If you use mysql on your server, chances are you also want to use PhpMyAdmin.
Once you have installed and configure mysql-server, install the custom EPEL repository to get PhpMyAdmin.
#use the -y argument to answer YES automatically
yum -y install mysql-server
#set your password for the mysql root account
service mysqld start
mysqladmin -u root password 'r00tp4ssw0rd'
#you could also run the secure installation assistant
#add the EPEL repository
rpm -ivh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-7.noarc...
#import the public key to make sure future retrieval from epel are genuine
rpm –import https://fedoraproject.org/static/0608B895.txt
yum install phpmyadmin
Allow access to phpMyAdmin
You will need to edit PhpMyAdmin configuration file in order to connect from another IP than localhost (which is 127.0.0.1). So open up /etc/phpMyAdmin/config.inc.php to change the default Apache configuration for PhpMyAdmin
# phpMyAdmin - Web based MySQL browser written in php
# Allows only localhost by default
# But allowing phpMyAdmin to anyone other than localhost should be considered
# dangerous unless properly secured by SSL
Alias /phpmyadmin /usr/share/phpMyAdmin
Allow from all
Allow from all
Don't forget to firewall off your tcp port 3306, if you use iptables, you can do it like this :
iptables -I INPUT -p tcp --dport 3306 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -I OUTPUT -p tcp --sport 3306 -m state --state ESTABLISHED -j ACCEPT
At this point, you should succeed to connect to phpMyAdmin.
Limit access to your IP
If you have a static IP, it would be safer to limit connexions only from it, by replacing Alow from all by these lines:
#instead of Allow from all, put this
Deny from All
Allow from "your IP goes here"
Now if you allowed any IP to connect the server PhpMyAdmin directory, it is safer to force SSL connexion, this way your password won't be sent in clear when we login thus it prevents your account to be comprised. You must have mod ssl enable on your Apache server
yum -y install mod_ssl
service mysqld restart
#add a configuration line at the bottom of the file
$cfg['ForceSSL'] = true;
If you try to connect phpMyAdmin now, it's likely to fail in case your firewall is configured without a rule accepting SSL. You can add the following iptables
iptables -t filter -A INPUT -p tcp --dport 443 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 443 -j ACCEPT
Next time you login on phpMyAdmin, you will be asked to accept the unsigned certificate of your server, which is normal since your certificate is self-signed and you don't have a signing authority.
Change the alias
Some bots scan web-servers to bruteforce them, save yourself some trouble and hide your phpMyAdmin panel by changing it's url alias. Open the configuration file and change the alias to something unpredictable :
Alias /aNewSecretLocation /usr/share/phpMyAdmin
Instead of making an http request each time you connect to phpMyAdmin, you can encrypt your password inside a cookie. Edit the configuration file (when using vim, locate the line with auth_type by typing "/"+"auth_type") :
# /etc/httpd/conf.d/phpMyAdmin.conf is an alias for
#the /etc/phpMyAdmin/config.inc.php we edited earlier
#replace http by cookie
$cfg['Servers'][$i]['auth_type'] = 'cookie' ;
#enter a secret phrase,
#you don't need to remember it.
$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */
There you go ;=)
Need to run a FTP server ? Check this article.