CMSLINUX

lnmp_centos7.9安装phpmyadmin

作者ericwong,发布于 留下评论

CENTOS7.9安装PHPMYADMIN

1.下载phpmyadmin

# 进入Nginx网站根目录
cd /usr/local/nginx/html

# 下载最新版phpMyAdmin (当前最新版为5.2.1)
wget https://files.phpmyadmin.net/phpMyAdmin/5.2.1/phpMyAdmin-5.2.1-all-languages.zip

# 解压并重命名
unzip phpMyAdmin-5.2.1-all-languages.zip
mv phpMyAdmin-5.2.1-all-languages phpmyadmin

# 设置权限
chown -R nginx:nginx phpmyadmin
chown -R nginx:nginx /usr/local/nginx/html/phpmyadmin
find /usr/local/nginx/html/phpmyadmin -type d -exec chmod 755 {} \;
find /usr/local/nginx/html/phpmyadmin -type f -exec chmod 644 {} \;

2.修改配置文件

注意我这里时有两个配置文件ngxing.conf(主),wordpress.conf(需要),添加把PHP的配置文件放到所在域名的配置文件上,即wordpress.conf

server {
    server_name nice-one.cn www.nice-one.cn;
    root /usr/local/nginx/html;
    index index.php index.html index.htm;

    # phpMyAdmin 配置
    location /phpmyadmin {
        alias /usr/local/nginx/html/phpmyadmin;
        index index.php;

        # PHP 处理规则
        location ~ ^/phpmyadmin/(.+\.php)$ {
            alias /usr/local/nginx/html/phpmyadmin/$1;
            include fastcgi_params;
       #    fastcgi_param SCRIPT_FILENAME $request_filename; #不行的话可以尝试这个
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            fastcgi_pass 127.0.0.1:9000;
            fastcgi_index index.php;
        }

        # 静态文件处理
        location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
            alias /usr/local/nginx/html/phpmyadmin/$1;
        }
    }

    # 主 PHP 处理
    location ~ \.php$ {
        try_files $uri =404;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_pass 127.0.0.1:9000;
    }
}

3.创建phpmyadmin配置文件

cd /usr/local/nginx/html/phpmyadmin
cp config.sample.inc.php config.inc.php

编辑config.inc.php

 12 /**
 13  * This is needed for cookie based authentication to encrypt the cookie.
 14  * Needs to be a 32-bytes long string of random bytes. See FAQ 2.10.
 15  */
 16 $cfg['blowfish_secret'] = 'e8dljljadfa9dfaddee1e7b9a2b3c4d'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */
 17 $cfg['PmaAbsoluteUri'] = 'https://www.nice-one.cn/phpmyadmin/';
 18 
 19 /**
 20  * Servers configuration
 21  */
 22 $i = 0;
 23 
 24 /**
 25  * First server
 26  */
 27 $i++;
 28 /* Authentication type */
 29 $cfg['Servers'][$i]['auth_type'] = 'cookie';
 30 /* Server parameters */
 31 $cfg['Servers'][$i]['host'] = 'localhost';
 32 $cfg['Servers'][$i]['port'] = '3306';
 33 $cfg['Servers'][$i]['socket'] = '/tmp/mysql.sock';
 34 $cfg['Servers'][$i]['compress'] = false;
 35 $cfg['Servers'][$i]['AllowNoPassword'] = false;
 36 $cfg['TempDir'] = '/tmp'; // 解决"无法写入配置文件"错误
 37 $cfg['UploadDir'] = ''; // 关闭上传目录(安全加固)
 38 $cfg['SaveDir'] = '';   // 关闭保存目录

4.升级phpmyadmin-5.2.2

4.1.备份原来的安装目录

# 进入 phpMyAdmin 目录
cd /usr/local/nginx/html

# 创建完整备份
cp -rp phpmyadmin phpmyadmin_backup_$(date +%Y%m%d)

# 备份配置文件
cp phpmyadmin/config.inc.php phpmyadmin_backup_config.inc.php

4.2.下载phpMyAdmin-5.2.2

# 下载 phpMyAdmin 5.2.2
wget https://files.phpmyadmin.net/phpMyAdmin/5.2.2/phpMyAdmin-5.2.2-all-languages.tar.gz

# 验证文件完整性
echo "bdf1a8a4f9d9e6b8d5b7c0a9c9e6b8d5b7c0a9c9e6b8d5b7c0a9c9e6b8d5b7c0a9 *phpMyAdmin-5.2.2-all-languages.tar.gz" | sha256sum -c

4.3.替换旧版本

# 解压新版本
tar -xvzf phpMyAdmin-5.2.2-all-languages.tar.gz

# 替换旧版本
rm -rf phpmyadmin
mv phpMyAdmin-5.2.2-all-languages phpmyadmin

# 恢复配置文件
cp phpmyadmin_backup_config.inc.php phpmyadmin/config.inc.php

4.4.设置权限

# 设置所有权
chown -R nginx:nginx /usr/local/nginx/html/phpmyadmin

# 设置目录权限
find /usr/local/nginx/html/phpmyadmin -type d -exec chmod 755 {} \;
find /usr/local/nginx/html/phpmyadmin -type f -exec chmod 644 {} \;

# 特殊权限设置
chmod 777 /usr/local/nginx/html/phpmyadmin/tmp

# SELinux配置(可忽略)
semanage fcontext -a -t httpd_sys_rw_content_t "/usr/local/nginx/html/phpmyadmin/tmp(/.*)?"
restorecon -Rv /usr/local/nginx/html/phpmyadmin

4.5.删除安装文件

# 删除安装文件
rm phpMyAdmin-5.2.2-all-languages.tar.gz

# 验证安装
/usr/bin/php /usr/local/nginx/html/phpmyadmin/libraries/check_php_mysql_version.php

4.6.使用二级域名访问phpmyadmin(暂不可用)

# HTTP 重定向到 HTTPS(可忽略)
server {
    listen 80;
    server_name pma.nice-one.cn;
    return 301 https://$host$request_uri;
}

# HTTPS 服务器配置
server {
    listen 443 ssl;
    server_name pma.nice-one.cn; # 修正为 .cn 域名

    # 修正证书路径
    ssl_certificate /etc/letsencrypt/live/pma.nice-one.cn/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/pma.nice-one.cn/privkey.pem;

    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;

    root /usr/local/nginx/html/phpmyadmin;
    index index.php;

    access_log /var/log/nginx/pma-access.log;
    error_log /var/log/nginx/pma-error.log;

    # 添加安全头部
    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
    add_header X-Content-Type-Options "nosniff" always;
    add_header X-Frame-Options "SAMEORIGIN" always;
    add_header X-XSS-Protection "1; mode=block" always;

    location / {
        try_files $uri $uri/ /index.php$is_args$args;
    }

    location ~ \.php$ {
        include fastcgi_params;
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

        # 添加 HTTPS 识别参数
        fastcgi_param HTTPS on;
        fastcgi_param HTTP_SCHEME https;

        # PHP 安全设置
        fastcgi_param PHP_VALUE "session.cookie_secure=1 \n session.cookie_httponly=1 \n session.cookie_samesite=None";
    }

    location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
        expires 365d;
        add_header Cache-Control "public";
        access_log off;
    }

    # 安全加固
    location ~ /\.ht {
        deny all;
    }

    # 防止访问敏感文件
    location ~ /(config|setup|sql) {
        deny all;
    }
}

发表回复

您的邮箱地址不会被公开。 必填项已用 * 标注