Tags Archives: phpmyadmin

How To Install PHPMyAdmin

Below are my notes on the installation of PHPMyAdmin on Ubuntu 20.

 

 

Install the PHPMyAdmin and related dependency packages

 

 

apt install phpmyadmin php-mbstring php-zip php-gd php-json php-curl

 

 

For the server selection, choose apache2

 

Then choose and confirm a MySQL application password for phpMyAdmin

 

I checked dbcommon checked for the database installation.

 

However, I was unable to continue due to a mariadb error message.

 

Suggested solutions involving disabling and re-enabling the Validate Password plugin did not work

 

Instead I had to spring over this point and continue without creating the database.

 

Then at the completion of the installation process, I went into mysql command line and created the database and user manually (see further below).

 

 

 

Create the PHPMyAdmin Database in mysql/mariadb

 

login to mysql using: (enter your mysql root password)

 

root@gemini:/etc/apache2/sites-available# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 33108
Server version: 10.3.34-MariaDB-0ubuntu0.20.04.1 Ubuntu 20.04

 

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

 

Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the current input statement.

 

MariaDB [(none)]>

 

 

First I tried the suggested solution:

 

From the prompt, run the following command to disable the Validate Password component.

 

 

UNINSTALL COMPONENT “file://component_validate_password”;

 

This does not work with mariadb!

 

 

MariaDB [(none)]> UNINSTALL COMPONENT “file://component_validate_password”;
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ‘COMPONENT “file://component_validate_password”‘ at line 1

 

MariaDB [(none)]> show databases ;
+——————–+
| Database |
+——————–+
| information_schema |
| kevwells |
| mysql |
| nextcloud |
| performance_schema |
| wordpress |
+——————–+
6 rows in set (0.002 sec)

MariaDB [(none)]>

 

MariaDB [(none)]> uninstall plugin validate_password;
ERROR 1305 (42000): PLUGIN validate_password does not exist
MariaDB [(none)]>

 

 

 

CREATE DATABASE phpmyadmin DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;

 

 

MariaDB [(none)]>
MariaDB [(none)]> CREATE DATABASE phpmyadmin DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;
Query OK, 1 row affected (0.003 sec)

 

 

 

NOTE FOR MARIADB:

 

USE THE CORRECT QUOTES ‘ ‘   – Else the user definitions etc will not be correct!

 

 

root@asus:/etc/apache2# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 100
Server version: 10.3.29-MariaDB-0ubuntu0.20.10.1 Ubuntu 20.10

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the current input statement.

MariaDB [(none)]>
MariaDB [(none)]> show databases ;
+——————–+
| Database |
+——————–+
| information_schema |
| mysql |
| performance_schema |
| phpmyadmin |
| wordpress |
+——————–+
5 rows in set (0.000 sec)

 

MariaDB [(none)]> CREATE USER ‘phpmyadmin’@localhost ;
Query OK, 0 rows affected (0.001 sec)

MariaDB [(none)]>

MariaDB [(none)]> SET PASSWORD FOR ‘phpmyadmin’@localhost = PASSWORD(‘***COMMENTEDOUT!**’);
Query OK, 0 rows affected (0.000 sec)

MariaDB [(none)]>

 

 

MariaDB [(none)]> GRANT ALL PRIVILEGES ON *.* TO ‘phpmyadmin’@’localhost’ WITH GRANT OPTION ;
Query OK, 0 rows affected (0.000 sec)

MariaDB [(none)]>

 

SHOW GRANTS FOR ‘phpmyadmin’@’localhost’ ;

 

MariaDB [(none)]> flush privileges ;
Query OK, 0 rows affected (0.000 sec)

MariaDB [(none)]> SHOW GRANTS FOR ‘phpmyadmin’@localhost;
+———————————————————————————————————————————————-+
| Grants for phpmyadmin@localhost |
+———————————————————————————————————————————————-+
| GRANT ALL PRIVILEGES ON *.* TO `phpmyadmin`@`localhost` IDENTIFIED BY PASSWORD ‘****COMMENTEDOUT!**’ WITH GRANT OPTION |
+———————————————————————————————————————————————-+
1 row in set (0.000 sec)

MariaDB [(none)]>

 

 

Then, configure apache2 to enable phpMyAdmin:

 

nano /etc/apache2/apache2.conf

 

add the following line to the end of the file:

 

Include /etc/phpmyadmin/apache.conf

 

Then restart apache

 

systemctl restart apache2

 

 

you should then be able to access phpmyadmin:

 

http://localhost/phpmyadmin

 

enter your phpmyadmin username and your phpmyadmin password that you set as above.

