HOW TO INSTALL AND SECURE PHPMYADMIN WITH APACHE ON A CENTOS 7 SERVER

      50

phpMyAdmin is a không tính tiền & open source administration tool for MySQL và MariaDB. As a portable website application written primarily in PHP, it has become one of the most popular MySquốc lộ administration tools, especially for website hosting services. In this guide, we are going lớn install phpMyAdmin with Apabịt on CentOS 7.

Bạn đang xem: How to install and secure phpmyadmin with apache on a centos 7 server

An important prerequisite before using this guide is lớn install a LAMPhường (Linux, Apache, MariaDB, and PHP) stack on your CentOS 7 VPS. The LAMP.. stack is the platsize which will be used khổng lồ serve sầu our phpMyAdmin interface (MariaDB is also the database management software that we are wishing to lớn manage). If you vày not yet have sầu a LAMPhường installation on your VPS, cliông chồng here lớn read our tutorial on installing LAMPhường on CentOS 7.

Step 1: Add EPEL repo: We need to add the EPEL repo (Extra Packages for Enterprise Linux) to lớn our VPS before proceeding with installation has it contains many additional packages, including the phpMyAdmin package we are looking for. To install, type the command below:

suvị yum install epel-releaseStep 2: Install phpMyAdmin: Type the commvà below to lớn install the phpMyAdmin package using the yum packaging system followed by y khổng lồ continue:

suvày yum install phpmyadmin

*

After successfully installing, you should get a similar result as shown below:

*

The installation includes an Apache configuration tệp tin that has been placed in its appropriate directory. We need khổng lồ modify this config file for our installation khổng lồ work perfectly for our needs.

xuất hiện the phpMyAdmin.conf in the /etc/httpd file in the text editor(nano in this guide) lớn make a few modifications:

suvì nano /etc/httpd/conf.d/phpMyAdmin.confCurrently, the setup in the configuration file is configured to deny access to any connection not being made from the server itself. Since we are assessing our VPS remotely (via ssh), we need khổng lồ modify some lines to lớn specify the IPhường. address of your trang chủ connection.

The first location is the section as shown below:

*

Change any lines that read Require ip 127.0.0.1 or Allow from 127.0.0.1 khổng lồ refer to your home page connection"s IP address.

Note: If you need help finding your home connection"s IP.., cliông xã here lớn check.

The second location is the section as shown below:

Also, change any lines that read Require ip 127.0.0.1 or Allow from 127.0.0.1 khổng lồ refer to your trang chủ connection"s IP.. address.

Xem thêm: Thư Chúc Mừng Năm Mới 2018 Của Đại Sứ Hồ Minh Tuấn, Chúc Mừng Năm Mới 2018!

Note: Your trang chính connections" IPhường address differs from the IPhường. address of your VPS.

After making the configurations, restart the Apađậy website hệ thống by typing:

suvì systemctl restart httpd.serviceTo access the interface, visit your public IP address or server"s domain name followed by /phpMyAdmin, in your website browser:

http://server_domain_or_IP/phpMyAdmin

*

Log into lớn the phpmyadmin interface using the root username and the administrative sầu password you set up during the MySquốc lộ installation. After logging in, the user interface looks like the screenshot below:

*

SECURING YOUR PHPMYADMIN INSTANCE

Securing your phpmyadmin is important in order to lớn prevent unauthorized access. An easy way lớn bởi vì this is to change the location of the interface from /phpMyAdmin lớn something else lớn prevent automated bot brute-force attempts.

Open the configuration file using the comm& below:

suvày nano /etc/httpd/conf.d/phpMyAdmin.confThe two lines below are the mặc định aliases that serve sầu us nội dung from the /usr/share/phpMyAdmin location if we access our site"s tên miền name or IPhường address, followed by either /phpMyAdmin or /phpmyadmin.

Alias /phpMyAdmin /usr/share/phpMyAdminAlias /phpmyadmin /usr/share/phpMyAdmin

*

We are going khổng lồ disable these default aliases due khổng lồ the high rate at which they are targeted by bots và malicious users. For security purposes, we should decide on our own alias having these two rules in mind:

It shouldn"t indicate the purpose of the URL location.It should be easy to remember but not easy to guess.

In this guide, we are going to use /somethingelse.

To apply our changes, we are going to bình luận out the existing lines (you can remove them enirely) và add our own:

#Alias /phpMyAdmin /usr/share/phpMyAdmin#Alias /phpmyadmin /usr/share/phpMyAdminAlias /somethingelse /usr/share/phpMyAdmin

*

Save sầu và cchiến bại the tệp tin then proceed lớn restart httpd with the comm& below:

suvì systemctl restart httpd.serviceIf you visit the previous location of your phpMyAdmin installation, you will get a 404 error:

http://server_domain_or_IP/phpMyAdmin

*

http://server_domain_or_IP/nothingtosee

*

You can also secure phpMyAdmin placing a gateway in front of the entire application by using Apache"s built-in .htaccess authentication và authorization functionalities.

Firstly, we will need khổng lồ enable the use of .htaccess tệp tin overrides by editing our Apađậy configuration tệp tin. mở cửa the phpmyadmin.conf with the command below:

sudo nano /etc/httpd/conf.d/phpMyAdmin.conf

*

Add AllowOverride All to lớn the bottom of the section of the configuration tệp tin as shown below:

*

Save the file before closing then proceed lớn restart Apache with the command:

subởi systemctl restart apache2After enabling .htaccess use, we need to create the file khổng lồ fully implement security by typing the comm& below:

suvày nano /usr/share/phpmyadmin/.htaccessAuthType BasicAuthName "Restricted Files"AuthUserFile /etc/phpmyadmin/.htpasswdRequire valid-user

*

You can read more on htaccess here.

Type the commvà below lớn add the password lớn the htaccess file:

suvì htpasswd -c /etc/httpd/pma_pass username

*

To add additional users to lớn authenticate, type the same commvà again but this time without the -c flag, và with a new username:

suvị htpasswd /etc/httpd/pma_pass seconduserWith this, whenever you access phpMyAdmin on your domain, you will be prompted for the additional tài khoản name & password that you just configured as shown below: With this, whenever you access phpMyAdmin on your tên miền, you will be prompted for the additional trương mục name & password that you just configured as shown below:

After typing the Apache authentication password, you"ll be redirected to the original phpMyAdmin authentication page khổng lồ enter your other credentials.