How to secure phpmyadmin using localhost and ssh tunneling.

I want to secure phymyadming using ssh tunnels by allowing only from localhost I have followed the tutorial on but it is not working for me. Help is required

My vps server root login is not permitted

Using Putty, under SSH > Tunnels, set the source port as 8080 and destination as localhost:8080 with the local and auto options selected, then connected as usual as xyz as user name. xyz user has sudo root permission.

I have already installed phpmyadmin in my server

So I created a new directory using mkdir -p /var/www/localhost/html

Then I moved my phpmyadmin directory to /var/www/localhost/html using mv /usr/share/phpmyadmin /var/www/localhost/html

Then I Created the configuration file as follows: nano /etc/nginx/sites-available/localhost

This is the localhost configuration file content

server { listen; server_name localhost; access_log /var/www/localhost/logs/access.log; error_log /var/www/localhost/logs/error.log;

Allow connections from localhost only allow; deny all;

location / { root /var/www/localhost/html; index index.html index.htm index.php; }

location ~ .php$ { if (!-f $request_filename) { return 404; } fastcgi_pass; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /var/www/localhost/html$fastcgi_script_name; include fastcgi_params; } }

Then I enabled my new localhost configuration with the following command:

sudo ln -s /etc/nginx/sites-available/localhost /etc/nginx/sites-enabled

Then restarted Nginx: using

sudo /etc/init.d/nginx restart

Then in my browser I navigated to http://localhost:8080

But I am getting 403 Forbidden Message but the PMA favicon icon is visible.

Then as per your advice I change permission of folder using chmod 775 -R /var/www/localhost/html

But still not working

The following is the error.log report

[error] 2345#0: *1 directory index of “/var/www/localhost/html/” is forbidden, client:, server: localhost, request: “GET /HTTP/1.1”, host: “localhost:8080”

This is the output of namei -om /var/www/localhost/html/phpmyadmin

f: /var/www/localhost/html/phpmyadmin

drwxr-xr-x root root /

drwxr-xr-x root root / var

drwxr-xr-x www-data www-data www

drwxrwxr-x root root localhost

drwxr-xr-x root root html

drwxr-xr-x root root phpmyadmin

Then I again test with changing permission as follows

drwxr-xr-x root root /

drwxr-xr-x root root / var

drwxrwxr-x www-data www-data www

drwxrwxr-x root root localhost

drwxrwxr-x root root html

drwxrwxr-x root root phpmyadmin

Still not working. Kind help is welcome.

Please note that I have another website running on port 80.

Thanks in advance.

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

Sorry for the long question. I just want to secure my phymyadmin using nginx. I have followed a tutorial on “” but it is not working. I like your all tutorials because by following your tutorial i could setup everything for my vps. There is no a single tutorial explaining “How to secure phpmyadmin on nginx by allowing access only from localhost through ssh tunnel”. Please help nginx user on your digital ocean by writing a good tutorial about “Secure phymyadmin using nginx”. Thanks in advance. There is another tutorial for nginx phpmyadmon in your article and tutorial section but it is not secureway.

your question is full of things… <br> <br>simply post a snapshot of your server config and will can check what went wrong… <br> <br>now it doesn’t look easy to figure out what your settings are as your question is a little messy… <br> <br>so would you mind plz to show you a snapshot of your server config for the site you want to deal with? <br> <br>