How to Install Latest phpMyAdmin with LEMP on Ubuntu 20.04

phpMyAdmin is a free and open-source administration tool written in PHP used to administer MySQL and MariaDB database servers from a Web interface. Most developers prefer to use phpMyAdmin to interact with a database server because of its ease of use and advanced SQL editor, making it easy to build and test complex SQL queries.

In the following tutorial, you will learn how to install LEMP and phpMyAdmin from source on Ubuntu 20.04.

Advertisement

Prerequisites

  • Recommended OS: Ubuntu 20.04 – optional (Ubuntu 21.04 and Linux Mint 20)
  • User account: A user account with sudo or root access.
  • Required: Nginx, MariaDB and PHP (LEMP)

Updating Operating System

First, before anything, update your Ubuntu operating system to make sure all existing packages are up to date:

sudo apt update && sudo apt upgrade -y

Nginx for phpMyAdmin

Add Custom PPA for Latest Nginx

Given you are setting up phpMyAdmin with Nginx, you will need to install the web application. Currently, the best method for most is to use the PPA by the well-known Ondřej Surý, who maintains both Nginx and Stable versions and is constantly updated.

First, add either stable or mainline PPA as follows:

Nginx Stable:

sudo add-apt-repository ppa:ondrej/nginx-stable -y && sudo apt update

Nginx Mainline (Recommended):

sudo add-apt-repository ppa:ondrej/nginx-mainline -y && sudo apt update

Install Nginx

After installing either stable or mainline Nginx PPA, use the following command to install Nginx:

sudo apt install nginx-core nginx-common nginx nginx-full
Advertisement

MariaDB for phpMyAdmin

Install MariaDB for Ubuntu 20.04

Firstly, you need to install MariaDB to create a database and username as follows:

sudo apt install mariadb-server

Note, this is an older version, with the default installation being version 10.3. Please visit our tutorial if you prefer to install a more recent MariaDB version, such as 10.5 and 10.6.

Next, run the security script if you installed fresh for the first time with the following command:

sudo mysql_secure_installation

Next, follow below:

  • Setting the password for root accounts.
  • Removing root accounts that are accessible from outside the local host.
  • Removing anonymous-user accounts.
  • Removing the test database, which by default can be accessed by anonymous users.

Note, you use (Y) to remove everything.

Create phpMyAdmin Database and Username

Firstly, open up MariaDB and create a new database for phpMyAdmin:

sudo mysql -u root

Next, create a database in the MariaDB terminal:

CREATE DATABASE phpmyadmindb;

Now you need to create a user and grant permissions as follows:

GRANT ALL ON phpmyadmindb.* TO phpmyadminuser@localhost IDENTIFIED BY 'password here change';

To finish off, flush the privileges and exit with the following codes:

FLUSH PRIVILEGES;
QUIT;
Advertisement

PHP for phpMyAdmin

Add Custom PPA for Latest PHP

Similar to our Nginx installation, it is recommended to add the PPA by Ondřej Surý, the PHP maintainer for Debian. The custom PPA has all the latest versions of 7.4, 8.0, and the newest incoming 8.1.

Add the PPA using the following command:

sudo apt install software-properties-common && sudo add-apt-repository ppa:ondrej/php -y

Install PHP for Ubuntu 20.04

Now, you can install PHP 7.4 or PHP 8.0. As PHP is still newer and possibly has more bugs with phpMyAdmin, it is recommended to install PHP 7.4 for now. To achieve this, use the following terminal command to install the required packages:

sudo apt install php7.4-fpm php7.4-mbstring php7.4-bcmath php7.4-xml php7.4-mysql php7.4-common php7.4-gd php7.4-mcrypt php7.4-cli php7.4-curl php7.4-zip php7.4-gd

Install phpMyAdmin on Ubuntu 20.04

By default, Ubuntu 20.04 repository comes with phpMyAdmin and the required dependencies. However, as often with Ubuntu LTS releases, the version and build are far behind what is currently available from the source. So as the purpose of this guide, you will be downloading from the source as follows:

Download phpMyAdmin Latest Source Version

To begin with, visit the phpMyAdmin downloads page to find the latest version currently. At the time of this tutorial, version 5.1.1 is the latest.

