How To Install and Secure phpMyAdmin on Debian 9
Prerequisites
You will need to setup your server with LAMP stack, follow the link to install LAMP Stack
Installing phpMyAdmin
apt update
output:
root@vps:~# apt update
Get:1 http://security.debian.org/debian-security stretch/updates InRelease [94.3 kB]
Ign:2 http://ftp.us.debian.org/debian stretch InRelease
Get:3 http://ftp.us.debian.org/debian stretch-updates InRelease [91.0 kB]
Install phpmyadmin
apt install phpmyadmin php-mbstring php-gettext
output:
root@vps:~# apt install phpmyadmin php-mbstring php-gettext
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
We need to do is explicitly enable the mbstring PHP extension which is used to manage non-ASCII strings and convert strings to different encodings.
phpenmod mbstring
Restart Apache for your changes to be recognized:
systemctl restart apache2
Log in to the interface with the username as root and password you configured.
http://<your_server_ip>/phpmyadmin
Securing Your phpMyAdmin Instance
vi /etc/apache2/conf-available/phpmyadmin.conf
Add the following information
<Directory /usr/share/phpmyadmin>
Options FollowSymLinks
DirectoryIndex index.php
AllowOverride All
</Directory>
Restart Apache:
systemctl restart apache2
You can create the necessary file and open it in your text editor with root privileges
vi /usr/share/phpmyadmin/.htaccess
Enter the following information:
AuthType Basic
AuthName "Restricted Files"
AuthUserFile /etc/phpmyadmin/.htpasswd
Require valid-user
You can now create this file and pass it an initial user with the htpasswd utility:
sudo htpasswd -c /etc/phpmyadmin/.htpasswd username
You will be prompted to enter a password for the above mentioned user.
If you want to enter an additional user, you need to do so without the -c flag,
htpasswd /etc/phpmyadmin/.htpasswd additionaluser
Now, when you access your phpMyAdmin subdirectory, you will be prompted for the additional account name and password that you just configured:
https://<your_server_ip>/phpmyadmin