For our Blog Visitor only Get Additional 3 Month Free + 10% OFF on TriAnnual Plan YSBLOG10
Grab the Deal
youstable-blog-sidebar

How to Configure phpMyAdmin on Linux Server – (Step-by-Step Guide 2026)

Prahlad Prajapati 7 min read

To configure phpMyAdmin on a Linux server, install a LAMP/LEMP stack, add phpMyAdmin via your package manager or the official tarball, map it in your web server (Apache/Nginx), and secure access with HTTPS, authentication, IP allowlists, and a strong blowfish_secret. This step-by-step 2026 guide covers Ubuntu/Debian and RHEL-based systems.

Configuring phpMyAdmin on a Linux server is straightforward if you follow the right order: install prerequisites, install phpMyAdmin, wire it to your web server, and then harden it. In this guide, I’ll show you exactly how to configure phpMyAdmin on Linux server environments (Ubuntu/Debian, Rocky/AlmaLinux/RHEL) with Apache or Nginx, plus strong production-grade security.

What You’ll Learn (and Why It Matters)

This tutorial is designed for beginners and sysadmins who want a clean, secure, and future-ready phpMyAdmin setup. We’ll cover installation (packages and manual), web server configuration, SSL, HTTP auth, IP restrictions, safe MySQL practices, and troubleshooting—all aligned with 2026 hosting best practices and Google’s EEAT guidelines.

Prerequisites

  • Linux server: Ubuntu 22.04/24.04, Debian 12, or Rocky/AlmaLinux/RHEL 9
  • Root or sudo user
  • Installed web server: Apache or Nginx + PHP-FPM
  • MySQL or MariaDB running locally (recommended) or remotely
  • Domain pointing to server (for HTTPS)

Step 1: Update Server and Install Web + Database Stack

Ubuntu/Debian (Apache + PHP + MariaDB)

sudo apt update
sudo apt install -y apache2 mariadb-server php php-fpm php-mysql php-json php-xml php-gd php-mbstring php-curl php-zip unzip
sudo mysql_secure_installation
sudo systemctl enable --now apache2 mariadb

If you prefer Nginx over Apache, install nginx and use PHP-FPM as the handler:

sudo apt install -y nginx php-fpm
sudo systemctl enable --now nginx

Rocky/AlmaLinux/RHEL 9 (Apache + PHP + MariaDB)

sudo dnf install -y epel-release
sudo dnf install -y httpd mariadb-server php php-fpm php-mysqlnd php-json php-xml php-gd php-mbstring php-curl php-zip unzip
sudo systemctl enable --now httpd mariadb
sudo mysql_secure_installation

Ensure PHP extensions required by phpMyAdmin are present: mbstring, json, mysqli, zip, xml, gd.

Step 2: Install phpMyAdmin (Package or Manual)

Option A — Install via Package Manager (Ubuntu/Debian)

sudo apt install -y phpmyadmin

During install, select Apache if prompted and allow dbconfig-common to configure. If you’re using Nginx or you didn’t select a web server, you’ll map it manually in Step 3.

Option B — Install via Package Manager (Rocky/AlmaLinux/RHEL)

phpMyAdmin is available from EPEL for many RHEL-based systems:

sudo dnf install -y phpMyAdmin

This drops files under /usr/share/phpMyAdmin and typically creates an Apache conf at /etc/httpd/conf.d/phpMyAdmin.conf.

Option C — Manual Install (Latest from Upstream)

For the latest stable release (often newer than distro packages), install from the official tarball:

cd /usr/share
sudo wget https://files.phpmyadmin.net/phpMyAdmin/latest/phpMyAdmin-latest-all-languages.tar.gz
sudo tar xzf phpMyAdmin-latest-all-languages.tar.gz
sudo mv phpMyAdmin-*-all-languages phpmyadmin
sudo chown -R www-data:www-data /usr/share/phpmyadmin  # (use apache:apache on RHEL)
sudo cp /usr/share/phpmyadmin/config.sample.inc.php /usr/share/phpmyadmin/config.inc.php

Generate a strong blowfish secret and set a temp directory:

openssl rand -base64 32
sudo mkdir -p /var/lib/phpmyadmin/tmp
sudo chown -R www-data:www-data /var/lib/phpmyadmin
sudo chmod 750 /var/lib/phpmyadmin

# /usr/share/phpmyadmin/config.inc.php (append/edit)
$cfg['blowfish_secret'] = 'PASTE-YOUR-32-CHAR-SECRET-HERE';  // required for cookie auth
$cfg['TempDir'] = '/var/lib/phpmyadmin/tmp';
$cfg['Servers'][1]['auth_type'] = 'cookie';

