we can proceed to set up a native user whose login would be required to even access the phpmyadmin login page.Start by creating the .htaccess page in the phpmyadmin directory: sudo nano /usr/share/phpmyadmin/.htaccessFollow up by setting up the user authorization within .htaccess file. Copy and paste the following text in: AuthType Basic AuthName "Restricted Files" AuthUserFile /path/to/passwords/.htpasswd Require valid-userBelow you’ll see a quick explanation of each line:
Create the htpasswd fileNow we will go ahead and create the valid user information. Start by creating a htpasswd file. Use the htpasswd command, and place the file in a directory of your choice as long as it is not accessible from a browser. Although you can name the password file whatever you prefer, the convention is to name it .htpasswd.sudo htpasswd -c /path/to/passwords/.htpasswd username A prompt will ask you to provide and confirm your password.
Once the username and passwords pair are saved you can see that the password is encrypted in the file. Finish up by restarting apache: sudo service apache2 restart Accessing phpMyAdminphpMyAdmin will now be much more secure since only authorized users will be able to reach the login page. Accessing youripaddress/phpmyadmin should display a screen like this.Fill it in with the username and password that you generated. After you login you can access phpmyadmin with the MySQL username and password. |
Attachments
![]()
There are no attachments for this article.
|
How To Use Dokku Plugins to Access Additional Functionality
Viewed 4790 times since Sun, Dec 29, 2013
How To Install Git on Ubuntu 12.04
Viewed 6356 times since Mon, Dec 23, 2013
How To Setup Ruby on Rails with Postgres
Viewed 11714 times since Mon, Dec 30, 2013
How To Set Up MySQL Master-Master Replication
Viewed 3027 times since Thu, Dec 26, 2013
How To Install Linux, Nginx, MySQL, PHP (LEMP) Stack on Debian 7
Viewed 3989 times since Fri, Dec 27, 2013
How To Create Data Queries in PostgreSQL By Using the Select Command
Viewed 14541 times since Mon, Dec 30, 2013
How To Install Linux, Apache, MySQL, PHP (LAMP) stack On CentOS 6
Viewed 6660 times since Thu, Dec 26, 2013
Initial Server Setup with Arch Linux
Viewed 3619 times since Fri, Dec 27, 2013
How To Configure and Maintain Ghost from the Command Line
Viewed 6747 times since Sun, Dec 29, 2013
Top 10 Linux Easter Eggs
Viewed 7489 times since Sat, Jan 4, 2014
|