F8 phpMyAdmin

phpMyAdmin is a MySQL Database Administration Tool based upon php. It is easy to use, and I often login to the program to check on various portions of the database (especially for phpBB, if I am unsure if a spammer has registered). To configure it, make sure that both httpd and mysqld are running. See the Apache and MySQL pages for details.

Download and Install phpMyAdmin

To install phpMyAdmin, first go to their homepage:

http://www.phpmyadmin.net/home_page/index.php

and click on the Download link relating to their latest release, which, at the time of this writing, is phpMyAdmin 2.11.4. Next, click on the english.tar.gz link to download the compressed phpMyAdmin-2.11.4-english.tar.gz file. Once it downloads, copy the file to /var/www/html:

~> sudo cp ~/Download/phpMyAdmin-*-english.tar.gz /var/www/html/.

Then decompress the source:

~> sudo tar vfzx phpMyAdmin-*-english.tar.gz

Once the package has been decompressed, delete the source file, move the directory to phpmyadmin, and change into the ./phpmyadmin/libraries/ directory:

~> sudo rm phpMyAdmin-*-english.tar.gz
~> sudo mv phpMyAdmin-*-english phpmyadmin
~> cd phpmyadmin/libraries

The next step requires changing the configuration settings. Open the /var/www/html/phpmyadmin/libraries/config.default.php file and perform a search for the $cfg['PmaAbsoluteUri'] = ''; line. Change it to:

$cfg['PmaAbsoluteUri'] = ' http://[host].[domain].[name]/phpmyadmin/';

where [host].[domain].[name] is the address to your web site.

Next perform a search for the $cfg['blowfish_secret'] = ''; line. Change it to:

$cfg['blowfish_secret'] = '[passphrase]';

where [passphrase] is an arbitrary string of characters that the blowfish algorithm will use to encrypt your password when using cookie authentication.

Finally, perform a search for $cfg['Servers'][$i]['auth_type'] = 'config'; and change it to:

$cfg['Servers'][$i]['auth_type'] = 'cookie';

Note: When you save the file, be sure that you save it as config.inc.php. Once saved, exit, and move the new file to the /var/www/html/phpmyadmin/ directory:

~> sudo mv config.inc.php /var/www/html/phpmyadmin/.

Next, check to see if php-mbstring is installed on your system:

~> rpm -q php-mbstring

If not, use yum to install it:

~> sudo yum -y install php-mbstring

Press 'y' when prompted to install the programs and any additional dependencies. After it is installed, source your ~/.bashrc file:

~> source ~/.bashrc

Then restart your MySQL server:

~> sudo service mysqld restart

You should see MySQL successfully restart:

Stopping MySQL: [ OK ]
Starting MySQL: [ OK ]

Password Protect phpMyAdmin with .htaccess

At this point, we are almost ready to login to phpMyAdmin from a web page. When we get there, we will be prompted for the MySQL username (which in this case, will be root), and the MySQL super user password. To provide an additional layer of protection, I like to place a .htaccess file in the phpmyadmin directory that will require another username and password to be able to access the phpMyAdmin login page. This is because phpMyAdmin is a frequent source of attack from abusive hosts.

Make sure you are in the /var/www/html/phpmyadmin directory:

~> cd /var/www/html/phpmyadmin

Use sudo to open your favorite text editor and add the following lines:

AuthUserFile /var/www/html/phpmyadmin/.htpasswd
AuthName "phpMyAdmin Login Page"
AuthType Basic
Require valid-user

Save the file as .htaccess, and exit. Then create a username and password with the following command:

~> sudo htpasswd .htpasswd [user]

Type in your username for [user] and when prompted for a password, type one in (you will have to re-type it to verify).

Then edit your /etc/httpd/conf/httpd.conf file and add the following in the <Directory /></Directory> section:

<Directory "/var/www/html/phpmyadmin">
AllowOverride All
Order allow,deny
Allow from all
</Directory>

Restart your httpd server:

~> sudo service httpd restart

You should see httpd successfully restart:

Stopping httpd: [ OK ]
Starting httpd: [ OK ]

Now you can open a web browser and go to:

http://[host].[domain].[name]/phpmyadmin

where [host].[domain].[name] is the name of your web site. You will be prompted for a user name and password. Type in your username and the password you generated with the htpasswd command. This will allow you then access the phpMyAdmin login page. Type in "root" in the Username: box and your MySQL super user password in the Password: box. Click the Go button, and you should see the "Welcome to phpMyAdmin" web page. Once you successfully login, exit.

Configure MySQL for phpMyAdmin

There are a few more configuration steps that need to be done before we can actually use phpMyAdmin in earnest. Assuming that you have MySQL Version 4.0.2 or above (as is the case with F8), login to MySQL from a terminal window:

~> mysql -u root -p

Type in the MySQL super user password and hit Enter. Then type in the following information:

GRANT USAGE ON mysql.* TO 'pma'@'localhost' IDENTIFIED BY '[pmapassword]';
GRANT SELECT (
    Host, User, Select_priv, Insert_priv, Update_priv, Delete_priv,
    Create_priv, Drop_priv, Reload_priv, Shutdown_priv, Process_priv,
    File_priv, Grant_priv, References_priv, Index_priv, Alter_priv,
    Show_db_priv, Super_priv, Create_tmp_table_priv, Lock_tables_priv,
    Execute_priv, Repl_slave_priv, Repl_client_priv
    ) ON mysql.user TO 'pma'@'localhost';
GRANT SELECT ON mysql.db TO 'pma'@'localhost';
GRANT SELECT ON mysql.host TO 'pma'@'localhost';
GRANT SELECT (Host, Db, User, Table_name, Table_priv, Column_priv)
    ON mysql.tables_priv TO 'pma'@'localhost';
GRANT SELECT, INSERT, UPDATE, DELETE ON phpmyadmin.* TO 'pma'@'localhost';

where [pmapassword] is a password that you need to supply for the pma (phpmyadmin) user. This will create a special "control user" that has only the SELECT privilege on the mysql.user (all columns except "Password"), mysql.db (all columns), mysql.host (all columns), and the mysql.tables_priv (all columns except "Grantor" & "Timestamp") tables. You will probably have to Hit Enter twice.

For MySQL Version 4.1.2 or later (again, as is the case for F8), open Firefox and go to:

http://[host].[domain].[name]/phpmyadmin/scripts/create_tables_mysql_4_1_2+.sql

Substitute your web site's domain name for [host].[domain].[name]. Once the web page opens, click Edit -> Select All followed by Edit -> Copy. Then go back to the terminal window that is still logged into MySQL and click Edit -> Paste (if you are running a Gnome Terminal), or the middle button of your mouse to paste the information into MySQL. When you hit Enter, the entire query should be executed at the mysql> prompt. If the query did not fully execute, carefully examine where it stopped compared to the text in create_tables_mysql_4_1_2+.sql and copy the exact characters (to the end of the file) that need to be finished. Then paste them back into the terminal at the location where the query stopped and hit Enter again. Alternatively, you could use the key combination Ctrl + Shift + V to paste the entire query again, overwriting the original.

After you have successfully executed the query, go to:

http://[host].[domain].[name]/phpmyadmin/scripts/upgrade_tables_mysql_4_1_2+.sql

Copy, paste in, and execute the script in the same manner that you did before. When the query finishes, exit MySQL:

mysql> exit

Lastly, we need to edit /var/www/html/phpmyadmin/config.inc.php using sudo. There are several searches that need to be performed. Once you find each line, type in the appropriate information.

1. Search for $cfg['Servers'][$i]['controluser'] = '';. Type in:

$cfg['Servers'][$i]['controluser'] = 'pma';

2. Search for $cfg['Servers'][$i]['controlpass'] = '';. Type in:

$cfg['Servers'][$i]['controlpass'] = '[pmapassword]';

where [pmapassword] is the password that you chose in MySQL for the pma user.

3. Search for $cfg['Servers'][$i]['pmadb'] = '';. Type in:

$cfg['Servers'][$i]['pmadb'] = 'phpmyadmin';

4. Search for $cfg['Servers'][$i]['bookmarktable'] = '';. Type in:

$cfg['Servers'][$i]['bookmarktable'] = 'pma_bookmark';

5. Search for $cfg['Servers'][$i]['relation'] = '';. Type in:

$cfg['Servers'][$i]['relation'] = 'pma_relation';

6. Search for $cfg['Servers'][$i]['table_info'] = '';. Type in:

$cfg['Servers'][$i]['table_info'] = 'pma_table_info';

7. Search for $cfg['Servers'][$i]['table_coords'] = '';. Type in:

$cfg['Servers'][$i]['table_coords'] = 'pma_table_coords';

8. Search for $cfg['Servers'][$i]['pdf_pages'] = '';. Type in:

$cfg['Servers'][$i]['pdf_pages'] = 'pma_pdf_pages';

9. Search for $cfg['Servers'][$i]['column_info'] = '';. Type in:

$cfg['Servers'][$i]['column_info'] = 'pma_column_info';

10. Search for $cfg['Servers'][$i]['history'] = '';. Type in:

$cfg['Servers'][$i]['history'] = 'pma_history';

11. Search for $cfg['Servers'][$i]['designer_coords'] = '';. Type in:

$cfg['Servers'][$i]['history'] = 'pma_designer_coords';

Save and exit. Go back to your web browser and once again go to:

http://[host].[domain].[name]/phpmyadmin

Depending on whether your web browser is still open, you may (or may not) have to re-type the username and password to get by .htaccess. Regardless, login to phpMyAdmin as root. Once there, click on the down arrow in the Database: selection dialog box in the left column. You should see the "mysql", "phpmyadmin", and "test" databases listed. You may delete ("drop") the "test" database if you wish.

phpMyAdmin is now configured! Be very careful when using it, lest you corrupt a database...

Upgrading phpMyAdmin

To upgrade phpMyAdmin, move the phpmyadmin directory to phpmyadmin-bak:

~> sudo mv /var/www/html/phpmyadmin /var/www/html/phpmyadmin-bak

Install the new version of phpMyAdmin. When you are done, copy over the .htaccess and .htpasswd file:

~> sudo cp /var/www/html/phpmyadmin-bak/.htaccess /var/www/html/phpmyadmin/.
~> sudo cp /var/www/html/phpmyadmin-bak/.htpasswd /var/www/html/phpmyadmin/.

You can now delete the old version of phpMyAdmin:

~> sudo rm -r /var/www/html/phpmyadmin-bak

The upgrade should now be complete.

F8 Apache/MySQL/PHP Services & Applications — phpMyAdmin