 

 

 

Verify your new user has the right permissions

 

NOTE

 

 

If you made a mistake you can undo the steps above by executing the following commands, – replacing localhost with ‘%’ if you changed it in the previous commands:

 

eg

 

DROP USER myuser@localhost;
DROP DATABASE mydb;

 

 

 

 

Set the Database User Privileges for the phpmyadmin User

 

however, in phpmyadmin we have the following errors:

 

 

 

mysqli_real_connect(): (HY000/1045): Access denied for user ‘phpmyadmin’@’localhost’ (using password: YES)
Connection for controluser as defined in your configuration failed.

 

 

and we cannot see any databases!

 

The clue comes from the following message:

 

 

 

No Privileges

Database Ascending Collation Action

 

information_schema utf8_general_ci Check privileges Check privileges
phpmyadmin utf8_unicode_ci Check privileges Check privileges
Total: 2 utf8mb4_general_ci
Note: Enabling the database statistics here might cause heavy traffic between the web server and the MySQL server.
Enable statistics
Open new phpMyAdmin window
mysqli_real_connect(): (HY000/1045): Access denied for user ‘phpmyadmin’@’localhost’ (using password: YES)
Connection for controluser as defined in your configuration failed.

 

 

 

so, we have to increase the privileges for the user phpmyadmin

 

 

contents of following file:

 

root@gemini:/var/www/wordpress# nano /etc/phpmyadmin/config-db.php
root@gemini:/var/www/wordpress#

GNU nano 4.8 /etc/phpmyadmin/config-db.php
<?php
##
## database access settings in php format
## automatically generated from /etc/dbconfig-common/phpmyadmin.conf
## by /usr/sbin/dbconfig-generate-include
##
## by default this file is managed via ucf, so you shouldn’t have to
## worry about manual changes being silently discarded. *however*,
## you’ll probably also want to edit the configuration file mentioned
## above too.
##
$dbuser=’phpmyadmin’;
$dbpass=’****COMMENTED OUT HERE!’;
$basepath=”;
$dbname=’phpmyadmin’;
$dbserver=’localhost’;
$dbport=’3306′;

 

 

MariaDB [mysql]> CREATE USER ‘phpmyadmin’@localhost IDENTIFIED BY ‘**COMMENTED OUT**’;
Query OK, 0 rows affected (0.001 sec)

 

MariaDB [mysql]>

 

 

MariaDB [(none)]> GRANT ALL privileges ON ‘phpmyadmin’.* TO ‘phpmyadmin’@localhost IDENTIFIED BY ‘*COMMENTED OUT**’;
Query OK, 0 rows affected (0.001 sec)

MariaDB [(none)]>

 

 

MariaDB [(none)]> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.003 sec)

MariaDB [(none)]>

 

 

CREATE USER ‘phpmyadmin’@localhost IDENTIFIED BY ‘** COMMENTED OUT**’;

 

GRANT ALL privileges ON ‘phpmyadmin’.* TO ‘phpmyadmin’@localhost IDENTIFIED BY ‘** COMMENTED OUT**’;

 

 

MariaDB [mysql]> flush privileges ;
Query OK, 0 rows affected (0.001 sec)

MariaDB [mysql]>

 

 

 

this is now better, the errors in phpmyadmin dashboard are gone, but we only see 2 databases.

 

the information schema and the phpmyadmin one – .the wordpress, nextcloud and mysql ones are not shown.

 

This is because we have no privileges for these.

 

 

 

MariaDB [mysql]> SHOW GRANTS FOR ‘phpmyadmin’@localhost;
+——————————————————————————————————————-+
| Grants for phpmyadmin@localhost |
+——————————————————————————————————————-+
| GRANT USAGE ON *.* TO `phpmyadmin`@`localhost` IDENTIFIED BY PASSWORD ‘*COMMENTED OUT**’ |
| GRANT ALL PRIVILEGES ON `phpmyadmin`.* TO `phpmyadmin`@`localhost` |
+——————————————————————————————————————-+
2 rows in set (0.000 sec)

MariaDB [mysql]>

 

 

So, we need to do a

 

grant create on *.* to phpmyadmin@localhost;

 

 

