phpMyadmin is a web-based GUI (graphical user interface) that allows administrators to create, store and edit databases that are created with MySQL. While you can interact directly with the system console from the MySQL prompt, having a GUI is preferred by many database administrators.
In this tutorial, we will show you how to install phpMyAdmin with Nginx on CentOS 7.
Prerequisites
Before we get started, you will need the following:
- Connection to the server via SSH
- LEMP installed on your CentOS server.
- Access to the root user or a user with Sudo privileges
- Basic understanding of Linux commands
Step 1: Installing phpMyAdmin
Now that we have access to the server via SSH and that the server is equipped with the LEMP stack, let’s install phpMyAdmin. Since it’s not available from the CentOS default repository, we will download the EPEL repository.
To install EPEL, enter the following command:
sudo yum install epel-release
Now, we can go ahead and install phpMyAdmin.
sudo yum install phpmyadmin
Before running this command, be sure that you have Nginx and PHP 7 installed on your system. This is crucial for the tutorial to proceed further.
Once the installation is complete, we need to create a symbolic link between the installation files to our Nginx document. This needs to be done so that the Nginx web server can find and serve the phpMyAdmin files correctly.
sudo ln -s /usr/share/phpMyAdmin /usr/share/nginx/html
Restart the PHP processor and Nginx so that the changes made will come into effect:
sudo systemctl restart php-fpm
systemctl restart nginx
With that, our phpMyAdmin installation is now operational. The next part of the tutorial is to connect to the phpMyadmin web interface.
Step 2: Accessing phpMyAdmin web interface
Now that the server is up and running, you can access the web user interface through the web browser. Enter the following command on your web browser.
http(s)://your_domain_or_ip_address/phpmyadmin
Don’t forget to enter your own IP address (or domain name).
Enter the username and password and click on Go.
Once you log in, you’ll see the phpMyAdmin dashboard, which will look something similar to this one:
You can click around to get familiar with the interface and what each of them does.
Step 3: Change the login URL
With the web interface, the work gets easier but it also poses a security threat. By doing this we have exposed our MySQL system to the rest of the world. To combat this we will change the URL of the web interface.
In order for our Nginx webserver to find and serve our phpMyAdmin files, we created a symbolic link from the phpMyAdmin directory to our document root in an earlier step. To change the URL we will need to change the name of the symbolic link. To do this enter the following commands:
cd /usr/share/nginx/html
ls -l
-rw-r--r-- 1 root root 537 Aug 5 08:15 50x.html
-rw-r--r-- 1 root root 612 Aug 5 08:15 index.html
lrwxrwxrwx 1 root root 21 Aug 6 17:29 phpMyAdmin -> /usr/share/phpMyAdmin
As you can see we have a symbolic link called phpMyAdmin in this directory and we should change it to something else. This will change the location where phpMyAdmin can be accessed from a browser, which can help obscure the access point from hard-coded bots.
To rename the link enter the following:
sudo mv phpMyAdmin notimportant
ls -l
-rw-r--r-- 1 root root 537 Aug 5 08:15 50x.html
-rw-r--r-- 1 root root 612 Aug 5 08:15 index.html
lrwxrwxrwx 1 root root 21 Aug 6 17:29 notimportant -> /usr/share/phpMyAdmin
Now to access the web interface, instead of using the previous URL, you will need to use the following:
http://server_domain_or_IP/ notimportant
Step 4: Web server authentication
As an additional layer of security, we will now set up authentication for Nginx. To do this, first, we will create a password file to store the authentication credentials. Enter the following command but remember to change tester to match your username.
htpasswd -c /etc/nginx/.htpasswd tester
New password:
Re-type new password:
Adding password for user tester
There should now be an .htpasswd file containing your username and encrypted password. You can check with:
cat /etc/nginx/.htpasswd
username:$apr1$vXURQ.rv$f6S86nCX.fKfjbYNTUPzV.
Now we are ready to modify our Nginx configuration file. Open this file using the nano text editor to get started:
nano /etc/nginx/conf.d/default.conf
Within this file, we need to add a new location section. This will target the location we chose for our phpMyAdmin interface (we selected /notimportant in this tutorial).
Create this section within the server block, but outside of any other blocks. Within this block, we need to set the value of a directive called auth_basic to an authentication message that our prompt will display to users. We do not want to indicate to unauthenticated users what we are protecting, so do not give specific details. We will just use "Admin Login" in our example.
We then need to use a directive called auth_basic_user_file to point our web server to the authentication file that we created. Nginx will prompt the user for authentication details and check that the inputted values match what it finds in the specified file.
The file should look like this:
server {
...
location / notimportant {
auth_basic "Admin Login";
auth_basic_user_file /etc/nginx/.htpassword;
}
...
}
To implement the changes on the webserver, enter the following command:
systemctl restart nginx
Now, if we visit our phpMyAdmin location in our web browser. You should be prompted for the username and password you added to the .htpassword file:
http://server_domain_or_IP/ notimportant
Once you enter your credentials, you will be taken to the normal phpMyAdmin login page.
Conclusions
Congratulations, you have successfully installed and secured phpMyAdmin with Nginx on CentOS 7. You can now manage your MySQL databases from a reasonably secure web interface. This UI exposes most of the functionality that is available from the MySQL command prompt. You can view databases and schema, execute queries, and create new data sets and structures.