Secure phpMyAdmin

NOTE: We are in the process of modifying the file structure and configuration for many Bitnami stacks. On account of these changes, the file paths stated in this guide may change depending on whether your Bitnami stack uses native Linux system packages (Approach A), or if it is a self-contained installation (Approach B). To identify your Bitnami installation type and what approach to follow, run the command below:

 $ test ! -f "/opt/bitnami/common/bin/openssl" && echo "Approach A: Using system packages." || echo "Approach B: Self-contained installation."

The output of the command indicates which approach (A or B) is used by the installation, and will allow you to identify the paths, configuration and commands to use in this guide. Refer to the FAQ for more information on these changes.

If you would like, add an additional layer of security by enabling Apache’s authentication when accessing phpMyAdmin. Follow these steps:

  • Edit the Apache configuration file for the phpMyAdmin application and add the following lines inside the Directory block:

    NOTE: Depending on your installation type, you can find the Apache configuration file for phpMyAdmin in the following locations:

    • Approach A (Bitnami installations using system packages): /opt/bitnami/apache2/conf/bitnami/phpmyadmin.conf
    • Approach B (Self-contained Bitnami installations): /opt/bitnami/apps/phpmyadmin/conf/httpd-app.conf
     AuthType Basic
     AuthName phpMyAdmin
     AuthUserFile "/opt/bitnami/apache2/users"
     Require valid-user
  • Change or set the phpMyAdmin access password using the following command and replacing PASSWORD with the new password:

      $ sudo /opt/bitnami/apache2/bin/htpasswd -cb /opt/bitnami/apache2/users administrator PASSWORD
  • Restart Apache to have the changes take effect:

      $ sudo /opt/bitnami/ restart apache

Now, when accessing phpMyAdmin, users will be prompted to log in twice: first, with the username administrator and second, with the username root. The password for the first is the one set in the second step above. The password for the second can be obtained from the server launchpad or control panel.

Last modification December 21, 2022