Introduction
Adminer is a graphical interface using PHP that allows access to many SQL database types. Adminer also offers the interface in many languages.
Server Prerequisites
Before following this guide, you need an Ubuntu server with PHP 8.1 and Nginx web server.
- Deploy a new Ubuntu 20.04 server.
- Create a non-root user with sudo privileges.
- Update the server.
- Install PHP 8.1 and Nginx, and secure the server with a TLS/SSL certificate as described in this guide.
This article refers to the Adminer server as demo.example.com
.
MariaDB Install
MariaDB is one of the most common database platforms. To install the latest version of MariaDB, update the repository by running:
$ curl -LsS https://r.mariadb.com/downloads/mariadb_repo_setup | sudo bash
Install MariaDB, a drop-in replacement for MySQL.
$ sudo apt install mariadb-server mariadb-client -y
Enable MariaDB to start on boot.
$ sudo systemctl enable mariadb.service
Secure the database. Answer all the security questions as shown.
$ sudo mysql_secure_installation
The secure installer presents you with a series of questions. To ensure an optimal and secure database, answer them as follows:
- Switch to unix_socket authentication [Y/n] Y
- Change the root password? [Y/n] Y
- Remove anonymous users? [Y/n] Y
- Disallow root login remotely? [Y/n] Y
- Remove test database and access to it? [Y/n] Y
- Reload privilege tables now? [Y/n] Y
Install Adminer
Adminer is a single file. To install it, create a directory and then download the latest version locally with wget:
$ mkdir /var/www/html/adminer
$ wget https://www.adminer.org/latest.php -O /var/www/html/adminer/index.php
Navigate to the login page for your server. For example:
https://demo.example.com/adminer/
Log in with your MariaDB credentials.
Secure Adminer
The Adminer page requires a username and password to gain database access but is still available for the entire world to see. To secure the site, restrict access by IP address. You can edit the Nginx config or use the Rcs Firewall.
To restrict access to the Adminer page through the Nginx config:
Find your Nginx config file in
/etc/nginx/sites-enabled/
.$ ls -l /etc/nginx/sites-enabled/
For example, your file might be
demoweb.conf
. Open it with an editor.$ sudo nano /etc/nginx/sites-available/demoweb.conf
In the server block, add lines with the IP addresses you want to allow access to the Adminer page. The address can be a single IP address or a CIDR block.
Each line is in the format
allow IP_ADDRESS
. The last line denies all other IP addresses.location /adminer { allow 192.0.2.200; allow 192.0.2.0/28; deny all; }
The example configuration above allows access from the IP address 192.0.2.200 and the range from 192.0.2.0 through 192.0.2.15. You can use the Rcs IP Address calculator to find CIDR blocks.
Save and exit the file.
Test the configuration and restart Nginx:
# nginx -t # service nginx restart
Conclusion
Adminer is a lightweight graphical administrative tool for many databases. To learn more about Adminer, PHP, and how to restrict access by IP address in Nginx, please see these resources: