Terug naar DocumentatiephpMyAdmin is a web interface to manage MySQL/MariaDB databases. This guide shows how to install it securely.
Installation on Ubuntu/Debian with Nginx
1. Install phpMyAdmin
sudo apt update
sudo apt install phpmyadmin php-mbstring php-zip php-gd php-json php-curl -y
During installation:
2. Configure Nginx
sudo nano /etc/nginx/sites-available/phpmyadmin
server {
listen 80;
server_name phpmyadmin.yourdomain.com;
# or: server_name _; (any domain/IP)
root /usr/share/phpmyadmin;
index index.php index.html;
# Security: limit access by IP
# allow 1.2.3.4;
# deny all;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php8.1-fpm.sock;
# Adjust PHP version: php8.2-fpm, php8.3-fpm, etc.
}
location ~ /\.ht {
deny all;
}
}
sudo ln -s /etc/nginx/sites-available/phpmyadmin /etc/nginx/sites-enabled/
sudo nginx -t && sudo systemctl reload nginx
3. Enable PHP extension
sudo phpenmod mbstring
sudo systemctl restart php8.1-fpm # adjust version
- Web server: select apache2 if asked (even if you use Nginx: we'll configure it manually)
- Configure database for phpmyadmin with dbconfig-common? → Yes
- Enter the password for the phpmyadmin database user
Installation with Apache
sudo apt install phpmyadmin php-mbstring -y
# Select apache2 during installation
# Enable configuration
sudo ln -s /etc/phpmyadmin/apache.conf /etc/apache2/conf-available/phpmyadmin.conf
sudo a2enconf phpmyadmin
sudo systemctl reload apache2
Security configuration
phpMyAdmin exposed on the internet without protection is a frequent target for automated attacks. Apply at least one of the following measures.
Option 1: access only from your IP (recommended)
In Nginx, inside the location / block:
location / {
allow 1.2.3.4; # your IP
deny all;
try_files $uri $uri/ =404;
}
Option 2: HTTP basic authentication
# Create password file
sudo apt install apache2-utils -y
sudo htpasswd -c /etc/nginx/.htpasswd admin
# Add to Nginx
location / {
auth_basic "Restricted Access";
auth_basic_user_file /etc/nginx/.htpasswd;
try_files $uri $uri/ =404;
}
Option 3: change the access URL
Don't use /phpmyadmin as the URL. Create a non-obvious alias:
# Instead of root /usr/share/phpmyadmin, use an alias
location /manage-db-a8x3k {
alias /usr/share/phpmyadmin;
...
}
Disable root access
For security, don't allow direct login of root in phpMyAdmin:
// /etc/phpmyadmin/conf.d/custom.php (create the file)
<?php
$cfg['Servers'][$i]['AllowRoot'] = false;
Create a dedicated MySQL user for phpMyAdmin
-- Connect to MySQL
mysql -u root -p
-- Create user with limited access
CREATE USER 'webadmin'@'localhost' IDENTIFIED BY 'secure_password';
-- Grant access to all databases (or only the ones you need)
GRANT ALL PRIVILEGES ON *.* TO 'webadmin'@'localhost' WITH GRANT OPTION;
-- Or only on a specific database:
-- GRANT ALL PRIVILEGES ON my_database.* TO 'webadmin'@'localhost';
FLUSH PRIVILEGES;
EXIT;
SSL with Let's Encrypt
sudo apt install certbot python3-certbot-nginx -y
sudo certbot --nginx -d phpmyadmin.yourdomain.com
See the SSL with Certbot guide for details.
Update phpMyAdmin
sudo apt update && sudo apt upgrade phpmyadmin -y
Common issues
Error 403 Forbidden: check the permissions of /usr/share/phpmyadmin folder and the Nginx configuration.
Missing PHP extension: sudo apt install php-mbstring php-xml php-zip -y && sudo systemctl restart php8.x-fpm
"No input file specified": verify that fastcgi_pass points to the correct PHP version (php -v to see the active version).
Gerelateerde artikelen
DeluxHost, opgericht in 2023, biedt hoogwaardige hostingoplossingen voor diverse digitale behoeften. Wij bieden gedeelde hosting, VPS en dedicated servers met geavanceerde beveiliging en wereldwijde datacenters.