Step 3: Map phpMyAdmin in Your Web Server

Apache (Ubuntu/Debian)

If you installed via apt, enable the conf and reload:

sudo a2enconf phpmyadmin
sudo systemctl reload apache2

Manual alias (if needed):

sudo tee /etc/apache2/conf-available/phpmyadmin.conf >/dev/null <<'EOF'
Alias /phpmyadmin /usr/share/phpmyadmin
<Directory /usr/share/phpmyadmin>
    DirectoryIndex index.php
    Options SymLinksIfOwnerMatch
    AllowOverride All
    Require all granted
</Directory>
EOF

sudo a2enconf phpmyadmin
sudo systemctl reload apache2

Apache (Rocky/AlmaLinux/RHEL)

After installing phpMyAdmin, open /etc/httpd/conf.d/phpMyAdmin.conf. By default, access may be restricted to local only; adjust to your policy, then reload:

sudo systemctl reload httpd

Nginx (all distros)

Add a location block to your server block. Update PHP-FPM socket and path if different:

location /phpmyadmin {
    alias /usr/share/phpmyadmin/;
    index index.php;
}

location ~ ^/phpmyadmin/(.+\.php)$ {
    alias /usr/share/phpmyadmin/;
    include fastcgi_params;
    fastcgi_param SCRIPT_FILENAME $request_filename;
    fastcgi_pass unix:/run/php/php8.2-fpm.sock;  # adjust PHP version/fpm socket
}

Test and reload:

sudo nginx -t && sudo systemctl reload nginx

Step 4: Open Firewall and Test

Allow HTTP/HTTPS and visit http://SERVER/phpmyadmin (or your domain):

# Ubuntu/Debian (UFW)
sudo ufw allow 'Apache Full'   # or 'Nginx Full'

# Rocky/AlmaLinux/RHEL (firewalld)
sudo firewall-cmd --add-service=http --permanent
sudo firewall-cmd --add-service=https --permanent
sudo firewall-cmd --reload

Step 5: Secure phpMyAdmin (Production Hardening)

A. Change the Access Path

Use a non-standard alias, e.g., /db-admin-9fjk, to reduce bot hits. Update Apache Alias or Nginx location accordingly.

B. Restrict by IP

Allow only your office/VPN IPs.

# Apache <Directory> block
Require ip 203.0.113.10
Require ip 2001:db8::/32

# Nginx location block
allow 203.0.113.10;
deny all;

C. Add HTTP Basic Authentication

Double-gate phpMyAdmin with a password prompt before the app login.

# Create credentials
sudo apt install -y apache2-utils  # or httpd-tools on RHEL
sudo htpasswd -c /etc/phpmyadmin.htpasswd pmaadmin

# Apache
AuthType Basic
AuthName "Restricted"
AuthUserFile /etc/phpmyadmin.htpasswd
Require valid-user

# Nginx
auth_basic "Restricted";
auth_basic_user_file /etc/phpmyadmin.htpasswd;

D. Enforce HTTPS (TLS)

Terminate SSL at your web server with Let’s Encrypt:

# Apache
sudo apt install -y certbot python3-certbot-apache
sudo certbot --apache -d example.com

# Nginx
sudo apt install -y certbot python3-certbot-nginx
sudo certbot --nginx -d example.com

Ensure $cfg['Servers'][1]['auth_type'] = 'cookie' and set a unique $cfg['blowfish_secret'] in config.inc.php (we did this earlier). Never leave it blank.

F. Create a Dedicated DB Admin User

Avoid using the MySQL root account over the network. Create a named admin account with strong password and minimal privileges over the required databases.

CREATE USER 'dbadmin'@'localhost' IDENTIFIED BY 'Strong!Passw0rd';
GRANT ALL PRIVILEGES ON myapp\_%.* TO 'dbadmin'@'localhost';
FLUSH PRIVILEGES;

If root exists, prefer unix_socket auth locally and disallow remote root access.

G. File Permissions and Upload Directories

Lock down ownership to the web user and disable write permissions where not needed. Set controlled directories for uploads and saves:

# Example
$cfg['UploadDir'] = '/var/lib/phpmyadmin/upload';
$cfg['SaveDir']   = '/var/lib/phpmyadmin/save';

Create those directories, set proper ownership, and keep them non-browseable.

