SECURE PHPMYADMIN WITH HTACCESS

phpMyAdmin is a popular target for hackers.

We should take extra security for that.

Easiest way of doing this is through apache's built-in .htaccess.

For this we need to follow below step.

First, if you need to buy or change server then refer following link.

Referral URL : www.linode.com


Step 1 : Configure Apache for htaccess

We need to enable htaccess in our server's apache phpMyAdmin configuration.

Open the phpmyadmin.conf by using following command :

sudo nano /etc/apache2/conf-available/phpmyadmin.conf

We need to add an "AllowOverride All" directive within "<Directory /usr/share/phpmyadmin>" section of the config file, like following :

# phpMyAdmin default Apache configuration
Alias /phpmyadmin /usr/share/phpmyadmin
<Directory /usr/share/phpmyadmin>
   Options SymLinksIfOwnerMatch
   DirectoryIndex index.php
   AllowOverride All
   ...

For see this changes in effect, need to restart apache server.

sudo systemctl restart apache2

Step 2 : Create htaccess file

Now, we have enabled .htaccess for our server, we need to create htaccess file to implement security, create by following command :

sudo nano /usr/share/phpmyadmin/.htaccess

Now add some security sentences which are following :

AuthType Basic
AuthName "Restricted Files"
AuthUserFile /etc/phpmyadmin/.htpasswd
Require valid-user

Above lines will add extra layer of security to phpMyAdmin.


Step 3 : Create auth User credentials

Now, create user which allow to enter in extra layer of security.

Run following command, but replace "root" with your prefer username.

sudo htpasswd -c /etc/phpmyadmin/.htpasswd root

While this you will be asking for password, so enter password 2 times.

If we need additional user then run following command :

sudo htpasswd /etc/phpmyadmin/.htpasswd username

Step 4 : Check credentials in browser

All done here, run phpMyAdmin in browser & check your credentials.

First replace ip with & port with your url.

http://127.0.0.1:8000/phpmyadmin

First screen asking you for extra layer of credentials which you setup in this process.