Installing phpMyAdmin for Apache on Ubuntu 18.04



You should be using a non-root user with sudo privileges as explained in Ubuntu 18.04 Initial Server Setup.

You should also have your LAMP stack already installed and serving web pages before continuing with this guide. Please see Installing a LAMP Stack (Apache, MySQL, PHP) on Ubuntu 18.04.

1. Install phpMyAdmin

Let’s begin by updating the package lists and installing phpMyAdmin on Ubuntu 18.04. Below we have two commands separated by &&. The first command will update the package lists to ensure you get the latest version and dependencies for phpMyAdmin. The second command will then download and install phpMyAdmin. Press y and ENTER when asked to continue.

sudo apt update && sudo apt install phpmyadmin

The order of the following screens in the phpMyAdmin Package configuration may vary depending on your setup.

If you are prompted to choose a web server, press SPACE to put a star [*] beside apache2, then press TAB to highlight OK and press ENTER.

Select Yes and press ENTER to install and configure the database.

The MySQL application password is only used internally by phpMyAdmin to communicate with MySQL. You can leave this blank and a password will be generated automatically. Just press ENTER to continue.

2. Test phpMyAdmin

You should now be able to access the phpMyAdmin web interface by visiting your server’s domain name or public IP address followed by /phpmyadmin. e.g. http://example.com/phpmyadmin or

If you don’t have a domain name yet or don’t know your IP, you can find out with:

sudo ifconfig | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*' | grep -v '' 

You will have set up the root user and password when installing MySQL for the first time. However, remote login might be disabled for root. If you get an error 

“Access denied for user ‘root’@’localhost'”

, you should continue to Step 3 to create a superuser just for phpMyAdmin.

3. Create MySQL User

If you weren’t able to log in as root above, you can now create a superuser account just for phpMyAdmin.

In terminal, log into MySQL as root. You may have created a root password when you installed MySQL for the first time or the password could be blank, in which case you can just press ENTER when prompted for a password.

sudo mysql -p -u root

Now add a new MySQL user with the username of your choice. In this example we are calling it pmauser (php my admin user). Make sure to replace  password_here with your own (generate a password).

The % symbol tells MySQL to allow this user to log in from anywhere remotely. If you want heightened security, you could replace this with an IP address.

CREATE USER 'pmauser'@'%' IDENTIFIED BY 'password_here';

Now we will grant superuser privileges to our new user pmauser.


Now exit MySQL.


You should now be able to access phpMyAdmin using this new user account.

If you would like to set up some additional security for phpMyAdmin, continue to the next step.

4. Obscure phpMyAdmin URL

Bots and attackers continuously scan web servers for the default phpMyAdmin login page, so it is recommended that you change the URL to something else.

In this example we are going to change it from example.com/phpmyadmin to example.com/pmahidden.

Open the phpMyAdmin configuration file for Apache using the nano text editor.

sudo nano /etc/apache2/conf-available/phpmyadmin.conf

Change the Alias from /phpmyadmin to /pmahidden – you can change this to whatever you want.

# phpMyAdmin default Apache configuration

Alias /pmahidden /usr/share/phpmyadmin

Save and close nano (Press CTRL + X and then press y and ENTER to save changes)

Now you must reload the Apache service for changes to take effect.

sudo service apache2 reload

You should now be able to access phpMyAdmin at example.com/pmahidden

5. Protect with .htpasswd

We can further protect the phpMyAdmin login page with .htpasswd. This adds another line of defence against bots and hackers.

5.1  Allow .htaccess Overrides

To set up .htpasswd, we must first change the phpMyadmin Apache configuration file to allow .htaccess Overrides.

Open the config file in nano text editor.

sudo nano /etc/apache2/conf-available/phpmyadmin.conf

Add AllowOverride All underneath DirectoryIndex index.php

<Directory /usr/share/phpmyadmin>
    Options SymLinksIfOwnerMatch
    DirectoryIndex index.php
    AllowOverride All

Save and close nano (Press CTRL + X and then press y and ENTER to save changes)

Now reload the Apache service.

sudo service apache2 reload

5.2 Set up .htpasswd

We are going to create a new .htaccess file in the phpMyAdmin install directory using the nano text editor.

sudo nano /usr/share/phpmyadmin/.htaccess

Paste in the following. (Use the right mouse button to paste if using PuTTY on Windows)

AuthType Basic
AuthName "Restricted Access"
AuthUserFile /etc/phpmyadmin/.htpasswd
Require valid-user

Save and close nano (Press CTRL + X and then press y and ENTER to save changes)

We can now generate the .htpasswd file using the htpasswd tool.

In this example, we are creating a new user called pmauser (php my admin user), though you can change this to whatever you want.

sudo htpasswd -c /etc/phpmyadmin/.htpasswd pmauser

You will be asked to enter a new password twice (generate a password).

That’s it, you’re done! Visit phpMyAdmin in your browser and you should now be prompted to enter login details.