phpMyAdmin is a completely unnecessary and insecure software that has already collected 252 CVE registered vulnerabilities over its lifetime.
Many beginner server administrators, not surprisingly, install it nonetheless. Simply because over the history of its existence, phpMyAdmin also gained its share of popularity. There are still many references all over the web, promoting its use.
But it’s lesser-known that you don’t have to install anything on the server to browse your database interactively.
Meet the convenience of fast and secure SQL GUI clients to interact with your database remotely.
SSH access and any modern SQL client is all that is needed to access your database in a nice visual way.
The odds that you are unable to SSH to the box you want to browse the database from are virtually none.
It is true that any modern MySQL GUI client will work in a similar fashion.
For our example instruction here we will go through MySQL connection using MySQL Workbench on Windows 10.
This is to cover our less-tech-savvy audience, which are the ones so notorious for itching to install phpMyAdmin and other insecurities onto a Linux box 🙂
Step 1. Download and launch MySQL Workbench
On a new Windows installation, you are likely lacking some libraries required. Ensure the latest Microsoft Visual C++ Redistributable from this link.
Then, proceed to the download page of MySQL Workbench and install it.
Then launch it.
Step 2. Create a MySQL connection
Locate the button to create a connection profile:
In the opened dialog titled “Setup New Connection”, make the following inputs:
- Connection Name: An arbitrary string describing what you are connecting to, for example, “My VPS Database”
- Connection Method: Standard TCP/IP over SSH
- SSH Hostname: the public IP of your MySQL server. For a LEMP stack, this is the same as a public server IP of your webserver, or you can input a server’s fully qualified name as long as it eventually resolves to the server IP.
- SSH Username: any SSH username that you already can connect with. Example SSH
rootuser - SSH Password: SSH user’s password. If you entered
rootabove, then, it is your SSHrootuser’s password. If another user, then its password, etc. After making the input, click “Store in Vault…” so that it’s remembered - MySQL Hostname: set it to
127.0.0.1– that is the most important thing beginners don’t initially understand, but it should be this way most of the time. Your SQL client (MySQL Workbench in this case) will first connect using the SSH details above, and this connection now becomes “local” to the server, so once it already established an SSH connection to the server, now it needs to make another connection from server to the MySQL running on the same server, which is at127.0.0.1 - MySQL Server Port: set it
3306 - Username:
root - Password: password of MySQL’s
rootuser. After entering, likewise, click “Store in Vault…” for it to be remembered
Click “Test Connection”. Upon the first test, you will be presented with a small dialog saying that the host authenticity cannot be verified. This is a normal thing, you have to accept the host’s SSH fingerprint, and click OK.
The test will now succeed, if all the details were entered correctly in the connection form earlier:
Now click OK.
Step 3. Connect to your MySQL server
You will now see your connection was added to the list of connections on the main screen:
Simply click it and it will be shortly established. There you go, your secure, fast and easy to install phpMyAdmin alternative is ready:
Not only you can issue queries against your server, but you can also do the same thing you would normally do with phpMyAdmin, and more, like controlling your MySQL service runtime.
Simply exploring your client by going through the main and context menus is a good way to get familiar with its feature set.
More security
Stepping from the use of phpMyAdmin into a MySQL GUI client is a huge security improvement since you no longer need to compromise your web server with a well-known insecure software.
But there are far more things you can do like setting up key-based SSH authentication instead of passwords and not using SSH/MySQL root users.
We intentionally did not cover these topics to keep the article short and easy to understand for those who need to at least make the first right step of no longer using phpMyAdmin in the first place.
The conclusion
Keep your server clean and lean, and stop installing phpMyAdmin. There, I said it a few times and I hope these words will save you time for installing phpMyAdmin, and time again when your server’s database would be compromised because you installed it.
Installing a GUI client is much faster, and easier, and any GUI client is far more feature-rich than phpMyAdmin.
To recap, there are several reasons why installing phpMyAdmin may not be a good idea:
-
Security risks: phpMyAdmin is a web-based tool that allows users to manage and maintain their MySQL databases. As a result, it is accessible over the internet and can be vulnerable to attacks such as SQL injection or cross-site scripting. Therefore, it is important to ensure that proper security measures are in place to protect against these types of attacks, and secure phpMyAdmin NGINX configuration should be applied.
-
Performance issues: phpMyAdmin can be resource-intensive, especially if you have a large number of databases or tables. This can lead to performance issues such as slow page load times or high CPU usage, which can impact the overall performance of the server.
-
Complexity: While phpMyAdmin is a powerful tool, it can be complex to use, especially for users who are not familiar with MySQL or SQL. This can make it difficult for users to perform basic tasks such as creating or modifying databases and tables.
-
Alternative solutions: There are other tools available that may be more suitable for managing and maintaining MySQL databases, such as MySQL Workbench or the MySQL command-line client. These tools are way more efficient and easier to use than phpMyAdmin, especially for users who are familiar with MySQL.