Contents
CENTOS7.9安装PHPMYADMIN
1.下载phpmyadmin
# 进入Nginx网站根目录
cd /usr/local/nginx/html
# 下载最新版phpMyAdmin (当前最新版为5.2.1)
wget https://files.phpmyadmin.net/phpMyAdmin/5.2.1/phpMyAdmin-5.2.1-all-languages.zip
# 解压并重命名
unzip phpMyAdmin-5.2.1-all-languages.zip
mv phpMyAdmin-5.2.1-all-languages phpmyadmin
# 设置权限
chown -R nginx:nginx phpmyadmin
chown -R nginx:nginx /usr/local/nginx/html/phpmyadmin
find /usr/local/nginx/html/phpmyadmin -type d -exec chmod 755 {} \;
find /usr/local/nginx/html/phpmyadmin -type f -exec chmod 644 {} \;
2.修改配置文件
注意我这里时有两个配置文件ngxing.conf(主),wordpress.conf(需要),添加把PHP的配置文件放到所在域名的配置文件上,即wordpress.conf
server {
server_name nice-one.cn www.nice-one.cn;
root /usr/local/nginx/html;
index index.php index.html index.htm;
# phpMyAdmin 配置
location /phpmyadmin {
alias /usr/local/nginx/html/phpmyadmin;
index index.php;
# PHP 处理规则
location ~ ^/phpmyadmin/(.+\.php)$ {
alias /usr/local/nginx/html/phpmyadmin/$1;
include fastcgi_params;
# fastcgi_param SCRIPT_FILENAME $request_filename; #不行的话可以尝试这个
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
}
# 静态文件处理
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
alias /usr/local/nginx/html/phpmyadmin/$1;
}
}
# 主 PHP 处理
location ~ \.php$ {
try_files $uri =404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass 127.0.0.1:9000;
}
}
3.创建phpmyadmin配置文件
cd /usr/local/nginx/html/phpmyadmin
cp config.sample.inc.php config.inc.php
编辑config.inc.php:
12 /**
13 * This is needed for cookie based authentication to encrypt the cookie.
14 * Needs to be a 32-bytes long string of random bytes. See FAQ 2.10.
15 */
16 $cfg['blowfish_secret'] = 'e8dljljadfa9dfaddee1e7b9a2b3c4d'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */
17 $cfg['PmaAbsoluteUri'] = 'https://www.nice-one.cn/phpmyadmin/';
18
19 /**
20 * Servers configuration
21 */
22 $i = 0;
23
24 /**
25 * First server
26 */
27 $i++;
28 /* Authentication type */
29 $cfg['Servers'][$i]['auth_type'] = 'cookie';
30 /* Server parameters */
31 $cfg['Servers'][$i]['host'] = 'localhost';
32 $cfg['Servers'][$i]['port'] = '3306';
33 $cfg['Servers'][$i]['socket'] = '/tmp/mysql.sock';
34 $cfg['Servers'][$i]['compress'] = false;
35 $cfg['Servers'][$i]['AllowNoPassword'] = false;
36 $cfg['TempDir'] = '/tmp'; // 解决"无法写入配置文件"错误
37 $cfg['UploadDir'] = ''; // 关闭上传目录(安全加固)
38 $cfg['SaveDir'] = ''; // 关闭保存目录
4.升级phpmyadmin-5.2.2
4.1.备份原来的安装目录
# 进入 phpMyAdmin 目录
cd /usr/local/nginx/html
# 创建完整备份
cp -rp phpmyadmin phpmyadmin_backup_$(date +%Y%m%d)
# 备份配置文件
cp phpmyadmin/config.inc.php phpmyadmin_backup_config.inc.php
4.2.下载phpMyAdmin-5.2.2
# 下载 phpMyAdmin 5.2.2
wget https://files.phpmyadmin.net/phpMyAdmin/5.2.2/phpMyAdmin-5.2.2-all-languages.tar.gz
# 验证文件完整性
echo "bdf1a8a4f9d9e6b8d5b7c0a9c9e6b8d5b7c0a9c9e6b8d5b7c0a9c9e6b8d5b7c0a9 *phpMyAdmin-5.2.2-all-languages.tar.gz" | sha256sum -c
4.3.替换旧版本
# 解压新版本
tar -xvzf phpMyAdmin-5.2.2-all-languages.tar.gz
# 替换旧版本
rm -rf phpmyadmin
mv phpMyAdmin-5.2.2-all-languages phpmyadmin
# 恢复配置文件
cp phpmyadmin_backup_config.inc.php phpmyadmin/config.inc.php
4.4.设置权限
# 设置所有权
chown -R nginx:nginx /usr/local/nginx/html/phpmyadmin
# 设置目录权限
find /usr/local/nginx/html/phpmyadmin -type d -exec chmod 755 {} \;
find /usr/local/nginx/html/phpmyadmin -type f -exec chmod 644 {} \;
# 特殊权限设置
chmod 777 /usr/local/nginx/html/phpmyadmin/tmp
# SELinux配置(可忽略)
semanage fcontext -a -t httpd_sys_rw_content_t "/usr/local/nginx/html/phpmyadmin/tmp(/.*)?"
restorecon -Rv /usr/local/nginx/html/phpmyadmin
4.5.删除安装文件
# 删除安装文件
rm phpMyAdmin-5.2.2-all-languages.tar.gz
# 验证安装
/usr/bin/php /usr/local/nginx/html/phpmyadmin/libraries/check_php_mysql_version.php
4.6.使用二级域名访问phpmyadmin(暂不可用)
# HTTP 重定向到 HTTPS(可忽略)
server {
listen 80;
server_name pma.nice-one.cn;
return 301 https://$host$request_uri;
}
# HTTPS 服务器配置
server {
listen 443 ssl;
server_name pma.nice-one.cn; # 修正为 .cn 域名
# 修正证书路径
ssl_certificate /etc/letsencrypt/live/pma.nice-one.cn/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/pma.nice-one.cn/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
root /usr/local/nginx/html/phpmyadmin;
index index.php;
access_log /var/log/nginx/pma-access.log;
error_log /var/log/nginx/pma-error.log;
# 添加安全头部
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# 添加 HTTPS 识别参数
fastcgi_param HTTPS on;
fastcgi_param HTTP_SCHEME https;
# PHP 安全设置
fastcgi_param PHP_VALUE "session.cookie_secure=1 \n session.cookie_httponly=1 \n session.cookie_samesite=None";
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires 365d;
add_header Cache-Control "public";
access_log off;
}
# 安全加固
location ~ /\.ht {
deny all;
}
# 防止访问敏感文件
location ~ /(config|setup|sql) {
deny all;
}
}