How To Install and Secure phpMyAdmin on Debian 9

Prerequisites

You will need to setup your server with LAMP stack, follow the link to install LAMP Stack

Installing phpMyAdmin

apt update

output:

[email protected]:~#  apt update
Get:1 http://security.debian.org/debian-security stretch/updates InRelease [94.3 kB]
Ign:2 http://ftp.us.debian.org/debian stretch InRelease                        
Get:3 http://ftp.us.debian.org/debian stretch-updates InRelease [91.0 kB]  

Install phpmyadmin

apt install phpmyadmin php-mbstring php-gettext

output:

[email protected]:~# apt install phpmyadmin php-mbstring php-gettext
Reading package lists... Done
Building dependency tree        
Reading state information... Done
The following additional packages will be installed:

We need to do is explicitly enable the mbstring PHP extension which is used to manage non-ASCII strings and convert strings to different encodings.

phpenmod mbstring

Restart Apache for your changes to be recognized:

systemctl restart apache2

Log in to the interface with the username as root and password you configured.

http://<your_server_ip>/phpmyadmin

Securing Your phpMyAdmin Instance

vi /etc/apache2/conf-available/phpmyadmin.conf

Add the following information

<Directory /usr/share/phpmyadmin>
Options FollowSymLinks
DirectoryIndex index.php
AllowOverride All
</Directory>

Restart Apache:

systemctl restart apache2

You can create the necessary file and open it in your text editor with root privileges

vi /usr/share/phpmyadmin/.htaccess

Enter the following information:

AuthType Basic
AuthName "Restricted Files"
AuthUserFile /etc/phpmyadmin/.htpasswd
Require valid-user

You can now create this file and pass it an initial user with the htpasswd utility:

sudo htpasswd -c /etc/phpmyadmin/.htpasswd username

You will be prompted to enter a password for the above mentioned user.

If you want to enter an additional user, you need to do so without the -c flag,

htpasswd /etc/phpmyadmin/.htpasswd additionaluser

Now, when you access your phpMyAdmin subdirectory, you will be prompted for the additional account name and password that you just configured:

https://<your_server_ip>/phpmyadmin