How to – Get phpMyAdmin working and secured on a Vicibox 9 installation
So you’ve tried to access phpMyAdmin after installing Vicibox 9 iso on your bare metal or virtual server and it’s not working…..and you’re wondering why? Well, as a security precaution, phpMyAdmin is not enabled by default and needs a symbolic link created, so let’s start there. If you don’t have it installed already, “zypper in phpMyAdmin”.
Creating the symbolic link
Type the following command into your Linux CLI:
ln -s /usr/share/phpMyAdmin /srv/www/htdocs/
Now that we have created the symbolic link, we need to secure this directory to make sure any unwanted access isn’t permitted. We are going to accomplish this using .htaccess
Securing phpMyAdmin using Htaccess
Edit your phpMyAdmin.conf file in /etc/apache2/conf.d
nano /etc/apache2/conf.d/phpMyAdmin.conf
### change the following:
<Directory /usr/share/phpMyAdmin>
Options FollowSymLinks
AllowOverride All #This was "None"
<IfVersion < 2.4>
Order Deny,Allow
Allow from all
</IfVersion>
### save and exit ###
nano /usr/share/phpMyAdmin/.htaccess
####Enter the following:
AuthType Basic
AuthName "Restricted Files"
AuthUserFile /etc/phpMyAdmin/.htpasswd
Require valid-user
###save and exit
zypper install apache2-utils
htpasswd -c /etc/phpMyAdmin/.htpasswd whatever.username.u.want
Password: enter the password u want
##restart apache
service apache restart or systemctl restart apache
###go to your phpmyadmin
https://server.ip/phpMyAdmin
##Enjoy
Hopefully this will help some of you avoid some easier hacks. For more information on securing your servers, check out our free security audit!
Leave a Reply