By default, the login page of phpmyadmin is located at http://<ip address>/phpmyadmin. The first thing that you will want to do is change that URL. This will not necessarily stop attackers from targeting your server but will lower the risks of a successful break-in.
This is known as security through obscurity and while some people would argue that it is not a safe measure, it has been known to both discourage attackers and to prevent break-ins.
Note: Make sure you have a working LAMP or LEMP setup with PhpMyAdmin installed on your system, if not, then follow Setup LAMP or LEMP with PhpMyAdmin.
To do it in Apache or Nginx Web servers, follow the instructions as explained below:
Change PhpMyAdmin Login Page in Apache
On RHEL-based distributions, open the /etc/httpd/conf.d/phpMyAdmin.conf or /etc/phpmyadmin/apache.conf in Debian-based distributions and comment out the line(s) beginning with Alias.
# vi /etc/httpd/conf.d/phpMyAdmin.conf OR # /etc/phpmyadmin/apache.conf
Then add a new one as follows:
# Alias /phpmyadmin /usr/share/phpmyadmin Alias /my /usr/share/phpmyadmin
The above will allow us to access the phpmyadmin interface via http://<ip address>/my. Feel free to change the Alias above if you want to use another URL.
In the same file, make sure the Require all granted directive is included inside the Directory /usr/share/phpmyadmin block.
In addition, make sure Apache reads the phpmyadmin configuration in Debian/Ubuntu:
------------ On Debian and Ubuntu ------------ # echo "Include /etc/phpmyadmin/apache.conf" >> /etc/apache2/apache2.conf
Finally, restart Apache to apply changes and point your browser to http://<ip address>/my.
------------ On CentOS/RHEL and Fedora ------------ # systemctl restart httpd ------------ On Debian and Ubuntu ------------ # systemctl restart apache2
Change PhpMyAdmin Login Page in Nginx
On the Nginx web server, we just need to create a symbolic link of PhpMyAdmin installation files to our Nginx document root directory (i.e. /usr/share/nginx/html) by typing the following command:
# ln -s /usr/share/phpMyAdmin /usr/share/nginx/html OR # ln -s /usr/share/phpmyadmin /usr/share/nginx/html
Now we need to change the URL of our phpMyAdmin page, we simply need to rename the symbolic link as shown:
# cd /usr/share/nginx/html # mv phpmyadmin my OR # mv phpMyAdmin my
Finally, restart Nginx and PHP-FPM to apply changes and point your browser to http://<ip address>/my.
------------ On CentOS/RHEL and Fedora ------------ # systemctl restart nginx # systemctl restart php-fpm ------------ On Debian and Ubuntu ------------ # systemctl restart nginx # systemctl restart php5-fpm
It should open the phpmyadmin interface (as shown in the image below), whereas http://<ip address>/phpmyadmin should result in a Not Found error page.
Do not log in using the database root user’s credentials yet. You don’t want those credentials going through the wire in plain text, so in the next tip, we will explain how to setup a self-signed certificate for the PhpMyAdmin login page.
There is no /etc/phpmyadmin if you install it in Debian 12. At least, mine doesn’t have it. I do have PhpMyAdmin installed and working.
changing the file helped me (centos + apache + nginx):
all ways with
chanded to newphpmyadmin/
Why would you ever expose this to the wild?
Hey hi! Thanks for these articles.
I had one issue: Using nginx, I had to rename /var/www/html/myphpadmin to /var/www/html/ before it worked.
Cheers!
Thank you so much!
This is the best post I have found so far for securing PhpMyAdmin URL.
However, after performing all the steps from “Change PhpMyAdmin Login Page in Nginx” – It takes me to a 404 page
Then I tried to change ‘phpmyadmin‘ to ‘mynewurl‘ in following files:
It seemed to kind work as the old Phpmyadmin URL now shows “Not Found” but the new URL taking me to a “Blank/White Page”. So, no luck.
FYI, I am using VestaCp, Nginx, PHP-FPM.
Any advise please.
Thanks a allot, this is amazing finally I can access it with
.../matrix:)cheers
Thanks you, but it didn’t worked for me on my Debian 9.5 with VestaCP and Nginx.
Awesome article, but i have apache not ngnix.
Please help me out
The tutorial includes an Apache version. (see the first guide).
However, for Ubuntu 18. I would like to point out that changing the URL address has been made easy.
Just navigate to /etc/phpmyadmin/apache.conf then change line 3 (Alias /phpmyadmin /usr/share/phpmyadmin) to Alias /NewURL /usr/share/phpmyadmin. Then restart apache2.