How to – Get phpMyAdmin working and secured on a Vicibox 9 installation

phpmyadmin

How to – Get phpMyAdmin working and secured on a Vicibox 9 installation

So you’ve tried to access phpMyAdmin after installing Vicibox 9 iso on your bare metal or virtual server and it’s not working…..and you’re wondering why? Well, as a security precaution, phpMyAdmin is not enabled by default and needs a symbolic link created, so let’s start there. If you don’t have it installed already, “zypper in phpMyAdmin”.

Creating the symbolic link

Type the following command into your Linux CLI:

ln -s /usr/share/phpMyAdmin /srv/www/htdocs/

Type ll(LL) within the /srv/www/htdocs/ directory to make sure the symbolic link was created correctly

Now that we have created the symbolic link, we need to secure this directory to make sure any unwanted access isn’t permitted. We are going to accomplish this using .htaccess

Securing phpMyAdmin using Htaccess

Edit your phpMyAdmin.conf file in /etc/apache2/conf.d

phpMyAdmin.conf

nano /etc/apache2/conf.d/phpMyAdmin.conf

### change the following:

<Directory /usr/share/phpMyAdmin>

    Options FollowSymLinks
    AllowOverride All   #This was "None"

    <IfVersion < 2.4>
        Order Deny,Allow
        Allow from all
    </IfVersion>


###  save and exit ###

nano /usr/share/phpMyAdmin/.htaccess

####Enter the following:

AuthType Basic
AuthName "Restricted Files"
AuthUserFile /etc/phpMyAdmin/.htpasswd
Require valid-user

###save and exit

zypper install apache2-utils

htpasswd -c /etc/phpMyAdmin/.htpasswd whatever.username.u.want
Password: enter the password u want

##restart apache
service apache restart or systemctl restart apache

###go to your phpmyadmin

https://server.ip/phpMyAdmin


##Enjoy

Hopefully this will help some of you avoid some easier hacks. For more information on securing your servers, check out our free security audit!