Installation and configuration snips for phpMyAdmin.
These Snips are based on LEMP or LAMP Stack being installed on Ubuntu 22.02.
If all prerequisites above are installed and configured, proceed with installing phpMyAdmin below.
Before Continuing, create an A record in your DNS server for the hostname you want to use for accessing phpMyAdmin - such as pma.example.com
1. Follow these steps to install files:
wget https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.zip
apt install unzip
unzip phpMyAdmin-latest-all-languages.zip
mv phpMyAdmin-5.2.*-all-languages /var/www/phpmyadmin
chown -R www-data:www-data /var/www/phpmyadmin
Note: The asterisk (*) in filename above is in case version changes. Make sure you have the right version listed.
2. Create MariaDB Database and user:
mysql -u root
CREATE DATABASE phpmyadmin DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
GRANT ALL ON phpmyadmin.* TO 'phpmyadmin'@'localhost' IDENTIFIED BY 'your_preferred_password';
FLUSH PRIVILEGES;
EXIT;
Replace password in command above!
Your phpmyadmin database user will n
3. Install PHP Modules:
apt install php-imagick php-phpseclib php-php-gettext php8.1-common php8.1-mysql php8.1-gd php8.1-imap php8.1-curl php8.1-zip php8.1-xml php8.1-mbstring php8.1-bz2 php8.1-intl php8.1-gmp
4. Create Nginx Server Block:
nano /etc/nginx/conf.d/phpmyadmin.conf
Add to file and save
server {
listen 80;
listen [::]:80;
server_name pma.example.com;
root /var/www/phpmyadmin/;
index index.php index.html index.htm index.nginx-debian.html;
access_log /var/log/nginx/phpmyadmin_access.log;
error_log /var/log/nginx/phpmyadmin_error.log;
location / {
try_files $uri $uri/ /index.php;
}
location ~ \.php$ {
fastcgi_pass unix:/run/php/php8.1-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
include snippets/fastcgi-php.conf;
}
location ~ /\.ht {
deny all;
}
}
Test it's working
#Check for config errors:
nginx -t
systemctl reload nginx
Browse to http://pma.example.com and verify login page comes up. Don't log in yet!
5. Install SSL Certificate:
# HTTP REDIRECT
server {
if ($host = pma.example.com) {
return 301 https://pma.example.com$request_uri;
}
listen 80;
server_name pma.example.com;
access_log /var/log/nginx/phpmyadmin_access.log;
error_log /var/log/nginx/phpmyadmin_error.log;
}
# HTTPS SITE CONFIG
server {
server_name pma.example.com;
root /var/www/phpmyadmin/;
index index.php index.html index.htm;
access_log /var/log/nginx/phpmyadmin_access.log;
error_log /var/log/nginx/phpmyadmin_error.log;
location / {
try_files $uri $uri/ /index.php;
}
location ~ /\.ht {
deny all;
}
#UNCOMMENT AFTER CONFIGURED
#location ~ ^/(doc|sql|setup)/ {
# deny all;
#}
location ~ \.php$ {
fastcgi_pass unix:/run/php/php8.1-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
include snippets/fastcgi-php.conf;
}
listen 443 ssl;
ssl_certificate /etc/ssl/cert/my-example.crt;
ssl_certificate_key /etc/ssl/private/my-example.key;
ssl_session_cache shared:le_nginx_SSL:10m;
ssl_session_timeout 1440m;
ssl_session_tickets off;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers off;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305;
ssl_dhparam /etc/ssl/private/ssl-dhparams.pem;
add_header Strict-Transport-Security "max-age=63072000" always;
ssl_stapling on;
ssl_stapling_verify on;
resolver 1.1.1.1;
}
6. Run phpMyAdmin Setup
nano /var/www/phpmyadmin/config.inc.php
Paste all contents into the file and change (or add) these lines:
Return to login page https://pma.example.com
Log in using the phpmyadmin user and password you created above when creating the MySQL database.
7. Restrict access to setup directory:
nano /etc/nginx/conf.d/phpmyadmin.conf
Add code to file anywhere inside the server block.
location ~ ^/(doc|sql|setup)/ {
deny all;
}
Save and check configuration:
nginx -t
systemctl reload nginx
If using Let's Encrypt, make sure the certificate is set to auto-renew when it was installed. Should be under /etc/cron.d in file named certbot.
After logging in, if message about phpMyAdmin configuration storage has been deactivated:
Click on the phpmyadmin database on the left, go to Operations tab, click "Find out why", then click "Create" link.
8. Give permissions to other databases:
At this point, your phpmyadmin user will only be able to log in and manage the phpmyadmin database. You must grant full permissions to the phpmyadmin user or create a new admin user with permissions to other databases.
Sample Create Admin User with Full Permissions:
mariadb -u root
create user admin@localhost identified by 'your-chosen-password';
grant all privileges on *.* to admin@localhost with grant option;
flush privileges;
exit;
Log back into phpMyAdmin as that user and you will have full permissions to all database and ability to create new databases.
Install and config Complete!
-Coming Soon, but basically following above except creating Apache2 conf file.