How to Installing and Using PHPMyAdmin with WordPress

View: 706    Dowload: 0   Comment: 0   Post by: hanhga   Category: MySQL   Fields: Other

In addition to offering a visual GUI for database operations, I also appreciate being able to run command line SQL operations via my browser without having to log in to the server via SSH.

For example, some WiFi and mobile connections regularly terminate persistent SSH sessions, making database tasks problematic.

Getting started with PMA is fairly straightforward on Linux. I'll describe how to do so with Ubuntu 14.x at Digital Ocean. Log in to your server via SSH:

apt-get install phpmyadmin

You can use the default settings during installation or customize them to your liking.

On a typical WordPress installation, there aren't any direct ports to MySQL for a hacker to try to access. They might try to break in via SSH or try SQL injection attacks against WordPress, but they can't directly attack the database. Once you install PMA, anyone can run web-based attacks against it in order to gain control of your database, so care is warranted.

There are a few precautions I recommend when configuring PMA.

1. Use very strong passwords for all of your MySQL accounts, especially the root account. e.g. 25 characters for the root password.

2. Use different MySQL accounts and privileges for each WordPress site running on a single server. This way if one WordPress password is compromised, only one site's database is compromised.

3. Change the default URL used by PMA. This way people can't visithttp://yourblog.com/phpmyadmin. While this security by obscurity isn't a very effective technique, it does add some protection.

Add an alias to the apache.conf file:

nano /etc/phpmyadmin/apache.conf
Alias /myobscuredpma /usr/share/phpmyadmin

Reload apache:

service apache2 reload

Then, to access PMA, visit http://yourblog.com/myobscuredpma

If you need to modify your PHPMyAdmin password, you can edit the config-db.phphere:

nano /etc/phpmyadmin/config-db.php

4. Configure Web Authentication for the PMA Site. This will require that you enter an additional password to gain access to PMA, in addition to your database password, like this:

Apache User Access Restrictions

To configure Apache user restrictions, follow these steps:

Install htpasswd as part of apache2-utils:

apt-get install apache2-utils

Make a directory to store your passwords:

mkdir /etc/htpasswd

Add htaccess support for PMA: 

nano /etc/phpmyadmin/apache.conf

Add "AllowOverride All" below 

<Directory /usr/share/phpmyadmin>
        Options FollowSymLinks
        DirectoryIndex index.php
        AllowOverride All

Configure your user authentication for PMA:

nano /usr/share/phpmyadmin/.htaccess
AuthType Basic
AuthName "Login Required for Access"
AuthUserFile /etc/htpasswd/.htpasswd
Require valid-user

Set your password:

htpasswd -c /etc/htpasswd/.htpasswd username

And, restart Apache:

service apache2 restart

Browse to your PMA site, and you'll be prompted for your username and password as shown above.

It's very important to remember that PMA allows you to directly manipulate the WordPress database; that means it's quite easy to break your WordPress site if you don't know what you're doing. It's especially unwise to apply database scripts from the web unless you understand them completely. Use PMA with great care.

Here are a few scenarios that may be helpful to you in ongoing WordPress administration:

Without PMA, I would sign in to my server via SSH. Log in to MySQL, and then run:

create database wordpress;
grant all privileges on wordpress.* TO "your-mysql-username"@"localhost" identified by "your-mysql-password";
flush privileges;

With PMA, you can run any command line query with the visual interface. Click the SQL tab and paste the MySQL database instructions above. Then click Go to create the database.

I use this a lot when creating new WordPress sites, just before running the WordPress web installer. 

Or, you can use the visual interface to create your database directly:

You can also add users and define privileges this way. Click on the privileges tab:

Click Add User, and define the privileges for the database that you wish:

For your typical WordPress database account, you'll want to check the boxes in the Data and Structure squares. 

It's a very good idea to backup your database before performing any of the tasks below. If something goes wrong, you'll be able to restore your WordPress site from the backup.

Using the PMA web interface, click on your WordPress database, click the Export tab and select Custom.

Enable "Add Drop Table / View / Procedure / Function / Event" statement:

When you click Go, PMA will download a backup of your entire database. If you're Apache PHP timeout settings aren't properly configured, some long file downloads may timeout and fail. You can adjust this in PHP.ini as I describe on my site.

WordPress doesn't have built-in features to help with search and replace when websites change or you need to adjust content across many posts.

With PMA, you can run a manual query to search and replace the text that you want to change (again, be very careful with write-based SQL commands on your WordPress database):

UPDATE wp_posts SET post_content = REPLACE (post_content, 'source text', 'replace with this text');

An alternative to using PMA and MySQL, is this handy Search and Replace plugin.

Often when you move a WordPress site to a new domain name or URL, it won't reflect the changes to your domain name throughout the site; even after changing the domains in the site settings. You can fix this in the database with PMA:

Again, you can use the SQL query box to update your site's database directly:

update wp_options set option_value = replace(option_value,'http://old_domain.com','http://new_domain.com');
update wp_postmeta set meta_value = replace(meta_value,'http://old_domain.com','http://new_domain.com');
update wp_posts set post_content = replace(post_content,'http://old_domain.com','http://new_domain.com');
update wp_posts set guid = replace(guid,'http://old_domain.com','http://new_domain.com');
update wp_posts set pinged = replace(pinged,'http://old_domain.com','http://new_domain.com');
update wp_comments set comment_content = replace(comment_content,'http://old_domain.com','http://new_domain.com');

Or, you can use the web interface. Browse to the database name, select each table, run a query and manually change the settings for each:

Click Edit and make your changes:

There are rare cases where WordPress' administrator passwords get changed, lost or corrupted. If you can access your database, you can use PMA to update your password right directly (do browse and verify which numeric id represents the current administrative user):

Update 'your_database'.'your_user' SET 'user_pass'=MD5('new-password') WHERE 'wp_users'.'ID'=1;


How to Installing and Using PHPMyAdmin with WordPress

In addition to offering a visual GUI for database operations, I also appreciate being able to run command line SQL operations via my browser without having to log in to the server via SSH.

Posted on 12-01-2016 


To comment you must be logged in members.

Files with category

File suggestion for you
File top downloads
Codetitle - library source code to share, download the file to the community
Copyright © 2018. All rights reserved. codetitle Develope by Vinagon .Ltd