Cookbook: Setting up phpMyAdmin

Setting up phpMyAdmin to work with Cherokee is trivial, as Cherokee already provides everything that is needed to work.

According to phpMyAdmin’s documentation, the software requirements are just:

  • PHP:

    • You need PHP 5.2.0 or newer, with session support and the Standard PHP Library (SPL) extension.

    • To support uploading of ZIP files, you need the PHP zip extension.

    • For proper support of multibyte strings (eg. UTF-8, which is currently default), you should install mbstring and ctype extensions.

    • You need GD2 support in PHP to display inline thumbnails of JPEGs ("image/jpeg: inline") with their original aspect ratio

    • When using the "cookie" authentication method, the mcrypt extension is strongly suggested for most users and is required for 64–bit machines. Not using mcrypt will cause phpMyAdmin to load pages significantly slower.

  • MySQL 5.0 or newer (details);

  • Web browser with cookies enabled.

This means that you don’t need to modify Cherokee at all provided you have PHP with MySQL support.

Simply use Cherokee-Admin’s phpMyAdmin Wizard, located under the Database category. It checks for the presence of phpMyAdmin, so you better have the package installed prior to using the Wizard, or else the Wizard will not let you proceed.

Express setup

The only thing you need to do is make phpMyAdmin accessible by Cherokee and all the script files must have permissions suitable for the user running Cherokee.

Most platforms provide packages with all that you need. For Debian based Linux distributions, You can issue the following commands as root (or through sudo) and the whole installation will take a matter of seconds.

Debian installation
# apt-get install php5-cgi php5-mysql mysql-server-5.0 phpmyadmin

Since Cherokee doesn’t appear in the list of web servers provided by the package installation script, select any of them to proceed with phpMyAdmin’s configuration.

The commands above assume you are running Cherokee as root and that your web server’s document root is /var/www.

If you were to run it as www-data, simply change the script’s owner:

Script owner
# chown -R www-data:www-data /usr/share/phpmyadmin

Now point your web browser to http://localhost/phpmyadmin, and use the MySQL user information to access the databases.

phpMyAdmin in action

Generic setup

If your platform doesn’t provide phpMyAdmin, download it from the main download site and follow the Quick Install notes in the phpMyAdmin documentation. As before, you simply need to make the program accessible to your web server, so simply use the Wizard and fill in the required information. Alternatively you can either install directly under your document root or make a symbolic link.

Configuring with the Wizard

There is also a wizard to assist you with your configuration. Once phpMyAdmin is installed, simply access one of your virtual servers in Cherokee-Admin. Then, access the Behavior tab and trigger the Rule panel by clicking on the Rule Management button. Once in there, use the Add button at the top of the panel to see the available wizards, and choose the phpMyAdmin wizard that can be found under the Web Applications category.


  • Cherokee’s default setup encodes the output of PHP with gzip, which in turn improves the server’s performance. You will get garbled output if you also enable phpMyAdmin’s gzip compression, since your web browser will be receiving content encoded twice.

  • If you are using the auth_type config, it is suggested that you protect the phpMyAdmin installation directory because using config does not require a user to enter a password to access the phpMyAdmin installation. Use of an alternate authentication method is recommended, either by switching to using auth_type cookie or http, or alternatively by using Cherokee’s authentication features. Refer to the phpMyAdmin documentation for more details on the former, or to our authentication recipe for the latter.

  • It is generally good idea to protect public phpMyAdmin installation against access by robots as they usually can not do anything good there. You can do this using robots.txt file in root.

  • The Wizard already takes care of this, but if you have installed it manually you should deny access to the ./libraries and ./setup/lib subfolders in Cherokee’s configuration. Such configuration prevents from possible path exposure and cross side scripting vulnerabilities that might happen to be found in that code. To do so, configure directory-type rules for those and manage them with the HTTP Error handler.

Handler HTTP Error