Introduction

phpMyAdmin is a software tool used for managing MySQL databases through a graphical interface. The tool can be configured to maintain a local database or a remote database over the network.

This software can replace the default command-line interface you use for database management.

In this article, you will learn how to install and secure phpMyAdmin on Debian 9.

how to install and secure phpmyadmin on debian9

Prerequisites

  • LAMP stack (Linux, Apache, MySQL, PHP) installed and configured on the server
  • Access to a user account with root privileges (ability to use the sudo command)
  • A Debian 9 operating system, configured for LAMP
    • The stack should include a database, which already has a root user
    • MySQL is a common choice, but MariaDB can also work
  • Access to a command prompt

Installing phpMyAdmin on Debian 9

Step 1: Refresh Latest Version of Software Packages

The software package for phpMyAdmin is part of the default software repositories. However, you still need to ensure you’re getting the latest version.

Refresh the repository index and upgrade the packages with the following command:

sudo apt update && sudo apt upgrade

Warning: Do not skip this step! Some of the older versions of phpMyAdmin had security flaws and could allow unauthorized users to access your database.


Step 2: Install phpMyAdmin

To install phpMyAdmin, enter:

sudo apt install phpmyadmin

The system runs through several automated steps and asks you for confirmation. Enter Y and give it a minute to complete. Once it finishes, a configuration screen loads.

Step 3: Configure phpMyAdmin

1. The first prompt asks you to choose which web server to reconfigure automatically. Make sure apache2 is selected, and click OK.

phpMyAdmin configuration window, selecting a web server.

Let the setup go through the process until the next step.

2. On the following screen, the wizard asks if you want to configure the database for phpmyadmin with dbconfig-common. Choose Yes as we will not deal with the advanced set up in this guide.

phpMyadmin configuration, selecting dbconfig-common

3. Next, enter a password for phpMyAdmin and confirm it. If you do not want to specify your password, leave the space blank to auto-generate one. You will use this password later to access phpMyAdmin.

Set password for phpMyAdmin

4. In the end, the installer requests your root password for the database. Provide the password and select OK.

5. Confirm phpMyAdmin is installed and that it contains a configuration. Navigate to the configuration file:

/etc/apache2/conf-enabled/phpmyadmin.conf

If you are an advanced user and you have any custom configurations to add, you can edit this file with your favorite text editor for linux.


Note: If you are running the new version of Debian, check out our guide on installing phpMyAdmin on Debian 10 (Buster).


Securing phpMyAdmin

The Alias is a line in the configuration file that specifies the web address used to access the application. Therefore, since many hackers and bots target the default configuration, it’s a good idea to change the alias.

1. First, open the phpmyadmin configuration file by entering:

sudo vim /etc/apache2/conf-enabled/phpmyadmin.conf

2. Search for the line that says:

Alias /phpmyadmin /usr/share/phpmyadmin

3. Flag this line as a comment by adding a # sign at the beginning:

# Alias /phpmyadmin /usr/share/phpmyadmin

4. Then, type a new line below it and change the alias, for example:

Alias /phpmyadmin /usr/share/MySecretLogin

5. Save the file and exit.

Refresh Apache Web Services

To refresh Apache web services, use the command:

sudo service apache2 restart

Access phpMyAdmin

Open a web browser and enter the IP address of your server, followed by the alias you configured earlier.

http://IP_ADDRESS_or_DOMAIN/MySecretLogin

If you did not change the alias, the default URL is:

http://IP_ADDRESS_or_DOMAIN/phpmyadmin

The webpage should display a login screen for phpMyAdmin.

phpMyAdmin Login Page

Enter the username and password for your database user, and you’ll be able to manage the database utilities from the graphical interface.

Conclusion

Now you have phpMyAdmin installed and configured on your Debian 9 server.

The phpMyAdmin software package takes a lot of the pain out of managing a database via the command line. Most database administrators consider it a staple of their installation.


Next you should also read