phpMyAdmin provides a web-based interface for MySQL database management, offering an alternative to command-line interaction. This guide covers installation and security hardening on Ubuntu 16.04.

Prerequisites

• A non-root user with sudo privileges.
• A fully configured LAMP stack (Linux, Apache, MySQL, PHP).
• SSL/TLS encryption via Let's Encrypt or another method for remote access.

Installing phpMyAdmin

Update the package index and install phpMyAdmin with required PHP extensions:

sudo apt update
sudo apt install phpmyadmin php-mbstring php-gettext

During installation:

• Select apache2 as the web server.
• Choose yes to configure the database with dbconfig-common.
• Set passwords for the database administrator and phpMyAdmin application.

Enable PHP extensions and restart Apache:

sudo phpenmod mcrypt mbstring
sudo systemctl restart apache2

Access the interface at https://your_server_ip/phpmyadmin and log in with MySQL credentials.

Securing phpMyAdmin

Add an Apache .htaccess authentication layer to restrict access.

Enable .htaccess Overrides

Edit the phpMyAdmin Apache configuration:

sudo nano /etc/apache2/conf-available/phpmyadmin.conf

Add AllowOverride All within the <Directory /usr/share/phpmyadmin> block:

<Directory /usr/share/phpmyadmin>
    Options FollowSymLinks
    DirectoryIndex index.php
    AllowOverride All
    ...
</Directory>

Restart Apache:

sudo systemctl restart apache2

Create .htaccess File

Create a .htaccess file in the phpMyAdmin directory:

sudo nano /usr/share/phpmyadmin/.htaccess

Add these directives:

AuthType Basic
AuthName "Authentication Required"
AuthUserFile /etc/phpmyadmin/.htpasswd
Require valid-user

Set Up Password File

Create the password file with an initial user:

sudo htpasswd -c /etc/phpmyadmin/.htpasswd admin_user

Add subsequent users without the -c flag:

sudo htpasswd /etc/phpmyadmin/.htpasswd additional_user

Visiting https://your_server_ip/phpmyadmin will now prompt for Apache credentials before displaying the phpMyAdmin login page.