{"id":21722,"date":"2022-03-28T09:00:22","date_gmt":"2022-03-28T01:00:22","guid":{"rendered":"https:\/\/www.mondoze.com\/guide\/?post_type=kb&p=21722"},"modified":"2022-10-05T07:54:24","modified_gmt":"2022-10-04T23:54:24","slug":"linux-vps-server-tips-to-secure-phpmyadmin","status":"publish","type":"kb","link":"https:\/\/www.mondoze.com\/guide\/kb\/linux-vps-server-tips-to-secure-phpmyadmin","title":{"rendered":"2 Linux VPS Server Tips To Make phpMyAdmin More Secure"},"content":{"rendered":"\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t\t
\n\t\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t

PhpMyAdmin is a well-known GUI open-source tool used to manage MySQL databases. If you own a VPS, there is a high chance you will have to use phpMyAdmin to manage your MySQL databases. Here are some tips on what you can do if you are using phpMyAdmin on your Linux VPS<\/a>\u00a0server.<\/p>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

\n\t\t\t\t\t\t
\n\t\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t

1. Creating a seperate phpMyAdmin User<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t

There are reasons why you should create a separate phpMyAdmin user, such as not using the default user for security reasons or allowing another user to get full privileges. To do so, firstly, access the MySQL command-line interface as root user by using the following command in the terminal.<\/p>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t
sudo mysql -u root -p<\/pre>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t
After accessing the MySQL command-line interface, you can create a new user using the following commands.<\/p>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t
CREATE USER username IDENTIFIED by \u2018password\u2019;\nGRANT ALL PRIVILEGES ON *.* TO \u2018username\u2019@\u2019localhost\u2019;\nFLUSH PRIVILEGES;\nEXIT<\/pre>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t
Type in your MySQL credentials on \u201cpassword\u201d and \u201cusername\u201d in the command above to set your desired username and password. Use a complex password to secure your account. If there are any authentication problems encountered, restart the Apache server using the following command.<\/p>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t
sudo systemctl restart apache2<\/pre>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t
On the phpMyAdmin dashboard, in the Status tab, you are able to see a list of connections in the MySQL database server, queries that are currently running, and the operating duration of the server.<\/p>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t
2. Securing phpMyAdmin<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t
No matter what plugins or tools you are using, it is recommended to take extra measures against cyberattacks. To improve the security in phpMyAdmin, an extra authentication can be implemented using Apache\u2019s built-in .htaccess authentication and authorization features.<\/p>
The .htaccess file override can be enabled by modifying the phpMyAdmin Apache configuration file. Use the following command to open the configuration file with Nano text editor.<\/p>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t
sudo nano \/etc\/apache2\/conf-available\/phpmyadmin.conf<\/pre>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t
If you are using another text editor, use the command that fits the text editor you are using. After that, in the <Directory \/usr\/share\/phpmyadmin> section>, you will need to add a line called, \u201cAllowOverride All\u201d.<\/p>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t
<Directory \/usr\/share\/phpmyadmin>\nOptions SymLinksIfOwnerMatch\nDirectoryIndex index.php\nAllowOverride All<\/pre>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t
Save changes and exit the file, you can do so by pressing Ctrl+X. When prompted for confirmation, press Y and Enter. To implement the changes, the Apache webserver needs to be rebooted. Use the following command line to reboot it.<\/p>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t
sudo systemctl restart apache2<\/pre>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t
After rebooting the web server, create the .htaccess file in the phpMyAdmin application with the following command.<\/p>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t
sudo nano \/usr\/share\/phpmyadmin\/.htaccess<\/pre>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t
With the above command, a Nano text editor will open for editing the .htaccess file. Once again, use a text editor of your preference. After that, type in the following command.<\/p>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t
AuthType Basic\nAuthName \u201cRestricted Files\u201d\nAuthUserFile \/etc\/phpmyadmin\/.htpasswd\nRequire valid-user<\/pre>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t
Make save changes and exit the file like before. In the command above, the .htaccess had specifically mentioned the .htpasswd file, which means the .htpasswd file needs to be created in the specific directory too. Create the password file and pass it using the htpasswd utility by using the following command.<\/p>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t
sudo htpasswd -c \/etc\/phpmyadmin\/.htpasswd USERNAME<\/pre>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t
Insert your username in the command above where the username is typed in uppercase letters. The file will be created after you are prompted to input a password and confirm it. After that, your file will be created and the password will be hashed. If you want to create an additional username, you can use the similar command as above but without the \u201c-c\u201d.<\/p>
To implement the changes made, Apache needs to be restarted.<\/p>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t
sudo systemctl restart apche2<\/pre>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t
To verify if you had successfully implemented the extra authentication, visit your phpMyAdmin page, by using the following URL:<\/p>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t
http:\/\/server-IP\/phpmyadmin<\/pre>\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t
\n\t\t\t\t
There should be an authentication pop-up before the phpMyAdmin page will load. You will only successfully access the phpMyAdmin login page after you sign in with the username and password you had created earlier.<\/p><\/div><\/div><\/div><\/div><\/div><\/section><\/div><\/div><\/div><\/article><\/main><\/div><\/div><\/div>