How to setup and secure PHPMyAdmin on OpenLiteSpeed Server

/ AWS Lightsail Hosting, Database, Dev Setup, Web Hosting Management / By

I will walk you through installing and setting up PhpMyAdmin tool on the OpenLiteSpeed server. This is a must have tool that will help you in managing databases that run your website. In addition to setting it up, I will also walk you through securing the phpMyAdmin so that it isn’t accessible to the open public

Steps

  1. Open an SSH Terminal console to your server. If you don’t have an OpenLiteSpeed (OLS) server yet, follow this tutorial)
  2. Elevate to super user
sudo su
  1. Install unzip package if not already installed
apt install unzip
  1. CD to the default virtual host document root
cd /usr/local/lsws/Example/html
  1. Get the latest version of PhpMyAdmin and set it up
wget https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-all-languages.zip
unzip phpMyAdmin-latest-all-languages.zip
mv phpMyAdmin-5.1.2-all-languages phpmyadmin
chown -R lsadm:lsadm phpmyadmin
  1. Create PHPMyAdmin config and add a secure secret string for the blowfish encryption
mv phpmyadmin/config.sample.inc.php phpmyadmin/config.inc.php
vi phpmyadmin/config.inc.php
  1. Generate a random string using an online generator with the length of 32 characters
  2. Add the string in the file at this line between the single quotes: 
$cfg['blowfish_secret'] = '';
  1. Create the phpmyadmin context in the OLS Web Admin
    1. Navigate to WebAdmin -> Virtual Hosts -> Example -> Context
    2. Click +
    3. For Type select Static
    4. Enter URI value /phpmyadmin
    5. Enter Location: /usr/local/lsws/Example/html/phpmyadmin
    6. Set Accessible to YES
    7. Set default document to index.php
    8. Save and Restart LiteSpeed
  2. Open port 8088 in Lightsail Firewall section
  3. Test setup by visiting http://YOUR_IP_ADDRESS:8088/phpmyadmin
  4. Secure PHPMyAdmin with one of the following options
    1. Restrict access by IP
    2. Setup Basic http authentication using local DB file
  5. Restrict access by IP using Lightsail Firewall
    1. Navigate to Networking -> Firewall
    2. Check the box Restrict to IP address
    3. Enter your IP address to only allow your computers to connect to port 8088
  6. Restrict access by using Web Admin IP Address
    1. Navigate to WebAdmin -> Virtual Host > Example > Context > phpmyadmin
    2. Set Access Allowed to your computers IP Address
    3. Set Access Denied to *
    4. Save and Restart LiteSpeed
  7. Setup Basic http authentication using the following steps
  8. In your SSH Terminal create the following file and set permissions
touch /usr/local/lsws/conf/PASS
chown lsadm:lsadm /usr/local/lsws/conf/PASS
  1. Navigate to WebAdmin -> Virtual Hosts -> Example -> Security
  2. Add Realm List
    1. Set name to phpmyadmin
    2. Set User DB Location to /usr/local/lsws/conf/PASS
  3. Save and Restart
  4. Go back to WebAdmin -> Virtual Hosts -> Example -> Security
  5. Click hyperlink for /usr/local/lsws/conf/PASS
  6. Create username and password
  7. Save and Restart
  8. Navigate to WebAdmin > Virtual Hosts > Example -> Context > phpmyadmin
  9. Set Realmn to phpmyadmin
  10. Test setup

Reference Links

https://docs.litespeedtech.com/cloud/images/wordpress/#how-do-i-secure-phpmyadmin

https://openlitespeed.org/kb/phpmyadmin-on-openlitespeed/

All videos tutorials on the website as well as the YouTube channel aim to provide a simplified process for a specific scenario; there could be many different factors and unique use cases you may have. The tutorials may not cover every situation; so treat is as a starting point or learning concept to apply to your unique situations, and consider this inspiration but not prescription or explicit direction.

Other Webhosting Tutorials

Scroll to Top