I fail to understand why PHPmyadmin is forbidden in Nginx

Posted January 29, 2018 39.4k views
NginxUbuntu 16.04

I fail to understand why entrance to PHPmyadmin is forbidden (http://my_ip/phpmyadmin). Here’s what I did to install it:

On a pure Ubuntu 16.04 machine (server, xenial) I’ve installed LEMP this way (MySQL root password setted on install):

apt-get update -y
apt-get upgrade nginx mysql-server php-fpm php-mysql -y

I then installed PMA:

DEBIAN_FRONTEND=noninteractive apt-get upgrade phpmyadmin php-mbstring php-mcrypt php-gettext -y
ln -s /usr/share/phpmyadmin/ /var/www/html/
chown -R www-data:www-data /usr/share/phpmyadmin/ /var/www/html
chmod -R a-x,a=rX,u+w /usr/share/phpmyadmin/ /var/www/html

As said, when navigating to (http://my_ip/phpmyadmin) I get “Forbidden (403)” HTTP status code.

I really fail to understand what’s wrong from the error log:

directory index of “/var/www/html/phpmyadmin/” is forbidden

Hence I ask what might be the problem?

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
4 answers

Stumbled across this thread while setting up a LEMP 18.04LTS snapshot. It seemsto match my problem. Turned out I didn’t have index.php defined as a supported index in the site config

index index.php index.html index.htm index.nginx-debian.html;

Makes sense as if it can’t find an index it will try to show directory contents, which is forbidden.

I struck to such a problem/solution, when PhpMyAdmin wasn’t opening in the browser, giving “403 Forbidden nginx/1.14.0 (Ubuntu)” error.

I had just missed ‘index.php’ in the type of files list in the 443/secure https section block. That’s it. Whole day went to find it. Google too was unable to find me this solution.

Hi benqzq. I see you’re using NGINX on the server as well. Could NGINX be preventing you from seeing it?

If you add something like this to your nginx.conf you should be able to open up access to it:

server {
    listen 80;

    location / {
        root /phpmyadmin;
        allow your-public-ip;
  • Hi, thanks,

    I thought about creating a conf but I’d like to avoid that. That’s why I’ve installed PHPmyadmin directly from the repositories (I thought it would redundant creating a conf).

    I’m sad to know a conf file must be created (the task becomes less automatic because I then need to isolate my IP for each droplet, and paste that into the conf, which makes the process less minimal by itself).

  • In another droplet I tried to use a similar conf but had no luck. Also, somehow an index.php file was created in my document root and at that time I could access PMA without the conf.

    In another droplet I had the same problem and I’ve tried to write in the start of the nginx.conf (in the start of the http block) index index.php index.html;.

    I swear, I can’t understand why using PMA should be so complicated in Nginx…

Strange, I can suddenly access PMA login screen without WSOD and without any problem, from any browser.

Without any Nginx conf file added…

There might have been a bug fixed in the background after some apt-get update && apt-get upgrade or after some upgrade by unattended-upgrades.