phpMyAdmin is a popular web-based tool that lets you manage MySQL or MariaDB databases through a browser instead of the command line. This guide shows you how to install phpMyAdmin on Ubuntu, configure it with Apache, set up proper authentication, and — most importantly — secure it properly.
Tested and valid on:
- Ubuntu 22.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 25.04 (early preview)
Prerequisites
- Ubuntu 22.04 / 24.04 / 25.04 server
- Non-root user with sudo privileges
- UFW firewall enabled
- Working LAMP stack (Apache + MySQL/MariaDB + PHP ≥ 8.1)
- HTTPS / SSL already set up (Let’s Encrypt recommended)
If missing, install LAMP first and secure Apache with Let’s Encrypt.
Step 1 – Install phpMyAdmin
sudo apt update
Install phpMyAdmin + recommended PHP extensions:
sudo apt install phpmyadmin php-mbstring php-zip php-gd php-json php-curl -y
During installation:
- Web server selection → Press SPACE to select apache2, then TAB → ENTER
- Configure database with dbconfig-common? → Yes
- Set a strong password for the phpmyadmin internal user
Fix for validate_password plugin error (if it occurs):
sudo mysql
UNINSTALL COMPONENT "file://component_validate_password";
exit
Re-run install, then re-enable later:
INSTALL COMPONENT "file://component_validate_password";
Enable mbstring and restart Apache:
sudo phpenmod mbstring
sudo systemctl restart apache2
phpMyAdmin is now installed at: https://your-domain.com/phpmyadmin or https://your-server-ip/phpmyadmin
Step 2 – Login & Authentication Setup
Option A – Use root (quick for testing/fresh servers)
By default on Ubuntu, MySQL root uses auth_socket (no password).
Switch to password authentication:
sudo mysql
ALTER USER 'root'@'localhost'
IDENTIFIED WITH caching_sha2_password
BY 'YourVeryStrongRootPassword2026!';
FLUSH PRIVILEGES;
exit
If login fails later (rare PHP compatibility), use instead:
ALTER USER 'root'@'localhost'
IDENTIFIED WITH mysql_native_password
BY 'YourVeryStrongRootPassword2026!';
Now log in to phpMyAdmin with root and the password.
Option B – Best practice: Create dedicated user
sudo mysql
CREATE USER 'dbadmin'@'localhost'
IDENTIFIED WITH caching_sha2_password
BY 'ExtremelyStrongPasswordHere!';
GRANT ALL PRIVILEGES ON *.* TO 'dbadmin'@'localhost' WITH GRANT OPTION;
FLUSH PRIVILEGES;
exit
Log in using dbadmin + password.
Step 3 – Secure phpMyAdmin (Mandatory in 2026)
phpMyAdmin is a frequent attack target. Never expose it without protection.
3.1 Confirm HTTPS is active
If not already done:
sudo apt install certbot python3-certbot-apache -y
sudo certbot --apache
Choose redirect HTTP → HTTPS.
3.2 Add HTTP Basic Auth (.htaccess) – Strong Recommended Layer
- Allow .htaccess overrides:
sudo nano /etc/apache2/conf-available/phpmyadmin.conf
Inside add:
AllowOverride All
Save & exit.
- Create .htaccess file:
sudo nano /usr/share/phpmyadmin/.htaccess
Paste:
AuthType Basic
AuthName "Restricted - phpMyAdmin"
AuthUserFile /etc/phpmyadmin/.htpasswd
Require valid-user
Create password file:
sudo mkdir -p /etc/phpmyadmin
sudo htpasswd -c /etc/phpmyadmin/.htpasswd yourusername
Enter strong password. Add more users later:
sudo htpasswd /etc/phpmyadmin/.htpasswd anotheruser
Restart Apache:
sudo systemctl restart apache2
You now get two login prompts: Apache first, then phpMyAdmin.
3.3 Optional Extra Protections
- Restrict by IP (edit same conf file):
Require ip 203.0.113.25 198.51.100.0/24
- Change URL path (security by obscurity):
Change Alias /phpmyadmin → Alias /db-panel-x7k9 Access becomes: https://domain.com/db-panel-x7k9
Restart Apache after changes.
Quick Troubleshooting
| Issue | Fix |
|---|---|
| 404 Not Found | sudo ln -s /etc/phpmyadmin/apache.conf /etc/apache2/conf-enabled/ |
| Access denied (root) | Switch root to password auth (see Step 2) |
| Blank page | sudo phpenmod mbstring gd zip json curl → restart Apache |
| Cannot connect to DB | Check sudo systemctl status mysql + credentials |
| .htaccess 403 | sudo chmod 640 /etc/phpmyadmin/.htpasswd |
Best Practices Summary
- Always use HTTPS (Let’s Encrypt)
- Add .htaccess authentication
- Prefer dedicated user over root
- Restrict by IP when possible
- Keep everything updated: sudo apt update && sudo apt upgrade -y
- Monitor logs: /var/log/apache2/access.log & /var/log/apache2/error.log
Conclusion
You now have phpMyAdmin installed, configured, and reasonably secured on Ubuntu. Use the GUI to create databases, run queries, manage users, import/export data, and more — all through your browser.
For production-critical databases, consider managed services (automatic backups, scaling, no manual server maintenance).
