DigitalOcean

Report this

What is the reason for this report?
Question

How to secure phpmyadmin using localhost and ssh tunneling.

Posted on February 15, 2014
alikkalfizal

By alikkalfizal

I want to secure phymyadming using ssh tunnels by allowing only from localhost 127.0.0.1. I have followed the tutorial on http://deanbarrow.co.uk/the-quick-and-easy-way-to-secure-phpmyadmin/ but it is not working for me. Help is required

My vps server root login is not permitted

Using Putty, under SSH > Tunnels, set the source port as 8080 and destination as localhost:8080 with the local and auto options selected, then connected as usual as xyz as user name. xyz user has sudo root permission.

I have already installed phpmyadmin in my server

So I created a new directory using mkdir -p /var/www/localhost/html

Then I moved my phpmyadmin directory to /var/www/localhost/html using mv /usr/share/phpmyadmin /var/www/localhost/html

Then I Created the configuration file as follows: nano /etc/nginx/sites-available/localhost

This is the localhost configuration file content

server { listen 127.0.0.1:8080; server_name localhost; access_log /var/www/localhost/logs/access.log; error_log /var/www/localhost/logs/error.log;

Allow connections from localhost only allow 127.0.0.1; deny all;

location / { root /var/www/localhost/html; index index.html index.htm index.php; }

location ~ .php$ { if (!-f $request_filename) { return 404; } fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /var/www/localhost/html$fastcgi_script_name; include fastcgi_params; } }

Then I enabled my new localhost configuration with the following command:

sudo ln -s /etc/nginx/sites-available/localhost /etc/nginx/sites-enabled

Then restarted Nginx: using

sudo /etc/init.d/nginx restart

Then in my browser I navigated to http://localhost:8080

But I am getting 403 Forbidden Message but the PMA favicon icon is visible.

Then as per your advice I change permission of folder using chmod 775 -R /var/www/localhost/html

But still not working

The following is the error.log report

[error] 2345#0: *1 directory index of “/var/www/localhost/html/” is forbidden, client: 127.0.0.1, server: localhost, request: “GET /HTTP/1.1”, host: “localhost:8080”

This is the output of namei -om /var/www/localhost/html/phpmyadmin

f: /var/www/localhost/html/phpmyadmin

drwxr-xr-x root root /

drwxr-xr-x root root / var

drwxr-xr-x www-data www-data www

drwxrwxr-x root root localhost

drwxr-xr-x root root html

drwxr-xr-x root root phpmyadmin

Then I again test with changing permission as follows

drwxr-xr-x root root /

drwxr-xr-x root root / var

drwxrwxr-x www-data www-data www

drwxrwxr-x root root localhost

drwxrwxr-x root root html

drwxrwxr-x root root phpmyadmin

Still not working. Kind help is welcome.

Please note that I have another website running on port 80.

Thanks in advance.



This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
0
FMCB
FMCB
February 18, 2014

your question is full of things… <br> <br>simply post a snapshot of your server config and will can check what went wrong… <br> <br>now it doesn’t look easy to figure out what your settings are as your question is a little messy… <br> <br>so would you mind plz to show you a snapshot of your server config for the site you want to deal with? <br> <br>

0
alikkalfizal
alikkalfizal
February 18, 2014

Sorry for the long question. I just want to secure my phymyadmin using nginx. I have followed a tutorial on “http://deanbarrow.co.uk/the-quick-and-easy-way-to-secure-phpmyadmin/” but it is not working. I like your all tutorials because by following your tutorial i could setup everything for my vps. There is no a single tutorial explaining “How to secure phpmyadmin on nginx by allowing access only from localhost through ssh tunnel”. Please help nginx user on your digital ocean by writing a good tutorial about “Secure phymyadmin using nginx”. Thanks in advance. There is another tutorial for nginx phpmyadmon in your article and tutorial section but it is not secureway. https://www.digitalocean.com/community/articles/how-to-install-phpmyadmin-on-a-lemp-server/

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Sign Up

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Learn more

Resources for startups and AI-native businesses

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Learn more

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.

© 2026 DigitalOcean, LLC.Sitemap.