phpMyAdmin is a popular target for hackers.
We should take extra security for that.
Easiest way of doing this is through apache's built-in .htaccess.
For this we need to follow below step.
First, if you need to buy or change server then refer following link.
Referral URL : www.linode.com
Step 1 : Configure Apache for htaccess
We need to enable htaccess in our server's apache phpMyAdmin configuration.
Open the phpmyadmin.conf by using following command :
sudo nano /etc/apache2/conf-available/phpmyadmin.conf
If file is not there, then run following command to generate new one :
sudo ln -s /etc/phpmyadmin/apache.conf /etc/apache2/conf-available/phpmyadmin.conf sudo a2enconf phpmyadmin sudo systemctl restart apache2
We need to add an "AllowOverride All" directive within "<Directory /usr/share/phpmyadmin>" section of the config file, like following :
# phpMyAdmin default Apache configuration Alias /phpmyadmin /usr/share/phpmyadmin <Directory /usr/share/phpmyadmin> Options SymLinksIfOwnerMatch DirectoryIndex index.php AllowOverride All ...
For see this changes in effect, need to restart apache server.
sudo systemctl restart apache2
Step 2 : Create htaccess file
Now, we have enabled .htaccess for our server, we need to create htaccess file to implement security, create by following command :
sudo nano /usr/share/phpmyadmin/.htaccess
Now add some security sentences which are following :
AuthType Basic AuthName "Restricted Files" AuthUserFile /etc/phpmyadmin/.htpasswd Require valid-user
Above lines will add extra layer of security to phpMyAdmin.
Step 3 : Create auth User credentials
Now, create user which allow to enter in extra layer of security.
Run following command, but replace "root" with your prefer username.
sudo htpasswd -c /etc/phpmyadmin/.htpasswd root
While this you will be asking for password, so enter password 2 times.
If we need additional user then run following command :
sudo htpasswd /etc/phpmyadmin/.htpasswd username
Step 4 : Check credentials in browser
All done here, run phpMyAdmin in browser & check your credentials.
First replace ip with & port with your url.
First screen asking you for extra layer of credentials which you setup in this process.