Execute the following codes to download the all languages latest version automatically:

DATA="$(wget https://www.phpmyadmin.net/home_page/version.txt -q -O-)"
URL="$(echo $DATA | cut -d ' ' -f 3)"
VERSION="$(echo $DATA | cut -d ' ' -f 1)"
wget https://files.phpmyadmin.net/phpMyAdmin/${VERSION}/phpMyAdmin-${VERSION}-all-languages.tar.gz

If you want to download the English version, substitute the end line with the following:

wget https://files.phpmyadmin.net/phpMyAdmin/${VERSION}/phpMyAdmin-${VERSION}-english.tar.gz

Next, extract the archive using the following command:

tar xvf phpMyAdmin-${VERSION}-all-languages.tar.gz

Configure phpMyAdmin Manually

You need to move the extracted directory and its subdirectories to the /usr/share directory location where phpMyAdmin expects to find its configuration files by default. To do this, use the following command:

sudo mv phpMyAdmin-*/ /usr/share/phpmyadmin

By default, phpMyAdmin does not come with a TMP directory when installing from source, and you need to create this manually:

sudo mkdir -p /var/lib/phpmyadmin/tmp

Assign correct permissions to user www-data with the phpMyAdmin directory:

sudo chown -R www-data:www-data /var/lib/phpmyadmin

In the phpMyAdmin directory, a default configuration-example file is included. You will need to rename this file for phpMyAdmin to recognize the configuration. However, for backup, you will use the CP command to create a copy and keep the default as a backup if any mistakes are made in the location /etc/usr/phpmyadmin/ directory.

Copy config.sample.inc.php to config.inc.php with the following command:

sudo cp /usr/share/phpmyadmin/config.sample.inc.php /usr/share/phpmyadmin/config.inc.php

Next, open this file using your preferred text editor. For the tutorial, the nano text editor is used:

sudo nano /usr/share/phpmyadmin/config.inc.php

phpMyAdmin uses a Blowfish cipher. Scroll down to the line that begins with $cfg[‘blowfish_secret’].

The lines will look like for example:

$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

You will need to assign a string of 32 random characters between the single quote marks. The easiest way to achieve this is using the program pwgen. To install pwgen, use the following terminal command:

sudo apt install pwgen

Once installed, run the following command:

pwgen -s 32 1

You will then get your 32 random characters for the blowfish secret, example output:

How to Install Latest phpMyAdmin with LEMP on Ubuntu 20.04

Example of adding the cipher to the configuration file (Do not copy):

$cfg['blowfish_secret'] = 'kQVwa2yLI6FxA3LN6E7YcW3WgtTKTZ2j'

The rest of the default settings should work for most users. If your server is located on another server located in your network, find and change the line $cfg[‘Servers’][$i][‘host’] = to that of the private IP address. Example below:

$cfg['Servers'][$i]['host'] = '192.168.55.101';

Create Nginx Server Block for phpMyAdmin

To access the phpMyAdmin web interface, you will need to create an Nginx server block. It is highly recommended to keep this separate, and on a sub-domain, you can name it anything you like to help with security and brute force attacks.

First, create and open your server block using nano text editor as follows:

sudo nano /etc/nginx/sites-available/phpmyadmin.conf

Next, you can paste the below text into the file. Note, you must replace the domain URL with your own:

server {
  listen 80;
  listen [::]:80;
  server_name pma.example.com;
  root /usr/share/phpmyadmin/;
  index index.php index.html index.htm index.nginx-debian.html;

  access_log /var/log/nginx/phpmyadmin_access.log;
  error_log /var/log/nginx/phpmyadmin_error.log;

  location / {
    try_files $uri $uri/ /index.php;
  }

  location ~ ^/(doc|sql|setup)/ {
    deny all;
  }

  location ~ \.php$ {
    fastcgi_pass unix:/run/php/php7.4-fpm.sock;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    include fastcgi_params;
    include snippets/fastcgi-php.conf;
  }

  location ~ /\.ht {
    deny all;
  }
}

If you are the only one accessing this from a static IP address, you can add the following code above the first location entry. An example of this is below:

  allow <your ip address>;
  deny all; 

  location / {
    try_files $uri $uri/ /index.php;
  }
...........................................

