How to Install & Configure phpMyAdmin on CentOS 8
Posted on
TABLE OF CONTENTS
- First, let’s go through the process of installing phpMyAdmin on CentOS 8.
- 2. Next, we will need to configure Apache to work with phpMyAdmin.
- Step 3: Set up SELinux and Firewall settings
- Configure the firewall settings to permit network traffic.
- 4. Proceed to test phpMyAdmin.
- Step 5: Secure Access to phpMyAdmin (Optional)
- Implement an additional layer of password authentication.
- Access phpMyAdmin using the new login information.
- In conclusion
- FAQs
PhpMyAdmin is a powerful tool for managing databases efficiently. It is commonly employed for remote management of MySQL or MariaDB databases.
In this tutorial, we will walk you through installing phpMyAdmin on a CentOS 8 system.
Requirements
- CentOS 8 Linux is installed on the server.
- Implementing a MySQL or MariaDB database
- Open the terminal window or command line by searching for it in your computer’s search bar.
- Account with elevated privileges
First, let’s go through the process of installing phpMyAdmin on CentOS 8.
The phpMyAdmin tool is not available in the default CentOS 8 repositories. Nevertheless, the file can be downloaded manually.
1. Open a terminal window and input the command below to initiate the download of the phpMyAdmin file:
wget https://files.phpmyadmin.net/phpMyAdmin/4.9.4/phpMyAdmin-4.9.4-all-languages.zip
Just a heads up: The current version of phpMyAdmin is 4.9.4, as of the time this article was written. Make sure to visit the developer’s download page to get the most up-to-date version.
Step 2: Unpack the .zip file archive.
unzip phpMyAdmin-4.9.4-all-languages.zip
3. Transfer the extracted files to the /usr/share/phpmyadmin directory.
sudo mv phpMyAdmin-4.9.4-all-languages.zip /usr/share/phpmyadmin
4. Navigate to different folders:
cd /usr/share/phpmyadmin
5. Give the sample php configuration file a new name:
sudo mv config.sample.inc.php config.inc.php
Step 6: Now, let’s open the php configuration file for editing.
sudo nano config.inc.php
7. Locate the specified line:
cfg['blowfish_secret'] = '';
8. Modify the line and input the new php root password within the single-quotes, like this:
cfg['blowfish_secret']='my_password';
9. Remember to save the file using the shortcut Ctrl+o and then close it with Ctrl+x.
10. Now, let’s proceed to create and set permissions on a temporary phpMyAdmin directory:
mkdir /usr/share/phpmyadmin/tmp
chown -R apache:apache /usr/share/phpmyadmin
chmod 777 /usr/share/phpmyadmin/tmp
2. Next, we will need to configure Apache to work with phpMyAdmin.
1. Generate an Apache configuration file:
sudo nano /etc/httpd/conf.d/phpmyadmin.conf
2. This generates a fresh, empty configuration file. Please input the code below:
Alias /phpmyadmin /usr/share/phpmyadmin
<Directory /usr/share/phpmyadmin/>
AddDefaultCharset UTF-8
<IfModule mod_authz_core.c>
# Apache 2.4
<RequireAny>
Require all granted
</RequireAny>
</IfModule>
<IfModule !mod_authz_core.c>
# Apache 2.2
Order Deny,Allow
Deny from All
Allow from 127.0.0.1
Allow from ::1
</IfModule>
</Directory>
<Directory /usr/share/phpmyadmin/setup/>
<IfModule mod_authz_core.c>
# Apache 2.4
<RequireAny>
Require all granted
</RequireAny>
</IfModule>
<IfModule !mod_authz_core.c>
# Apache 2.2
Order Deny,Allow
Deny from All
Allow from 127.0.0.1
Allow from ::1
</IfModule>
</Directory>
3. Save the file using the keyboard shortcut Ctrl+o and exit by pressing Ctrl+x.
4. Lastly, you’ll need to restart the Apache service in order for the changes made in the configuration file to take effect.
systemctl restart httpd
Please run the command “systemctl status httpd” to check if Apache has restarted and is currently running.
Step 3: Set up SELinux and Firewall settings
SELinux is an acronym for Security-Enhanced Linux. This enhancement at the kernel level is designed to enhance security. Modify this protocol to enable phpMyAdmin functionality.
1. Begin by installing the software package listed below:
yum –y install policycoreutils-python-utils
It is possible that certain versions of CentOS 8 already come with this package pre-installed. Given this scenario, the output signifies that it is not relevant and you can proceed to the subsequent step.
2. To grant access to the phpmyadmin directory, execute the following commands:
semanage fcontext –a –t httpd_sys_rw_content_t '/usr/share/phpmyadmin/'
semanage fcontext –a –t httpd_sys_rw_content_t "usr/share/phpmyadmin/tmp(/.*)?"
restorecon -Rv '/usr/share/phpmyadmin/'
It may take a moment for the first two commands to complete. The third command iterates through the phpmyadmin directory to implement the modifications.
