How to Install and Secure phpMyAdmin

#H1[How to Install and Secure phpMyAdmin]

In the world of website management, administering SQL databases is a necessity. However, the process can often be complex for beginners. But fear not,
phpMyAdmin is here to the rescue! If you are wondering how to install and secure phpMyAdmin, you're at the right place. In this article, we
explain the simple steps to accomplish this task.

So, what is phpMyAdmin? It is a popular open-source tool written in PHP that allows you to manage MySQL and MariaDB databases through a
web-based interface. But before you dive into the installation process, you must have pre-installed a web server like Apache and MySQL or MariaDB
on your server.

#H2[Steps to Install phpMyAdmin]

Step 1: The first step is to update your package’s list. Use the command below:

sudo apt update

Step 2: After updating, install phpMyAdmin along with PHP extensions. Use the command:

sudo apt install phpmyadmin php-mbstring php-gettext

During the installation process, a prompt will ask you to choose the web server that should be automatically configured to run phpMyAdmin.
Choose 'Apache2' and press 'Enter'.

Step 3: The next prompt will ask you if you want to use dbconfig-common for setting up the database. It’s recommended to select
'Yes' to make the procedure less complicated.

Step 4: Enter and confirm a password for phpMyAdmin, and the installation process will continue. Now, you need to manually
enable the PHP mbstring extension. Use the command:

sudo phpenmod mbstring

Step 5: Finally, restart the Apache server to reflect the changes:

sudo systemctl restart apache2

Once completed, you can access the phpMyAdmin interface by typing: your_server_ip/phpmyadmin in your web browser.

#H2[Securing phpMyAdmin]

Even though phpMyAdmin is very helpful, it could be a potential target for attacks. Therefore, it's important to secure its access. Follow
the steps below:

Step 1: Create a .htaccess file in the phpMyAdmin directory by using the command:

sudo nano /etc/phpmyadmin/.htaccess

Step 2: Add the below code to it:

<DirectoryMatch "^/usr/share/phpmyadmin/+">
AuthType basic
AuthName "Admin Login"
AuthUserFile /etc/phpmyadmin/.htpasswd
Require valid-user
</DirectoryMatch>

Step 3: Create a .htpasswd file for authentication. Replace 'username' with the username you prefer:

sudo htpasswd -c /etc/phpmyadmin/.htpasswd username

Enter and confirm your password once prompted.

With these steps, you've successfully protected phpMyAdmin from unauthorized access. Whenever you try to access phpMyAdmin, a login
prompt will appear requesting the username and password.

Remember, the steps outlined in this guide will go a long way in securing your servers from potential attacks. They are fundamental and
should be part of any server setup process. That said, do not relent in continually learning about other security best practices to maintain an
air-tight security environment for your servers.