This will naturally block anyone visiting the page with a 403 error unless allowed by your IP address. This, by nature, can stop all brute attacks in their tracks, but maybe not viable for some setups.


Now save using (CTRL+O) and exit with (CTRL+X).

Test your Nginx server block by running the dry run command:

sudo nginx -t

If you have no errors, you should get the following output:

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Now restart your Nginx service for changes to take effect:

sudo systemctl restart nginx

Accessing the phpMyAdmin Web UI

To access the Web Interface, open your preferred Internet Browser and type in pma.example.com with (example) your domain. You should come to the login screen of phpMyAdmin as follows:

How to Install Latest phpMyAdmin with LEMP on Ubuntu 20.04

Login using the MariaDB username and password you set up originally at the start of the tutorial. You will then come to the main screen.

How to Install Latest phpMyAdmin with LEMP on Ubuntu 20.04

Install TLS Certificate

To further secure the phpMyAdmin web interface, you can optionally install a free Let’s Encrypt TLS certificate from the Ubuntu default repository.

Run the following command in your Ubuntu terminal:

sudo apt install certbot python3-certbot-nginx

Now run the following command to obtain and install TLS certificate for Nginx and phpMyAdmin:

sudo certbot --nginx --agree-tos --redirect --hsts --staple-ocsp --must-staple -d pma.example.com --email your-email-address

During the certificate installation, you will get a notice to receive emails from EFF(Electronic Frontier Foundation). Choose either Y or N then your TLS certificate will be automatically installed and configured for you.

How to Install Latest phpMyAdmin with LEMP on Ubuntu 20.04

That’s it, and you have installed SSL on your phpMyAdmin area. Be sure to test by using a free SSL test such as DigiCert or SSL Labs.

Comments and Conclusion

In the tutorial, you have learned how to install the required software dependencies and download and create the correct directories for phpMyAdmin from the source. Overall, using phpMyAdmin is a great tool for any database management. You can easily create databases, users, tables and perform the usual operations like deleting and modifying structures and data in a clean Web UI interface instead of the default terminal.

Subscribe
Notify of
3 Comments
Inline Feedbacks
View all comments
Marco
Guest
Friday, December 31, 2021 6:09 am

ciao,
I installed phpmyadmin by following all the steps in this manual without any error.
How do I access to phpmyadmin from the web (firefox) interface? what should I type in the URL?
Thank you
The installation was done on local Debian 11 server – IP 192.168.1.139 where the following modules are installed:
——————————————————————————-
Server version: Apache/2.4.51 (Debian)
Server built: 2021-10-07T17:49:44
———————————————————————————
PHP 8.1.1 (cli) (built: Dec 20 2021 21:35:13) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.1.1, Copyright (c) Zend Technologies
with Zend OPcache v8.1.1, Copyright (c), by Zend Technologies
———————————————————————————————
mysql Ver 15.1 Distrib 10.5.12-MariaDB, for debian-linux-gnu (x86_64) using EditLine wrapper
——————————————————————————————————————————-
modifiche in /usr/share/phpmyadmin/config.inc.php :
$cfg[‘blowfish_secret’] = ‘xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx’ ==> nota: con cifratura da pwgen -s 32 1
$cfg[‘Servers’][$i][‘host’] = ‘192.168.1.139’;
——————————————————————————————————————————————-

Marco
Guest
Reply to  Marco
Friday, December 31, 2021 9:04 pm

Tank you very much for your reply.
The best wishes for a happy New year
Marco

adplus-dvertising
3
0
Would love your thoughts, please comment.x
()
x