An earlier version of this tutorial was written by Brennan Bearnes.
该教程的早期版本由Brennan Bearnes编写 。
介绍 (Introduction)
While many users need the functionality of a database management system like MySQL, they may not feel comfortable interacting with the system solely from the MySQL prompt.
尽管许多用户需要像MySQL这样的数据库管理系统的功能,但他们可能不满意仅从MySQL提示符与系统进行交互。
phpMyAdmin was created so that users can interact with MySQL through a web interface. In this guide, we’ll discuss how to install and secure phpMyAdmin so that you can safely use it to manage your databases on an Ubuntu 20.04 system.
创建了phpMyAdmin ,以便用户可以通过Web界面与MySQL进行交互。 在本指南中,我们将讨论如何安装和保护phpMyAdmin,以便您可以安全地使用它来管理Ubuntu 20.04系统上的数据库。
先决条件 (Prerequisites)
In order to complete this guide, you will need:
为了完成本指南,您将需要:
An Ubuntu 20.04 server. This server should have a non-root user with administrative privileges and a firewall configured with
ufw
. To set this up, follow our initial server setup guide for Ubuntu 20.04.Ubuntu 20.04服务器。 该服务器应具有具有管理特权的非root用户,并应使用
ufw
配置防火墙。 要进行设置,请遵循我们针对Ubuntu 20.04的初始服务器设置指南 。A LAMP (Linux, Apache, MySQL, and PHP) stack installed on your Ubuntu 20.04 server. If this is not completed yet, you can follow this guide on installing a LAMP stack on Ubuntu 20.04.
在Ubuntu 20.04服务器上安装的LAMP(Linux,Apache,MySQL和PHP)堆栈。 如果尚未完成,则可以按照本指南在Ubuntu 20.04上安装LAMP堆栈 。
Additionally, there are important security considerations when using software like phpMyAdmin, since it:
此外,使用phpMyAdmin之类的软件时,还有一些重要的安全注意事项,因为它:
- Communicates directly with your MySQL installation 与您MySQL安装直接通信
- Handles authentication using MySQL credentials 使用MySQL凭证处理身份验证
- Executes and returns results for arbitrary SQL queries 执行并返回任意SQL查询的结果
For these reasons, and because it is a widely-deployed PHP application which is frequently targeted for attack, you should never run phpMyAdmin on remote systems over a plain HTTP connection.
由于这些原因,并且由于它是经常被攻击的广泛使用PHP应用程序,因此您永远不要通过纯HTTP连接在远程系统上运行phpMyAdmin。
If you do not have an existing domain configured with an SSL/TLS certificate, you can follow this guide on securing Apache with Let’s Encrypt on Ubuntu 20.04. This will require you to register a domain name, create DNS records for your server, and set up an Apache Virtual Host.
如果您没有使用SSL / TLS证书配置的现有域,则可以按照本指南在Ubuntu 20.04上使用Let's Encrypt来保护Apache 。 这将要求您注册一个域名 , 为您的服务器创建DNS记录 ,并设置一个Apache虚拟主机 。
第1步-安装phpMyAdmin (Step 1 — Installing phpMyAdmin)
You can use APT to install phpMyAdmin from the default Ubuntu repositories.
您可以使用APT从默认的Ubuntu存储库安装phpMyAdmin。
As your non-root sudo user, update your server’s package index:
作为您的非root用户sudo用户,更新服务器的软件包索引:
- sudo apt update sudo apt更新
Following that you can install the phpmyadmin
package. Along with this package, the official documentation also recommends that you install a few PHP extensions onto your server to enable certain functionalities and improve performance.
接下来,您可以安装phpmyadmin
软件包。 与此软件包一起, 官方文档还建议您在服务器上安装一些PHP扩展,以启用某些功能并提高性能。
If you followed the prerequisite LAMP stack tutorial, several of these modules will have been installed along with the php
package. However, it’s recommended that you also install these packages:
如果您遵循了前提条件LAMP堆栈教程 ,那么其中的一些模块将与php
软件包一起安装。 但是,建议您还安装以下软件包:
php-mbstring
: A module for managing non-ASCII strings and convert strings to different encodingsphp-mbstring
&#