MariaDB [mysql]> SHOW GRANTS FOR ‘phpmyadmin’@localhost;
+——————————————————————————————————————-+
| Grants for phpmyadmin@localhost |
+——————————————————————————————————————-+
| GRANT USAGE ON *.* TO `phpmyadmin`@`localhost` IDENTIFIED BY PASSWORD ‘*****COMMENTED OUT**’ |
| GRANT ALL PRIVILEGES ON `phpmyadmin`.* TO `phpmyadmin`@`localhost` |
+——————————————————————————————————————-+
2 rows in set (0.000 sec)

MariaDB [mysql]> grant create on *.* to phpmyadmin@localhost;
Query OK, 0 rows affected (0.001 sec)

MariaDB [mysql]> flush privileges ;
Query OK, 0 rows affected (0.001 sec)

MariaDB [mysql]> SHOW GRANTS FOR ‘phpmyadmin’@localhost;
+——————————————————————————————————————–+
| Grants for phpmyadmin@localhost |
+——————————————————————————————————————–+
| GRANT CREATE ON *.* TO `phpmyadmin`@`localhost` IDENTIFIED BY PASSWORD ‘***COMMENTED OUT ***’ |
| GRANT ALL PRIVILEGES ON `phpmyadmin`.* TO `phpmyadmin`@`localhost` |
+——————————————————————————————————————–+
2 rows in set (0.000 sec)

MariaDB [mysql]>

 

note it now looks like this:

 

GRANT CREATE ON

 

instead of

 

GRANT USAGE ON

 

As a result in phpmyadmin we can now see all the databases displayed and the user “phpmyadmin” has full privileges in the system.

 

 

 

Modify Apache Config 

 

 

We also have to modify the apache2.conf:

 

sudo nano /etc/apache2/apache2.conf

 

 

Then add the following line to the end of the file.

 

Include /etc/phpmyadmin/apache.conf

 

 

Then restart apache:

 

sudo systemctl restart apache2

 

then, you can login to phpmyadmin using:

 

https://kevwells.com/phpmyadmin/

 

 

this now works

 

 

 

Add an .htaccess Login Protection Layer

 

 

Create an htaccess protection login layer for phpmyadmin. This helps protect the PHPMyAdmin dashboard against hacker attempts by creating a pre-login window which has to be passed first by anyone logging in before they are permitted to reach the actual PHPMyAdmin dashboard login page.

 

 

edit the phpmyadmin.conf file in your Apache configuration directory.

 

sudo nano /etc/apache2/conf-available/phpmyadmin.conf

 

Add an AllowOverride All directive within the <Directory /usr/share/phpmyadmin> section of the configuration file:

 

 

<Directory /usr/share/phpmyadmin>
Options SymLinksIfOwnerMatch
DirectoryIndex index.php
AllowOverride All

</Directory>

 

 

 Next, create the .htaccess file for PHPMyAdmin:

 

 

nano /usr/share/phpmyadmin/.htaccess

 

 

AuthType Basic
AuthName “Restricted Files”
AuthUserFile /etc/phpmyadmin/.htpasswd
Require valid-user

 

 

 

AuthType Basic: This specifies the authentication type you are using. This type implements password authentication by means of a password file that we will create.

 

AuthName: This sets the message for the authentication dialog box. Keep this generic so unauthorized users don’t gain any information about what is being protected.

 

AuthUserFile: This defines the location of the password file to be used for authentication. This should be outside of the directory tree that is being served.

 

Require valid-user: This specifies only authenticated users to be given access to this resource.

 

 

The location we selected for our password file is /etc/phpmyadmin/.htpasswd.

 

Next create this file using the htpasswd utility:

 

sudo htpasswd -c /etc/phpmyadmin/.htpasswd username

 

You are then prompted to select and confirm a password for the user you’re creating for .htaccess.

 

The file will then created with the hashed password that you entered.

 

 

htpasswd -c /etc/phpmyadmin/.htpasswd <user we are creating for .htaccess>

 

root@gemini:/etc/apache2# htpasswd -c /etc/phpmyadmin/.htpasswd <the user name you will deploy for this .htaccess login>
New password: <the password you wish to use for this .htaccess login>
Re-type new password:

root@gemini:/etc/apache2#
root@gemini:/etc/apache2#

 

 

 

 

Next, set the conf-available/phpmyadmin.conf

 

root@gemini:/etc/apache2/conf-available# a2enconf phpmyadmin.conf

 

 

Then restart Apache to put .htaccess authentication into effect:

 

sudo systemctl restart apache2

 

 

The .htaccess login window prompt will then appear before you can login to the phpmyadmin dashboard.

 

 

Continue Reading