Step 6: Common Troubleshooting

  • 404 Not Found on Nginx: Confirm alias paths and the PHP location block for .php files under your phpMyAdmin URI.
  • 403 Forbidden on Apache: Check Require rules in your phpMyAdmin conf. Remove restrictive defaults (e.g., “Require local”) if you need remote access (and replace with an allowlist).
  • Blowfish secret warning: Add $cfg['blowfish_secret'] in config.inc.php with a strong, unique string.
  • Missing PHP extensions: Install php-mbstring, php-xml, php-json, php-mysql, and reload PHP-FPM/Apache.
  • 502 Bad Gateway (Nginx): Ensure fastcgi_pass points to the correct PHP-FPM socket or TCP port and FPM is running.

Step 7: Performance Tips

  • Enable OPcache for faster PHP response: install php-opcache and tune opcache.memory_consumption.
  • Tune PHP-FPM: increase pm.max_children based on memory and expected concurrency.
  • Limit heavy queries: phpMyAdmin is an admin tool, not an analytics engine. Use EXPLAIN and indexes.
  • Keep phpMyAdmin updated: newer versions include performance and security improvements.

Safe Update and Maintenance

  • Debian/Ubuntu: sudo apt update && sudo apt upgrade will update phpMyAdmin if installed from repo.
  • RHEL family: sudo dnf upgrade updates EPEL packages when available.
  • Manual installs: replace the directory with the latest tarball; retain a versioned backup and your config.inc.php.

End‑to‑End Example: Quick Ubuntu + Apache Setup

# 1) Prereqs
sudo apt update
sudo apt install -y apache2 mariadb-server php php-mysql php-mbstring php-xml php-gd php-curl php-zip unzip
sudo mysql_secure_installation

# 2) phpMyAdmin
sudo apt install -y phpmyadmin
sudo a2enconf phpmyadmin
sudo systemctl reload apache2

# 3) Secure basics
sudo apt install -y certbot python3-certbot-apache apache2-utils
sudo certbot --apache -d example.com
sudo htpasswd -c /etc/phpmyadmin.htpasswd pmaadmin
sudo sed -i '/<Directory \/usr\/share\/phpmyadmin>/,/<\/Directory>/ s/<\/Directory>/AuthType Basic\nAuthName "Restricted"\nAuthUserFile \/etc\/phpmyadmin.htpasswd\nRequire valid-user\n<\/Directory>/' /etc/apache2/conf-available/phpmyadmin.conf
sudo systemctl reload apache2

# Now visit: https://example.com/phpmyadmin

FAQs: Configure phpMyAdmin on Linux Server

Is phpMyAdmin safe to expose on the public internet?

Yes—if you harden it. Always use HTTPS, change the default path, restrict by IP or VPN, add HTTP Basic Auth, and avoid using the MySQL root account. Keep phpMyAdmin and PHP updated and monitor access logs for anomalies.

How do I access phpMyAdmin from a remote IP securely?

Use a static allowlist on Apache/Nginx for your office/VPN IPs, enforce HTTPS, and layer HTTP Basic Auth. For teams, consider a reverse proxy with SSO or 2FA (e.g., Authelia) in front of the phpMyAdmin path.

How do I update phpMyAdmin to the latest version?

If installed via package manager, run a normal system upgrade. For manual installs, download the latest tarball, replace the phpMyAdmin directory atomically, keep a backup of the old version, and preserve your config.inc.php. Test after the swap and reload your web server.

Which PHP extensions are required for phpMyAdmin?

At minimum: mysqli, mbstring, json, xml. For better functionality: zip, gd, curl. Install them and restart Apache/PHP-FPM.

How do I fix “The configuration file now needs a secret passphrase (blowfish_secret)”?

Edit /usr/share/phpmyadmin/config.inc.php (or your install path) and set $cfg['blowfish_secret'] to a random 32+ character string. Generate with openssl rand -base64 32, save, and reload the page.

Final Thoughts

That’s how to configure phpMyAdmin on Linux server environments the right way in 2026: install, map, secure, and maintain. Follow these steps and you’ll have a reliable, hardened interface for MySQL/MariaDB management. If you prefer hands-off infrastructure, YouStable’s managed hosting team can implement and maintain this stack for you.

Prahlad Prajapati

Prahlad is a web hosting specialist and SEO-focused organic growth expert from India. Active in the digital space since 2019, he helps people grow their websites through clean, sustainable strategies. Passionate about learning and adapting fast, he believes small details create big success. Discover his insights on web hosting and SEO to elevate your online presence.

Leave a Comment

Your email address will not be published. Required fields are marked *

Related Articles

Scroll to Top