Install phpIPAM on Debian 13 with Apache and MariaDB [Guide]

phpIPAM is a free, open-source web-based IP address management (IPAM) tool built with PHP and a MySQL/MariaDB backend. It gives network teams visual subnet displays, automated host discovery, VLAN management, REST API access, and full IPv4/IPv6 support – all from a clean web interface. The latest release is phpIPAM 1.7.4 with PHP 8 compatibility fixes and security patches.

This guide covers installing phpIPAM 1.7.4 on Debian 13 (Trixie) using Apache, PHP 8.4, and MariaDB 11.8 from the default Debian repositories. We install phpIPAM from its official Git repository, configure the database, set up an Apache virtual host, and secure the server with UFW firewall rules.

Prerequisites

A server running Debian 13 (Trixie) with at least 1GB RAM
Root or sudo access
A domain name or FQDN pointing to the server (for Apache virtual host)
Ports 80/TCP and 443/TCP open for web access

Step 1: Install Apache, PHP 8.4, and Required PHP Modules

phpIPAM needs a web server, PHP, and several PHP extensions. Debian 13 ships with PHP 8.4 in its default repositories. Install everything in one shot.

sudo apt update
sudo apt install -y apache2 php php-cli libapache2-mod-php php-curl php-mysql php-gd php-intl php-pear php-imap php-apcu php-pspell php-tidy php-mbstring php-gmp php-xml php-ldap php-common php-snmp php-fpm git

Verify that PHP 8.4 is installed correctly.

$ php -v
PHP 8.4.5 (cli) (built: Mar 13 2026 12:20:04) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.4.5, Copyright (c) Zend Technologies
    with Zend OPcache v8.4.5, Copyright (c), by Zend Technologies

Check that PHP-FPM is running.

$ systemctl status php8.4-fpm.service
● php8.4-fpm.service - The PHP 8.4 FastCGI Process Manager
     Loaded: loaded (/lib/systemd/system/php8.4-fpm.service; enabled; preset: enabled)
     Active: active (running)

Set your timezone in the PHP-FPM configuration file.

sudo vim /etc/php/8.4/fpm/php.ini

Find the [Date] section and set your timezone.

[Date]
date.timezone = Africa/Nairobi

Replace Africa/Nairobi with your actual timezone. Restart PHP-FPM to apply the change.

sudo systemctl restart php8.4-fpm.service

Step 2: Install and Configure MariaDB Database Server

phpIPAM stores all IP address data, subnets, and configuration in a MariaDB database. Debian 13 ships MariaDB 11.8 in its default repositories.

sudo apt install -y mariadb-server mariadb-client

Start and enable MariaDB to run at boot.

sudo systemctl enable --now mariadb

Verify the service is running.

$ systemctl status mariadb
● mariadb.service - MariaDB 11.8.6 database server
     Loaded: loaded (/lib/systemd/system/mariadb.service; enabled; preset: enabled)
     Active: active (running)

Harden the MariaDB installation by running the security script.

sudo mysql_secure_installation

Answer the prompts as follows.

Enter current password for root (enter for none): Press Enter
Switch to unix_socket authentication [Y/n] y
Change the root password? [Y/n] y
New password: Enter Password
Re-enter new password: Re-Enter Password
Remove anonymous users? [Y/n] y
Disallow root login remotely? [Y/n] y
Remove test database and access to it? [Y/n] y
Reload privilege tables now? [Y/n] y

sudo mysql -u root -p

Run these SQL statements to create the database and grant permissions.

CREATE DATABASE phpipam;
GRANT ALL ON phpipam.* TO phpipam@localhost IDENTIFIED BY 'StrongPassword123';
FLUSH PRIVILEGES;
EXIT;

Replace StrongPassword123 with a secure password of your choice. Remember this password – you will need it for the phpIPAM configuration file.

