phpMyAdmin installation and securing on Debian

phpMyAdmin is a free application allowing to interact with MySQL from a web browser.

Prerequisite

At first, it is important to have a LAMP server already installed on the concerned machine.


Installation

The phpMyAdmin installation operates from the following command :

During the installation, you will be asked to choose different configuration parameters.
Apache2 must be chosen as server and you need to answer YES to the question : “Configure the database for phpmyadmin with dbconfig-common

Your password to connect to MySQL will be asked so that phpMyAdmin can join your database.

Your password to connect to phpMyAdmin will be created thereafter.

Once the installation completed, you have to configure Apache with the following parameter and restart the service :

phpMyAdmin is now available with the insecure address http://your-address-ip/phpmyadmin for now.


Security

In order to avoid keeping the access to your database via phpMyAdmin opened to everybody, it is essential to secure the access.
At first, we have to change the Apache configuration and add the element AllowOverride All after the section DirectoryIndex :

Then, we must create a file .htpasswd that will allow to list all the users authorized to access phpMyAdmin :

The password associated to the created user will be asked then encrypted in the file .htpasswd

Finally, we have to create a file .htaccess that will allow to limit accesses to phpMyAdmin.

Please make sure you carefully changed the access path to the file .htpasswd :

It is a type of authentification that will be used to check the passwords. They are checked via HTTP and the Basic key word must not be changed.

Message displayed on the connection pop-up

Access path to the file of .htpasswd

Parameter limiting the access only to users declared in the file of .htpasswd


Use

In order to confirm the whole configuration, we need to restart Apache :

phpMyAdmin is now available with the address http://your-address-ip/phpmyadmin safely.


phpMyAdmin installation and securing on Debian
Vote