Hi @JigsawBob,

What I’ll recommend is creating another configuration file rather than using the 000-default.conf one.

Create the directory for your_domain as follows:

sudo mkdir /var/www/your_domain

Next, assign ownership of the directory with the $USER environment variable:

sudo chown -R $USER:$USER /var/www/your_domain

The permissions of your web roots should be correct if you haven’t modified your unmask value, but you can make sure by typing:

sudo chmod -R 755 /var/www/your_domain

In order for Apache to serve this content, it’s necessary to create a virtual host file with the correct directives. Instead of modifying the default configuration file located at /etc/apache2/sites-available/000-default.conf directly, let’s make a new one at /etc/apache2/sites-available/your_domain.conf:

sudo nano /etc/apache2/sites-available/your_domain.conf

Paste in the following configuration block, which is similar to the default, but updated for our new directory and domain name:

<VirtualHost *:80>
    ServerAdmin webmaster@localhost
    ServerName your_domain
    ServerAlias www.your_domain
    DocumentRoot /var/www/your_domain
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

Remember to change all occurrences of your_domain with your actual domain name!

Let’s enable the file with the a2ensite tool:

sudo a2ensite your_domain.conf

Disable the default site defined in 000-default.conf:

sudo a2dissite 000-default.conf

Next, let’s test for configuration errors:

sudo apache2ctl configtest

You should see the following output:

Output
Syntax OK

Restart Apache to implement your changes:

sudo systemctl restart apache2

Regards,
KFSys

I’m using DO’s MySQL marketplace image because the server is to be used as a separate, dedicated DB server to my web server. I don’t want to use the DB server for general web traffic, but I do want to be able to access the built-in PhpMyAdmin panel with a secure SSL browser connection. That’s the only reason I’m setting up a domain (actually a subdomain of the web server’s domain) on the DB server. I’ve got it working now, so I will share what I did in case anyone else needs a minimal list of steps to setup a secure PhpMyAdmin connection to your Ubuntu MySQL server:

1. Create a DNS A record for a new subdomain (e.g., db.example.com) that points to the IP address of your DB server. Then open an SSH root user session to the DB server to complete the remaining steps.

2. Create directory /var/www/ssl and place the domain’s SSL cert and key files in it (e.g., example.com.pem and example.com.key). I’m assuming your example.com SSL cert is a wildcard cert, in which case you can simply use your existing SSL cert and key files. Otherwise, you will need to create SSL cert and key files specific to subdomain db.example.com and use those.

3. Enter chown -R ww-data:www-data /var/www/ssl so Apache owns the SSL files.

4. Create file /etc/apache2/sites-available/db.example.com.conf and give it the following contents (adjust as needed):

<VirtualHost *:443>
    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html
    ServerName db.example.com

    Alias /phpmyadmin /usr/share/phpmyadmin

    SSLEngine on
    SSLCertificateFile /var/www/ssl/example.com.pem
    SSLCertificateKeyFile /var/www/ssl/example.com.key

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

1. Enter chown -R ww-data:www-data /etc/apache2/sites-available/db.example.com.conf so Apache owns the new conf file.

2. Enter a2enmod ssl to enable SSL.

3. Enter a2ensite db.example.com to enable the subdomain in Apache.

4. Enter systemctl restart apache2 to restart Apache.

That’s it! You should now be able to securely access the PhpMyAdmin panel by going to https://db.example.com/phpmyadmin.