Installing phpMyAdmin on Debian 7.5

To be able to administer a MySQL Server, a connection needs to be established to it. Several options are available, with the most frequently used being the command-line utilities in a shell. Another option is to make use of MySQL Workbench. However, this isn’t the preferred solution, since this would require firewall rules to be defined to allow only certain remote connections to our database server. We can also make use of phpMyAdmin, allowing us access to the database server through a web interface.

Installing phpMyAdmin

To install phpMyAdmin, we execute the following command in a “root” shell.

apt-get install phpmyadmin

During the installation, we are prompted whether a web server should be configured and if the database should be configured making use of dbconfig-common.

If we selected to configure apache2, a virtual path /phpmyadmin will be added to the primary web site.

Configuring phpMyAdmin

To configure phpMyAdmin, we will host it on a secure virtual host on Apache.

Virtual Host settings

The virtual host will use the IP address 192.168.100.14, using the certificate in /etc/ssl/CA/certs/sitename.cert and the private key in /etc/ssl/CA/private/sitename.key.nopass. Authentication will also be required using a htpasswd file in /etc/apache2/security/htpasswd.sitename.

To create this htpasswd file, we execute the following command in a “root” shell.

htpasswd -c /etc/apache2/security/htpasswd.sitename admin

We will then be prompted to enter a password for the user admin, and using these credentials we will be able to access the phpMyAdmin web interface.

Virtual Host Configuration

<VirtualHost 192.168.100.14:80>
    RewriteEngine on
    ReWriteCond %{SERVER_PORT} !^443$
    RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]
</VirtualHost>

<VirtualHost 192.168.100.14:443>
    ServerName sitename
    ServerAdmin webmaster@domain

    SSLEngine On
    SSLCertificateFile /etc/ssl/CA/certs/sitename.cert
    SSLCertificateKeyFile /etc/ssl/CA/private/sitename.key.nopass

    DocumentRoot /usr/share/phpmyadmin
    <Directory /usr/share/phpmyadmin>
        Options FollowSymLinks
        DirectoryIndex index.php
        <IfModule mod_php5.c>
            AddType application/x-httpd-php .php
            php_flag magic_quotes_gpc Off
            php_flag track_vars On
            php_flag register_globals Off
            php_admin_flag allow_url_fopen Off
            php_value include_path .
            php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
            php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/
        </IfModule>
        <IfModule mod_authn_file.c>
            AuthType Basic
            AuthName "MySQL Administration"
            AuthUserFile /etc/apache2/security/htpasswd.sitename
        </IfModule>
        Require valid-user
    </Directory>
    <Directory /usr/share/phpmyadmin/setup>
        Order Deny,Allow
        Deny from All
    </Directory>
    <Directory /usr/share/phpmyadmin/libraries>
        Order Deny,Allow
        Deny from All
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/sitename/error.log
    CustomLog ${APACHE_LOG_DIR}/sitename/access.log combined
</VirtualHost>

Enabling the Virtual Host

To enable the virtual host, we execute the following command in a “root” shell.

a2ensite sitename

To reload the configuration, we execute the following command in a “root” shell.

service apache2 reload

Setting up your own development server in Debian

In this series of articles, we will be setting up a new development environment under Debian 7.5. This will include a base server operating system, GUI Desktop Environment, Network Time Server, DNS server, Mail server, Database server and Web server. We will also be hosting our own Version Control System with integration into a Project Management and Issue and Time Tracking solution. We will also require our own Certificate Authority to request and sign digital certificates to use on our internal network and web server.

Operating System and Desktop Environment

As stated above, we will be making use of Debian 7.5 for our server operating system and either log in remotely to a shell over SSH or directly via a Desktop Environment.

Our Desktop Environment will be LXDE, due to the fact that it is designed to work well with computers on the lower end of the performance spectrum – in my case, I am running my Debian server on a Pentium IV 1.7GHz with 512MB of RAM and 2 drives of 40GB and 160GB each – the latter being used as my data drive and the former to host the operating system. We’ll also be installing Gnome and KDE as well, which are both very common Desktop Environments.

Network Time

For us to be able to broadcast Coordinated Universal Time on our internal network, we will be using NTP.

DNS Server

For us to be able to host domains on our internal network, we will be using Bind.

Mail Server

For us to be able to send and receive email messages on our internal network, we will be using Exim 4 with ClamAV, SpamAssassin and Greylistd enabled.

Data storage

For us to be able to provide data storage for our applications, we will be making use of

• Relational databases;
• In-memory object caching; and
• NoSQL databases.

Relational database

MySQL Server 5.5 will provide our relational database back-end and we will be administering it through a web front-end making use of phpMyAdmin.

Object-caching

Memcached will provide our object-caching back-end and we will be administering it through a web front-end making use of phpMemcachedAdmin.

NoSQL database

MongoDB will provide our NoSQL database back-end and we will be administering it through a web front-end making use of RockMongo.

Web Server

The web front-ends will be hosted on Apache 2.2, with virtual hosts configured for each specific web front-end and SSL certificates securing the communication between the web front-ends and clients.

Java Application Server

Tomcat will provide our Java Application Server functionality.

Zend Framework

Zend Framework 2 is an open source framework for developing web applications and services using PHP 5.3+. Apigility provides the functionality to implement a WebAPI on top of the Zend Framework.

Version Control System

For us to provide our own version control system, we will be using Subversion and Mercurial and also enable access to it over the HTTPS protocol.

Project Management and Issue and Time Tracking

For us to provide our project management solution, we will be using Redmine and configure access to both Subversion and Mercurial as well as enable access to it over the HTTPS protocol.

---

The articles will be published in the order below and as these become available, I will update the list with the appropriate links.

• Installing the base operating system
• Tweaking the base operating system
• Enabling remote access with OpenSSH
• Installing LXDE Desktop Environment
• Installing Gnome Desktop Environment
• Installing KDE Desktop Environment
• Installing Bind
• Setting up local domains
• Installing NTP
• Installing Exim 4 with ClamAV, SpamAssassin and Greylistd support
• Installing OpenSSL
• Creating a Certificate Authority
• Installing the Certificate Authority
• Creating a Certificate
• Installing MySQL Server
• Installing Memcached
• Installing MongoDB
• Installing Apache with PHP5 and SSL support
• Setting up Apache Virtual Hosts
• Installing a Certificate on a Virtual Host
• Installing Tomcat and Java Development Tools
• Installing Zend Framework
• Installing Apigility
• Installing phpMyAdmin and enabling access over HTTPS
• Installing phpMemcachedAdmin and enabling access over HTTPS
• Installing RockMongo and enabling access over HTTPS
• Installing Subversion and enabling access over HTTPS
• Installing Mercurial and enabling access over HTTPS
• Installing Redmine and enabling access over HTTPS

At the end of this series, we will have a comprehensive development server for internal use. A note on this, we are setting up the server behind an existing firewall making use of the 192.168.100.x range of IP addresses.