Extra Pterodactyl Documentation

# phpMyAdmin with Pterodactyl

phpMyAdmin is a database administration tool. This guide aims to walk you through the setup of phpMyAdmin alongside pterodactyl panel in a non-destructive way.

Support Information

This guide or any other guides are not supported by Pterodactyl as Pterodox is a 3rd party. The guide is also proven to work in a non-destructive manner.
Proceed at own risk as we do not take responsibility for any data loss!

# Installing phpMyAdmin

Dependencies

The following guide assumes installation of phpMyAdmin alongside pterodactyl on a single web server, therefore it skips dependency installation

# Installation

mkdir /var/www/phpmyadmin && mkdir /var/www/phpmyadmin/tmp/ && cd /var/www/phpmyadmin
wget https://www.phpmyadmin.net/downloads/phpMyAdmin-latest-english.tar.gz
tar xvzf phpMyAdmin-latest-english.tar.gz
mv /var/www/phpmyadmin/phpMyAdmin-*-english/* /var/www/phpmyadmin

# Post Install

chown -R www-data:www-data * 
mkdir config
chmod o+rw config
cp config.sample.inc.php config/config.inc.php
chmod o+w config/config.inc.php

# Web Server Configuration

PHP Version

We assume you have followed the latest panel guide using PHP 8.1
You can easily update the version fastcgi_pass unix:/run/php/php8.1-fpm.sock; to suit your needs in the configuration below

# NGINX

Create a file phpmyadmin.conf in /etc/nginx/sites-available/
Replace <domain> with your desired phpMyAdmin domain

# NGINX with SSL



 





 











 
 








































server {
    listen 80;
    server_name <domain>;
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl http2;
    server_name <domain>;

    root /var/www/phpmyadmin;
    index index.php;

    # allow larger file uploads and longer script runtimes
    client_max_body_size 100m;
    client_body_timeout 120s;

    sendfile off;

    # SSL Configuration
    ssl_certificate /etc/letsencrypt/live/<domain>/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/<domain>/privkey.pem;
    ssl_session_cache shared:SSL:10m;
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
    ssl_prefer_server_ciphers on;

    # See https://hstspreload.org/ before uncommenting the line below.
    # add_header Strict-Transport-Security "max-age=15768000; preload;";
    add_header X-Content-Type-Options nosniff;
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Robots-Tag none;
    add_header Content-Security-Policy "frame-ancestors 'self'";
    add_header X-Frame-Options DENY;
    add_header Referrer-Policy same-origin;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location ~ \.php$ {
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/run/php/php8.1-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;
        fastcgi_param PHP_VALUE "upload_max_filesize = 100M \n post_max_size=100M";
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param HTTP_PROXY "";
        fastcgi_intercept_errors off;
        fastcgi_buffer_size 16k;
        fastcgi_buffers 4 16k;
        fastcgi_connect_timeout 300;
        fastcgi_send_timeout 300;
        fastcgi_read_timeout 300;
        include /etc/nginx/fastcgi_params;
    }

    location ~ /\.ht {
        deny all;
    }
}

# NGINX without SSL



 













































server {
    listen 80;
    server_name <domain>;

    root /var/www/phpmyadmin;
    index index.php;

    # allow larger file uploads and longer script runtimes
    client_max_body_size 100m;
    client_body_timeout 120s;

    sendfile off;

    # See https://hstspreload.org/ before uncommenting the line below.
    # add_header Strict-Transport-Security "max-age=15768000; preload;";
    add_header X-Content-Type-Options nosniff;
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Robots-Tag none;
    add_header Content-Security-Policy "frame-ancestors 'self'";
    add_header X-Frame-Options DENY;
    add_header Referrer-Policy same-origin;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location ~ \.php$ {
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/run/php/php8.1-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;
        fastcgi_param PHP_VALUE "upload_max_filesize = 100M \n post_max_size=100M";
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param HTTP_PROXY "";
        fastcgi_intercept_errors off;
        fastcgi_buffer_size 16k;
        fastcgi_buffers 4 16k;
        fastcgi_connect_timeout 300;
        fastcgi_send_timeout 300;
        fastcgi_read_timeout 300;
        include /etc/nginx/fastcgi_params;
    }

    location ~ /\.ht {
        deny all;
    }
}

Applying Configuration

# You do not need to symlink this file if you are using CentOS.
sudo ln -s /etc/nginx/sites-available/phpmyadmin.conf /etc/nginx/sites-enabled/phpmyadmin.conf

systemctl restart nginx

# Apache2

Create a file phpmyadmin.conf in /etc/apache2/sites-available
Replace <domain> with your desired phpMyAdmin domain

# Apache2 with SSL


 





 








 
 


<VirtualHost *:80>
  ServerName <domain>
  RewriteEngine On
  RewriteCond %{HTTPS} !=on
  RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
</VirtualHost>
<VirtualHost *:443>
  ServerName <domain>
  DocumentRoot "/var/www/phpmyadmin"
  AllowEncodedSlashes On
  php_value upload_max_filesize 100M
  php_value post_max_size 100M
  <Directory "/var/www/phpmyadmin">
    AllowOverride all
  </Directory>
  SSLEngine on
  SSLCertificateFile /etc/letsencrypt/live/<domain>/fullchain.pem
  SSLCertificateKeyFile /etc/letsencrypt/live/<domain>/privkey.pem
</VirtualHost>

# Apache2 without SSL


 









<VirtualHost *:80>
  ServerName <domain>
  DocumentRoot "/var/www/phpmyadmin"
  AllowEncodedSlashes On
  php_value upload_max_filesize 100M
  php_value post_max_size 100M
  <Directory "/var/www/phpmyadmin">
    AllowOverride all
  </Directory>
</VirtualHost>

Applying Configuration

sudo ln -s /etc/apache2/sites-available/phpmyadmin.conf /etc/apache2/sites-enabled/phpmyadmin.conf
sudo a2enmod rewrite
systemctl restart apache2

# Configuring phpMyAdmin

Go to and follow instructions on <domain>/setup/index.php

# Setting blowfish_secret

In order to use Cookie authentication, phpMyAdmin requires to use a blowfish secret in the config.inc.php file that needs to be copied out of the config directory.

cp /var/www/phpmyadmin/config/config.inc.php /var/www/phpmyadmin

after copying the file, edit it using your favorite editor and fill in the blowfish_secret with a 32 character string.

# Finalizing

To finish the setup, make sure to remove the config and setup folders of phpMyAdmin, this is done to prevent anyone from being able to administrate phpMyAdmin in the future

rm -rf /var/www/phpmyadmin/config
rm -rf /var/www/phpmyadmin/setup
Last Updated: 11/10/2022, 10:37:11 PM

Default Egg Variables