How To Install and Secure phpMyAdmin with Apache on a CentOS 7.x/RHEL7.x/Fedora 24.23
Introduction
Relational database management systems like MySQL and MariaDB are needed for a significant portion of web sites and applications. However, not all users feel comfortable administering their data from the command line.
To solve this problem, a project called phpMyAdmin was created in order to offer an alternative in the form of a web-based management interface. In this guide, we will demonstrate how to install and secure a phpMyAdmin configuration on a CentOS 7 server. We will build this setup on top of the Apache web server, the most popular web server in the world.
Step 1: Install phpMyAdmin
With our LAMP platform already in place, we can begin right away with installing the phpMyAdmin software. Unfortunately, phpMyAdmin is not available in CentOS 7’s and RHEL default repository.
To get the packages we need, we’ll have to add an additional repo to our system. The EPEL repo (Extra Packages for Enterprise Linux) contains many additional packages, including the phpMyAdmin package we are looking for.
The EPEL repository can be made available to your server by installing a special package called epel-release. This will reconfigure your repository list and give you access to the EPEL packages.
To install, just type:
#dnf -y install epel-release
Now that the EPEL repo is configured, you can install the phpMyAdmin package using the yum packaging system by typing:
#dnf -y install phpmyadmin
Open the file in your text editor now so that we can make a few changes:
#vi /etc/httpd/conf.d/phpMyAd
min.conf
Change any lines that read Require ip 127.0.0.1 or Allow from 127.0.0.1 to refer to your home connection’s IP address
When you are finished, restart the Apache web server to implement your modifications by typing:
# systemctl restart httpd.service
Step 2: Secure your phpMyAdmin Instance
Changing the Application’s Access Location
In order for our Apache web server to work with phpMyAdmin, our phpMyAdmin Apache configuration file uses an alias to point to the directory location of the files.
To change the URL where our phpMyAdmin interface can be accessed, we simply need to rename the alias. Open the phpMyAdmin Apache configuration file now:
#vi /etc/httpd/conf.d/phpMyAdmin.conf
To apply our intended changes, we should remove or comment out the existing lines and add our own:
# Alias /phpMyAdmin /usr/share/phpMyAdmin
# Alias /phpmyadmin /usr/share/phpMyAdmin
Alias /nothingtosee /usr/share/phpMyAdmin
When you are finished, save and close the file.
To implement the changes, restart the web service:
#systemctl restart httpd.service
Setting up a Web Server Authentication Gate
Open the phpMyAdmin Apache configuration file in your text editor again:
sudo nano /etc/httpd/conf.d/phpMyAdmin.conf
Within the /usr/share/phpMyAdmin directory block, but outside of any of the blocks inside, we need to add an override directive. It will look like this:
No brackets in youtube
Create an .htaccess File
Now that we have the override directive in our configuration, Apache will look for a file called .htaccess within the /usr/share/phpMyAdmin directory. If it finds one, it will use the directives contained within to supplement its previous configuration data.
Our next step is to create the .htaccess file within that directory. Use your text editor to do so now:
#/usr/share/phpMyAdmin/.htaccess
Within this file, we need to enter the following information:
AuthType Basic
AuthName “Admin Login”
AuthUserFile /etc/httpd/htpasswd
Require valid-user
Create the Password File for Authentication
Now that we have specified the location for our password file through the use of the AuthUserFile directive in our .htaccess file, we need to create and populate the password file.
This can be accomplished through the use of an Apache utility called htpasswd. We invoke the command by passing it the location where we would like to create the file and the username we would like to enter authentication details for:
#htpasswd -c /etc/httpd/htpasswd username
centos 7