install phpmyadmin ubuntu

phpMyAdmin is a PHP-based web interface for managing MySQL databases. It can be a convenient alternative for users that don’t like administering MySQL from the command line.

You must set up a LAMP/LEMP stack on your server before installing phpMyAdmin. Additionally, as it’s a common attack vector, it’s important to properly secure it after the installation.

Installing phpMyAdmin

While there are multiple ways to install phpMyAdmin, we recommend installing it directly from the Ubuntu repository for the best integration.

First, update your package index so that you have access to the latest packages. 

sudo apt update

Now, install phpMyAdmin along with some other packages recommended in the official install docs. These will add extra functionality like adding JSON support, providing the curl module, etc.

Note: If you installed a PHP version different from the one currently in the repository, you’ll need to adjust the module versions accordingly in the command below (e.g.,php8.2-zip instead of php-zip). 

sudo apt install phpmyadmin php-mbstring php-zip php-gd php-json php-curl

When prompted to configure the web server, apache2 will be highlighted. Press Space to select apache2, then Tab and Enter to proceed.

Then, select Yes when prompted to configure the database for phpMyAdmin with dbconfig-common.

Finally, set a password for the phpMyAdmin MySQL user.

(Situational) Bypass Password Error

It’s standard procedure to enable the Validate Password option when securing MySQL, but you’ll encounter an error when setting the password due to this plugin.

Let’s go over how you can bypass this error.

Press Tab and Enter to proceed to the next screen and select the abort option there.  

Log in as the MySQL root user.

sudo mysql -u root -p

Temporarily disable the Validate Password component and exit the MySQL prompt.

UNINSTALL COMPONENT "file://component_validate_password";

Then, follow the same process as earlier to install phpMyAdmin.

sudo apt install -y phpmyadmin

After installing phpMyAdmin, you can log in as the root user and re-enable the Validate Password plugin.

sudo mysql -u root -p
INSTALL COMPONENT "file://component_validate_password";

Finally, enable the mbstring PHP module and restart the Apache server to apply the changes.

sudo phpenmod mbstring
sudo systemctl restart apache2

Creating New phpMyAdmin User

The default phpMyAdmin user only has limited permissions. While you can grant this user the necessary permissions, we recommend creating a new user rather than using the default user. To do this, first log in to MySQL as root.

sudo mysql -u root -p

Use the following statements to create the user and grant them the necessary permissions. Don’t forget to replace the username and password values with your own before executing the commands.

CREATE USER 'username'@'localhost' IDENTIFIED WITH caching_sha2_password BY 'password';

Accessing phpMyAdmin

Now, you can access the phpMyAdmin dashboard from a web browser. You can use the root user or the user you just created to log in.


Securing phpMyAdmin

phpMyAdmin isn’t secure enough by default, so it’s important to take steps to lock things down yourself. For starters, you should change the default directory alias.

Open the phpMyAdmin Apache config file with your preferred text editor. We’ll use nano.

sudo nano /etc/phpmyadmin/apache.conf

Change the Alias entry to something else, or simply append some random strings to the Alias name.

Next, you should use the apache2 authentication functionality to set up an additional layer of password-based protection.

Add the AllowOverride All directive in the directory configuration section to do this.

Save the changes and exit the editor (Ctrl + O and Ctrl + X in nano). 

Now, we’ll create an .htaccess config file in the default phpMyAdmin directory to set up the authentication. 

sudo nano /usr/share/phpmyadmin/.htaccess

Use the configuration provided below. Here,

  • AuthType Basic specifies that we’re authenticating with a password file. 
  • AuthName sets the message for the dialog box. 
  • AuthUserFile sets the location of the password file. 
  • Require valid-user specifies that only authorized users can access this resource. 
AuthType Basic
AuthName "No Access"
AuthUserFile /etc/phpmyadmin/.htpasswd
Require valid-user

Once again, save the changes and exit the editor. Then, use the htpasswd utility to authenticate a user. Remember to replace the username before executing the command.

sudo htpasswd -c /etc/phpmyadmin/.htpasswd username

Set a password for the new login prompt here. 

If you want to authenticate more users, omit the -c flag and use the same command like so

sudo htpasswd /etc/phpmyadmin/.htpasswd newuser

Finally, restart the Apache server to apply the changes made so far.

sudo systemctl restart apache2
Anup Thapa

Senior Writer

Anup Thapa is a Linux enthusiast with an extensive background in computer hardware and networking. His goal is to effectively communicate technical concepts in a simplified form understandable by new Linux users. To this end, he mainly writes beginner-friendly tutorials and troubleshooting guides. Outside of work, he enjoys reading up on a range of topics, traveling, working out, and MOBAs.