Sometimes installing phpMyAdmin manually, as opposed to using
apt, is necessary. This might be because you're using MySQL 8 and/or PHP 7 and the version provided by Ubuntu's apt repository either won't install or won't function with this setup. You also may just want the latest version for the virtues that come with staying up-to-date. Whatever the reason, this tutorial will run you through the basic process of doing so.
The server I'm using is running Ubuntu 18.04 (though this tutorial will likely need little to no revision for previous versions), Apache 2.4.37, MySQL 8.0.13, and PHP 7.2.14. The latest version of phpMyAdmin at the time of writing is 4.8.4.
After logging into your server, change directory to
/usr/share (the traditional place for phpMyAdmin to be stored) and download the files:
$ cd /usr/share $ sudo wget https://files.phpmyadmin.net/phpMyAdmin/4.8.4/phpMyAdmin-4.8.4-all-languages.zip
If there's a newer version available than 4.8.4 (you can on their website), then change the link above to suit.
Now we need to unzip the files. The easiest way to do this is to use the
$ sudo apt install unzip $ sudo unzip phpMyAdmin-4.8.4-all-languages.zip
Next move the unzipped folder to the traditional phpMyAdmin directory and clean up the original zip file:
$ sudo mv phpMyAdmin-4.8.4-all-languages phpmyadmin $ sudo rm phpMyAdmin-4.8.4-all-languages.zip
Finally, give ownership of the directory to
www-data (the group used by Apache/PHP) and give appropriate permissions:
$ sudo chown -R www-data: phpmyadmin $ sudo chmod -R 744 phpmyadmin
There's a small amount of configuration necessary on phpMyAdmin itself. First, copy the sample config file, which we'll use as the basis of our actual one, then, open the config file:
$ sudo cp phpmyadmin/config.sample.inc.php phpmyadmin/config.inc.php $ sudo nano phpmyadmin/config.inc.php
Find the line that has
$cfg['blowfish_secret'] = ''; (it should be close to the top). The blowfish secret is a unique value for your instance of phpMyAdmin used for security purposes. We need a random string 32 characters in length. There are several pages which generate these for you, this one is the one I prefer since it specifies it sources it randomness from
/dev/urandom (without going into detail, a good thing). Once you have your value, copy it into the
blowfish_secret field, then save and exit by pressing Ctrl+X, Y, then enter.
To allow web access, we need to add an Apache configuration file for phpMyAdmin:
$ sudo nano /etc/apache2/conf-available/phpmyadmin.conf
Copy the configuration below into this file:
Alias /phpmyadmin /usr/share/phpmyadmin <Directory /usr/share/phpmyadmin> Options FollowSymLinks DirectoryIndex index.php AllowOverride all </Directory> # Disallow web access to directories that don't need it <Directory /usr/share/phpmyadmin/setup> Require all denied </Directory> <Directory /usr/share/phpmyadmin/libraries> Require all denied </Directory>
This does the following:
Finally, enable and apply this configuration:
$ sudo a2enconf phpmyadmin $ sudo systemctl reload apache2
If you're using MySQL 8, phpMyAdmin's support for it at present isn't ideal. For one, I've found that creating users doesn't work from within it, throwing syntax errors, so that'll likely something you need to do manually from the command line.
More importantly, if you have chosen to use MySQL 8's new authentication plugin
caching_sha2_password, you'll need a user which uses the traditional
mysql_native_password instead to login in to phpMyAdmin. You can create such a user by logging in via the command line (
mysql -u root -p) and executing the following:
CREATE USER 'newuser'@'localhost' IDENTIFIED WITH mysql_native_password BY 'password'; GRANT ALL PRIVILEGES ON *.* TO 'newuser'@'localhost' WITH GRANT OPTION; FLUSH PRIVILEGES;
There's a couple basic steps you can take to further secure your phpMyAdmin installation. Note these aren't mandatory, but are recommended.
The first is to change the alias by which phpMyAdmin is accessed from
/phpmyadmin to something else (by editing the
phpmyadmin.conf file we created earlier). This will drastically reduce the chances that someone will find the location of your phpMyAdmin login page.
The other is to employ "basic authentication", which in practice is just a user/password prompt upon attempting to access the page. Assuming you're still in the
/usr/share directory, create a
.htaccess file for phpmyadmin:
$ sudo nano phpmyadmin/.htaccess
Copy the following into it:
AuthType Basic AuthName "Restricted" AuthUserFile /etc/phpmyadmin/.htpasswd Require valid-user
AuthName controls the text that appears to the user with the user/password prompt and
AuthUserFile specifies where the user/password definition is held; you can customise either if you wish.
Then create the user/password combination:
$ sudo mkdir -p /etc/phpmyadmin $ sudo htpasswd -c /etc/phpmyadmin/.htpasswd username New password: Re-type new password: Adding password for user username
Finally, reload Apache to activate the changes:
$ sudo systemctl reload apache2
By this point you should be greeted by the phpMyAdmin login page when you navigate to the alias you specified. If you can login, you've successfully installed phpMyAdmin.