قالب وردپرس درنا توس
Home / How To / Install and secure phpMyAdmin on CentOS 8

Install and secure phpMyAdmin on CentOS 8



phpMyAdmin is a free and open source tool for managing MySQL and MariaDB servers through a web-based interface. With phpMyAdmin, you can create and manage databases and users, execute SQL statements, import and export data, and perform database activities such as, create, delete, tables, columns, indexes, permissions, and many more. phpMyAdmin is one of the most popular and most widely used management tools, especially for web hosting services.

Features

  • Provides simple and user-friendly web interface.
  • Import data from CSV and SQL.
  • Support most MySQL functions including, create, copy, drop, rename, drop and change databases, tables, fields and indexes.
  • Allows you to export data to various formats such as PDF, CSV, SQL, XML and many more. [1
    9659004] Manage multiple servers.
  • Create complex questions using Query-by-example (QBE).

In this tutorial, we will show you how to install and secure phpMyAdmin on CentOS 8 server.

Requirements [19659011] A server running CentOS 8.
  • A root password is configured on the server.
  • Installing LAMP Server

    First you need to install Apache, MariaDB, PHP and other PHP libraries on your server. You can install all with the following command:

      dnf install httpd mariadb server php php-pdo php-pecl-zip php-json php-common php-fpm php-mbstring php-cli php-mysqlnd php-json php-mbstring wget unzip 

    Once all packages are installed, launch Apache and MariaDB service and enable them to boot after system startup with the following command:

      systemctl start httpd 
    systemctl start mariadb
    systemctl enable httpd
    systemctl enable mariadb

    When you are finished, you can proceed to the next step.

    Configuring MariaDB

    By default, MariaDB is not secured. So you have to secure it first. You can do this by running the script mysql_secure_installation:

      mysql_secure_installation 

    Answer all questions shown below:

      Set root password? [Y/n] Y
    New password:
    Delete anonymous users? [Y/n] Y
    Remove root login remotely? [Y/n] Y
    Delete the test database and access it? [Y/n] Y
    Reload privilege tables now? [Y/n] Y
    

    When you're done, you should see the following output:

      ... Success!
    
    Cleaning up ...
    
    All ready! If you have completed all of the above steps, your MariaDB
    installation should now be secure.
    
    Thank you for using MariaDB!
    

    At this point, your MariaDB installation is secure.

    Installing phpMyAdmin

    By default, phpMyAdmin is not available in the CentOS 8 repository. So you need to download the latest version of phpMyAdmin from their official website. You can download it with the following command:

      wget https://files.phpmyadmin.net/phpMyAdmin/4.9.2/phpMyAdmin-4.9.2-all-languages.zipebrit19659016??When downloaded, unzip the downloaded file with the following command: 

      unzip phpMyAdmin-4.9.2-all-languages.zip 

    Then move the extracted content to the / usr / share directory as shown below:

      etc. phpMyAdmin-4.9.2- all- language / usr / share / phpmyadmin 

    Then change the directory to / usr / share / phpmyadmin and rename the config.sample.inc.php:

      cd / usr / share / phpmyadmin 
    etc. config.sample .inc.php config.inc.php

    Then open the file with your favorite text editor as shown below:

      nano config.inc.php 

    Modify the following line:

      $ cfg ['blowfish_secret'] = & # 39 ; your-secret password & # 39 ;;
    

    Save and close the file when you are done. Then import create_tables.sql with the following command:

      mysql </usr/share/phpmyadmin/sql/create_tables.sql -u root -p 

    Enter your root password when prompted to import the table. [19659002] Then create a tmp directory for phpmyadmin and give the correct permissions:

      mkdir / usr / share / phpmyadmin / tmp 
    chown -R apache: apache / usr / share / phpmyadmin
    chmod 777 / usr / share / phpmyadmin / tmp

    Configuring Apache for phpMyAdmin

    Next, you must create an Apache virtual host configuration file for phpMyAdmin. You can create it with the following command:

      nano /etc/httpd/conf.d/phpmyadmin.confebrit19659016??Add the following lines: 

      Alias ​​/ phpmyadmin / usr / share / phpmyadmin
    
    
    AddDefaultCharset UTF-8
    
    
    # Apache 2.4
    
    Require everyone granted
    
       
       
           # Apache 2.2
    Order Refuse, allow
    Deny from everyone
    Allow from 127.0.0.1
    Allow from :: 1
    
    
    
    
       
           # Apache 2.4
    
    Require everyone granted
    
       
       
           # Apache 2.2
    Order Refuse, allow
    Deny from everyone
    Allow from 127.0.0.1
    Allow from :: 1
    
    
    

    Save and close the file when you are done. Then restart the Apache service with the following command:

      systemctl restart httpd 

    You can check Apache status with the following command:

      systemctl status httpd 

    You should see the following output: [19659023]? httpd.service - Apache HTTP server
    Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor setting: disabled)
    Drop-In: /usr/lib/systemd/system/httpd.service.d
    ?? php fpm.conf
    Active: active (running) since Wednesday 2019-12-18 01:07:52 EST; 6s ago
    Document: man: httpd.service (8)
    Main PID: 5636 (httpd)
    Status: "Started, listening to: port 80"
    Details: 213 (limit: 25044)
    Memory: 28.7M
    CGroup: /system.slice/httpd.service
    ?? 5636 / usr / sbin / httpd -DFOREGROUND
    ?? 5639 / usr / sbin / httpd -DFOREGROUND
    ?? 5640 / usr / sbin / httpd -DFOREGROUND
    ?? 5641 / usr / sbin / httpd -DFOREGROUND
    ?? 5642 / usr / sbin / httpd -DFOREGROUND

    Dec 18 01:07:52 centos8 systemd [1]: Stopped the Apache HTTP server.
    Dec 18 01:07:52 centos8 systemd [1]: Launch Apache HTTP server ...
    Dec 18 01:07:52 centos8 httpd [5636]: AH00558: httpd: Could not reliably determine the server's fully qualified domain name with fe80 :: 200: d0>
    Dec 18 01:07:52 centos8 httpd [5636]: Server configured, listens to: port 80
    Dec 18 01:07:52 centos8 systemd [1]: Started Apache HTTP server.

    Configuring SELinux and firewall

    By default, SELinux is enabled in CentOS 8. So you need to configure SELinux for phpMyAdmin to work properly.

    First install the policycoreutils-python-utils package to manage a SELinux environment with the following command:

      dnf install policycoreutils-python-utils 

    Then enable access to / usr / share / phpmyadmin directory with the following command:

      semanage fcontext -a -t httpd_sys_rw_content_t & # 39; / usr / share / phpmyadmin / & # 39; 
    semanage fcontext -at httpd_sys_rw_content_t "/usr/share/phpmyadmin/tm " Chapter19659016 ?? When returning through all the files in your phpmyadmin directory by running the following command:

      restorecon -Rv & # 39; / usr / share / phpmyadmin / & # 39; 

    Next, you must create a firewall rule to allow HTTP service from external networks. You can allow it with the following command:

      firewall-cmd --permanent --add-service = http 
    firewall-cmd - reload

    phpMyAdmin is now installed and configured. Now it's time to check if it works or not.

    Open your browser and enter the URL http: // your-server-ip / phpmyadmin. You will be redirected to the following page:

     PHPMyAdmin login

    Secure phpMyAdmin

    At this point, the phpMyAdmin instance is working properly. However, securing your phpMyAdmin instance from the outside world is an important task for you. In this section we will show you how to secure your phpMyAdmin instance.

    Allow phpMyAdmin from Specific IP

    First, you must configure your phpMyAdmin so that it is only accessible from the home address's IP address.

    You can configure it by editing /etc/httpd/conf.d/phpmyadmin.conf file:

      nano /etc/httpd/conf.d/phpmyadmin.confebrit19659016achteFind the following lines: 

      
    Require everyone granted
    
    

    And replace them with the following:

      
    Require ip your home - connection ip address
    Require ip :: 1
    
    

    Save and close the file when you are done.

    Configure Extra Storage Tools

    It is a good idea to password protect your phpmyadmin directory by setting a basic authentication.

    To do so, create a new authentication file with the htpasswd utility shown below:

      mkdir / etc / phpmyadmin 
    htpasswd -c /etc/phpmyadmin/.htpasswd admin

    You will be prompted to Enter your admin password as shown below:

      New password:
    Enter new password:
    Add user administrator password
    

    Then you need to configure Apache to use the .htpasswd file. You can do this by editing the file /etc/httpd/conf.d/phpmyadmin.conf.ebrit19659015 No. nano /etc/httpd/conf.d/phpmyadmin.confebrit19659016vardAdd the following lines under the line "AddDefaultCharset UTF -8" Alternative: [196590 + FollowSymLinks + Multiviews + Index
    AllowOrride None
    AuthType basic
    Authentication "Authentication Required"
    AuthUserFile /etc/phpmyadmin/.htpasswd
    Require valid user

    Save the file and restart the Apache service for changes to take effect:

      systemctl restart httpd 

    Access phpMyAdmin

    Now your phpMyAdmin instance is secured with an extra layer of security. Open your browser and enter the URL http: // your-server-ip / phpmyadmin. You will be prompted to enter the login information for the user you previously created as shown below:

     Secure phpMyAdmin

    Enter your admin username and password and then click the OK button. You will be redirected to phpMyAdmin login page:

     Log in as root user to phpMyAdmin

    Now enter your MySQL administrative user login credentials and click the Go button. You should see the following page:

     phpMyAdmin database panel

    Conclusion

    Congratulations! you have installed and secured phpMyAdmin on CentOS 8 server. You can now create databases, users, tables and manage them from the web-based interface. Feel free to ask me if you have any questions.


    Source link