Upgrading Plesk’s phpMyAdmin to the latest version

phpMyAdmin is a great tool but a constant headache (xss, sql injections,etc) as well. Every now and then there are new security holes discovered that need to be fixed ASAP. On the other hand, Plesk doesn’t seem to follow these security fixes, so if you want to keep yourself a bit more secure than Plesk thinks you should be, then you have to upgrade phpMyAdmin by your self. This procedure isn’t very straightforward due to the way Plesk uses PMA so I’ll post here some notes/guidelines on how to achieve that.

My notes are based on Plesk 8.6, so I am sure newer Plesk versions are way easier to upgrade than this.

Step 1: Download new phpMyAdmin
# wget http://downloads.sourceforge.net/project/phpmyadmin/phpMyAdmin/3.3.8/phpMyAdmin-3.3.8-all-languages.tar.gz
Step 2: Extract into /opt/psa/admin/htdocs/domains/databases/

# mv phpMyAdmin-3.3.8-all-languages.tar.gz /opt/psa/admin/htdocs/domains/databases/
# cd /opt/psa/admin/htdocs/domains/databases/
# tar zxf phpMyAdmin-3.3.8-all-languages.tar.gz

Step 3: Rename old PMA and symlink the new
# mv phpMyAdmin phpMyAdmin.old
# ln -sf phpMyAdmin-3.3.8-all-languages phpMyAdmin

Step 4: Copy old config file
This step depends on your old PMA version. Since my version was I had to:
#cp phpMyAdmin.old/libraries/config.default.php phpMyAdmin/config.inc.php
If you have newer versions of PMA just do:
#cp phpMyAdmin.old/config.inc.php phpMyAdmin/config.inc.php
Step 5: Edit necessary files
Substep a: edit phpMyAdmin/libraries/session.inc.php
When the first comment block finishes and before line 14: if (! defined('PHPMYADMIN')) {
add the following snippet:
// Close Plesk's session.
$proxy_session_id = session_id();

Substep b: edit phpMyAdmin/libraries/common.inc.php around line 190 and change:

    // from Plesk

!! Mind the “,” after ‘key’ !!

That’s about it…you should now be able to use your new PMA version through Plesk.

8 Responses to “Upgrading Plesk’s phpMyAdmin to the latest version”

  1. ikoz
    November 6th, 2010 | 23:17
    Using Mozilla Firefox Mozilla Firefox 3.6.10 on Linux Linux

    Thanks for the instructions, will use them.. For now I have just http auth enabled, provides some mediocre security.. But a normal update is better.

    I run plesk 8.6 too… On a centos 4.8 box. A bit outdated isn’t it?
    Have you made an attempt to update to some 9.x version, or even 10.x (just released)?
    I always think about updating it, but never decide to actually do it.
    Even thinking of the possible complications horrifies me (and ‘since works don’t mess with it’)..
    A guide on that would be most appreciated 🙂

  2. November 28th, 2010 | 11:40
    Using Internet Explorer Internet Explorer 7.0 on Windows Windows Server 2003

    step 5,Substep b: ,the file name is phpMyAdmin/libraries/common.inc.php
    it seems that plesk 9.x can’t update phpmyadmin like this.
    i got error in plesk 9

  3. December 3rd, 2010 | 10:42
    Using Mozilla Firefox Mozilla Firefox 3.6.12 on Linux Linux

    Unfortunately I don’t currently have access to a Plesk 9 server. If someone gave me access to such a server, I’d be more than glad to write instructions for it as well.

  4. January 22nd, 2011 | 07:47
    Using Google Chrome Google Chrome 8.0.552.237 on Mac OS X Mac OS X 10.6.5

    Thank you so much! This was absolutely great and thank you for sharing this information. I think I wasted around 3 hours tonight trying to upgrade all this and your directions were by far the best out of any website out there. Fantastic job and thank you many many times over mate! 🙂

  5. March 27th, 2011 | 15:42
    Using Opera Opera 9.80 on Windows Windows XP

    This method works with Plesk 9.5 too, but there are a few differences:
    – as fugui already stated, in Step 5, Substep b the file that you need to edit is phpMyAdmin/libraries/common.inc.php
    – Plesk (at least on my server (CentOS 5.5 minimal)) is not located in /opt/psa, so before starting the upgrade you need to find where Plesk is installed on your server, and modify the paths accordingly

    I’ve successfully upgraded the default phpMyAdmin to 3.3.10-english using this method.

    Note: Installing mc will help you a lot during the upgrade.

  6. Alex
    December 18th, 2011 | 10:05
    Using Google Chrome Google Chrome 15.0.874.121 on Linux Linux

    I just used this method to upgrade my PMA from 2.11 something to 3.4.8 in Plesk 9.5.4. However, after doing so I received the following error message in PMA:

    “The phpMyAdmin configuration storage is not completely configured, some extended features have been deactivated.”

    Upon checking out the documentation I found the following message regarding upgrading:

    “You should not copy libraries/config.default.php over config.inc.php because the default configuration file is version-specific.”

    Going to troubleshoot further, will try to remember to update with what I do.

  7. Alex
    December 18th, 2011 | 11:00
    Using Google Chrome Google Chrome 15.0.874.121 on Linux Linux

    I’m back! It was an easy fix. I’m assuming the author of this tutorial suggested copying libraries/config.default.php over config.inc.php to preserve compatibility with Plesk, but I didn’t look though enough of the file to be sure.

    I learned that the above error was just regarding three advanced functions of PMA 3.4.8 – Designer coordinates (which may have existed prior), tracking, and userconfig. Tracking seems particularly useful as it supposedly stores versions of tables, and userconfig is nice because it allows you to preserve your PMA user preferences between sessions. In order to enable these functions and get rid of that error message you need to run the PMA file scripts/create_tables.sql and create their tables. Chances are you already had a pmadb, so I would recommend creating a second one with that script to get the tracking and userconfig tables, then copy those tables over to your old pmadb. Once you do that you need to edit the config.inc.php file to point to those tables, in my case it involved adding:

    $cfg[‘Servers’][$i][‘designer_coords’] = ‘pma_designer_coords’;
    $cfg[‘Servers’][$i][‘userconfig’] = ‘pma_userconfig’;
    $cfg[‘Servers’][$i][‘tracking’] = ‘pma_tracking’;

    This method appears to have worked well in upgrading to PMA 3.4.8 in Plesk 9.5.4.

  8. January 22nd, 2012 | 13:22
    Using Mozilla Firefox Mozilla Firefox 3.6.25 on Windows Windows 7

    This guide was perfect – I was in exactly the same set of circumstances (Plesk 8.6, PMA and the instructions were spot on. The whole process took me about 10 minutes!

Leave a reply