phpMyAdmin is a free and open-source administration tool for MySQL and MariaDB. As a portable web application written primarily in PHP, it has become one of the most popular MySQL administration tools, especially for web hosting services. In this guide, we are going to install phpMyAdmin with Apache on Debian 9 server with Apache webserver.

You can also check our guide on Installing and securing PhpMyAdmin on Ubuntu and CentOS 7

Deploying your cloud server
If you have not already registered with Cloudwafer, you should begin by getting signed up. Take a moment to create an account after which you can quickly deploy your cloud servers.

Once you have signed up, log into your Cloudwafer Client Area with the password provided in your mail and deploy your Cloudwafer cloud server.

Updating System Packages
It is recommended that you update the system to the latest packages before beginning any major installations. Update with the command below:

sudo apt-get update && sudo apt-get upgrade

Note: The user logged in must have sudo privileges to be able to install packages.

Step 1: Install phpMyAdmin
To install phpMyAdmin from the default Ubuntu repositories, type the command below followed by y to continue:

sudo apt-get install phpmyadmin

After installation, a series of questions will be asked in regards to the basic configuration of phpMyAdmin.

  • Use the tab key on the keyboard for navigation.
  • Enter a PHP admin password, else a random password will be generated.

If you didn't get any of the steps above after installation of phpmyadmin, you could type the command below:

sudo dpkg-reconfigure phpmyadmin

Next, we need to restart Apache with the command below for changes to take effect:

sudo systemctl restart apache2   

Finally, to access PhpMyAdmin web interface, open a browser and type the following network address.

http://your_server_IP_or_your_domain_/phpmyadmin

MySQL 5.7 changed the secure model; hence, you phpMyAdmin will be not able to use root credentials by default. Accordingly, we are going to create a new user and grant required privileges, which is a safe and straightforward solution.

Connect to MySQL by issuing the command below:

sudo mysql --user=root mysql

Create a user for phpMyAdminRun the following commands (replacing ayodele and randompass by the desired username and password):

CREATE USER 'ayodele'@'localhost' IDENTIFIED BY 'randompass';

GRANT ALL PRIVILEGES ON *.* TO 'phpmyadmin'@'localhost' WITH GRANT OPTION;
FLUSH PRIVILEGES;

You can now proceed to login using the credentials created. After logging in, the user interface looks like the screenshot below:

SECURING YOUR PHPMYADMIN INSTANCE
Securing your PHPMyAdmin is essential to prevent unauthorised access. An easy way to do this is to place a gateway in front of the entire application by using Apache's built-in .htaccess authentication and authorisation functionalities.

Firstly, we will need to enable the use of .htaccess file overrides by editing our Apache configuration file. Open the phpmyadmin.conf with the command below:

sudo nano /etc/apache2/conf-available/phpmyadmin.conf 

Add the following as highlighted in the screenshot above:

Options  +FollowSymLinks +Multiviews +Indexes  # edit this line
DirectoryIndex index.php

AllowOverride None
AuthType basic
AuthName "Authentication Required"
AuthUserFile /etc/phpmyadmin/.htpasswd
Require valid-user

Save the file before closing then proceed to restart Apache with the command:

 sudo systemctl restart apache2  

Next, issue the command below to add the password to the htaccess file:

sudo htpasswd -c /etc/phpmyadmin/.htpasswd ayodele

In this example, we are creating a user named ayodele. You can choose any username, and it doesn’t have to be same as the administrative MySQL user.

Restart Apache for changes to take effect:

sudo systemctl restart apache2

With this, whenever you access phpMyAdmin on your domain, you will be prompted for the additional account name and password that you just configured as shown below:

After typing the Apache authentication password, you'll be redirected to the original phpMyAdmin authentication page to enter your other credentials.