I have an Ubuntu 10.04 server that I've taken great pains to set up securely and I would like to install phpMyAdmin on this machine to allow me to administer MySQL databases. I have run this:
apt-get install phpmyadmin
and I'm not entirely pleased with the behavior of the Ubuntu package install for a few reasons:
1) The install process prompted me to ask if I wanted to use dbconfig-common with phpMyAdmin without telling me what the ramifications might be. As I already had my database functioning, I chose not to.
2) phpMyAdmin is configured for plain old HTTP (rather than HTTPS) access. It is critical that all interactions with phpMyAdmin be served via HTTP
3) Trying to access phpmyadmin at the default location (which I believe is http://www.mydomain.com/phpmyadmin
) results in a 403/Forbidden response from my server. This is either because there's a problem in the newly installed file /etc/apache2/conf.d/phpmyadmin.conf (which is actually a symbolic links to /etc/phpmyadmin/apache.conf) or perhaps I have some other conflicting configuration.
4) The install results in a phpmyadmin/setup url which is not adequately explained in the documentation (/usr/share/doc/phpmyadmin/Documentation.html). I don't really understand what this setup script will do and wonder if it's necessary.
5) The package install results in a lot of files in the bin folder:
If anyone has any tips or heuristic guidlines to achieve the following, I'd love to hear about it:
1) phpmyadmin only accessible via HTTPS
2) phpmyadmin requires login using MySQL user and credentials
3) phpmyadmin configuration is as simple as possible and does not install binaries I will never use
4) phpmyadmin is *secure*.