Configure the firewall settings to permit network traffic.
1. Use the following command to create a firewall rule that allows HTTP traffic:
firewall–cmd ––permanent ––add-service=http
2. Remember to reload the firewall after making these modifications.
firewall-cmd ––reload
4. Proceed to test phpMyAdmin.
1. Launch a web browser and go to the specified URL:
localhost/phpmyadmin
The browser should show the phpMyAdmin login page. Nevertheless, when you make an attempt to log in, an error message might pop up:
“The client encountered an authentication method that is not recognized by the server.”
This error results from the password authentication mechanism being upgraded in MySQL 8.x. This authentication method has not been implemented in the latest version of PhpMyAdmin.
To bypass this measure, you can open the MySQL shell and change the root user.
mysql –u root –p
password
ALTER USER ‘root’@’localhost’ IDENTIFIED WITH myswl_native_password BY ‘password’;
ALTER ‘root’@’localhost’ IDENTIFIED WITH myswl_native_password BY ‘password’;
3. Use the specific password you set when securing the MySQL installation.
4. Please refresh the web browser phpMyAdmin page and proceed to log in using your MySQL username and password.
Step 5: Secure Access to phpMyAdmin (Optional)
By now, you should have successfully set up the phpMyAdmin utility. This section provides valuable insights on how to safeguard sensitive databases from unauthorized access.
Restrict phpMyAdmin Access to a Specific IP Address
1. Open the phpmyadmin.conf file in a text editor (let’s use nano):
sudo nano /etc/httpd/conf.d/phpmyadmin.conf
2. Locate the following sections:
Require all granted
3. Use the following lines instead:
Require ip your_system's_ip_address
Require ip ::1
4. Save and close the file.
Note: Please replace “your_system’s_ip_address” with the system’s actual IP address. If you need to enable access for multiple systems, include a line for each IP address.
Implement an additional layer of password authentication.
1. Generate a fresh authentication file. Open up a terminal window and type in the following command:
mkdir /etc/phpmyadmin
htpasswd –c /etc/phpmyadmin/.htpasswd admin
2. You will be asked to provide and verify an administrator password. Please complete the task and remember to document the password.
3. Now, let’s make some changes to Apache so that it can use .htpasswd. Open the file /etc/httpd/conf.d/phpmyadmin.conf and update it accordingly:
nano /etc/httpd/conf.d/phpmyadmin.conf
4. Add the following lines just below the AddDefaultCharset UTF-8 line:
Options +FollowSymLinks +Multiviews +Indexes
AllowOverride None
AuthType basic
AuthName "Authentication Required"
AuthUserFile /etc/phpmyadmin/.htpasswd
Require valid-user
5. Save the file and exit.
6. Lastly, restart Apache.
systemctl restart httpd
Access phpMyAdmin using the new login information.
1. Return to localhost/phpmyadmin.
2: Input the newly-created administrator username and password.
You should be directed to the main login screen, which is displayed after the preceding section.
In conclusion
By carefully following the steps outlined in this guide, you have now successfully installed and configured phpMyAdmin on your CentOS 8 system. This setup not only allows for efficient management of MySQL or MariaDB databases but also incorporates enhanced security measures to protect your database access. With phpMyAdmin, you can now efficiently handle database operations and ensure your data is securely managed through a web interface. Remember to periodically check for updates to maintain security and functionality. Implement this powerful software tool to efficiently handle and organize your MySQL databases.
FAQs
PhpMyAdmin is a free and open-source administration tool for MySQL and MariaDB. It provides a web-based interface to manage, modify, and interact with databases.
PhpMyAdmin is not included in the default CentOS 8 repositories due to policy and maintenance decisions by the CentOS maintainers. It must be downloaded manually from the official phpMyAdmin website.
You can download phpMyAdmin using the wget command to retrieve the zip file from the phpMyAdmin website, as specified in the tutorial.
Essential security measures include setting a blowfish secret in the config file, configuring Apache with appropriate directory permissions, adjusting SELinux policies, setting up firewall rules, and optionally restricting access to specific IP addresses and adding HTTP authentication.
You can resolve this by updating the authentication method for the MySQL root user to `mysql_native_password`, as detailed in the tutorial.
SELinux (Security-Enhanced Linux) provides additional access controls. Configuring SELinux for phpMyAdmin ensures that web server processes have the appropriate permissions to work with phpMyAdmin files, enhancing the security of the system.
Use the command `systemctl status httpd` to verify that Apache has restarted and is running without issues.
Check Apache and PHP error logs for detailed messages. Ensure all configuration files are correctly set up and permissions are correctly assigned.
Yes, phpMyAdmin requires a temporary directory to handle sessions and other temporary files. This directory should be writable by the web server.
It’s advisable to check for updates regularly, especially when security patches or new features are released. Staying updated helps protect your databases against vulnerabilities.