Step 3: Install phpIPAM on Debian 13 via Git Clone

Clone the phpIPAM repository from GitHub into the Apache web root. The --recursive flag pulls in required submodules.

sudo git clone --recursive https://github.com/phpipam/phpipam.git /var/www/html/phpipam

Switch to the latest stable release tag.

cd /var/www/html/phpipam
sudo git checkout v1.7.4

Copy the sample configuration file to create your working config.

sudo cp config.dist.php config.php

Edit the configuration file with your database credentials.

sudo vim config.php

Update the database connection section with the credentials you created in Step 2.

/**
 * database connection details
 ******************************/
$db['host'] = 'localhost';
$db['user'] = 'phpipam';
$db['pass'] = 'StrongPassword123';
$db['name'] = 'phpipam';
$db['port'] = 3306;

Set the correct ownership so Apache can read the phpIPAM files.

sudo chown -R www-data:www-data /var/www/html/phpipam

Step 4: Configure Apache Virtual Host for phpIPAM

Create an Apache virtual host configuration file for phpIPAM. First, disable the default site.

sudo a2dissite 000-default.conf

Create the phpIPAM virtual host file.

sudo vim /etc/apache2/sites-available/phpipam.conf

Add the following configuration. Replace ipam.example.com with your actual domain name.

<VirtualHost *:80>
    ServerAdmin admin@example.com
    DocumentRoot "/var/www/html/phpipam"
    ServerName ipam.example.com
    <Directory "/var/www/html/phpipam">
        Options FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>
    ErrorLog "/var/log/apache2/phpipam-error.log"
    CustomLog "/var/log/apache2/phpipam-access.log" combined
</VirtualHost>

Enable the site and the Apache rewrite module, which phpIPAM requires for clean URLs.

sudo a2ensite phpipam.conf
sudo a2enmod rewrite

Test the Apache configuration for syntax errors.

$ sudo apachectl -t
Syntax OK

Restart Apache to apply all changes.

sudo systemctl restart apache2

Verify Apache is running.

$ systemctl status apache2
● apache2.service - The Apache HTTP Server
     Loaded: loaded (/lib/systemd/system/apache2.service; enabled; preset: enabled)
     Active: active (running)

Step 5: Configure UFW Firewall

Allow HTTP and HTTPS traffic through the UFW firewall.

sudo apt install -y ufw
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw allow ssh
sudo ufw enable

Verify the firewall rules are active.

$ sudo ufw status
Status: active

To                         Action      From
--                         ------      ----
80/tcp                     ALLOW       Anywhere
443/tcp                    ALLOW       Anywhere
22/tcp                     ALLOW       Anywhere
80/tcp (v6)                ALLOW       Anywhere (v6)
443/tcp (v6)               ALLOW       Anywhere (v6)
22/tcp (v6)                ALLOW       Anywhere (v6)

Step 6: Complete phpIPAM Setup via Web Interface

Open your browser and navigate to http://ipam.example.com or http://your-server-ip. You will see the phpIPAM installation page.

Select “New phpipam installation” to proceed to the database configuration screen.

Select “MySQL import instructions”. Since we already created the database in Step 2, import the schema by running this command on the server.

sudo mysql -u root -p phpipam < /var/www/html/phpipam/db/SCHEMA.sql

Enter your MariaDB root password when prompted. After the import completes, click “Login” on the web interface.

phpIPAM will prompt you to change the default admin password on first login. Set a strong password.

After setting the new password, you land on the phpIPAM dashboard where you can start managing IP addresses, subnets, and VLANs.

The tools and devices section gives access to subnet scanning, SNMP queries, and device type management.

Conclusion

phpIPAM 1.7.4 is now running on Debian 13 with Apache, PHP 8.4, and MariaDB 11.8. You can start adding subnets, VLANs, and devices, and use the automated discovery features to scan your network.

For production use, secure the web interface with a Let’s Encrypt SSL certificate, set up regular MariaDB backups, and configure LDAP/AD authentication for centralized user management.