Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 9 of 9
  1. #1
    Regular Coder
    Join Date
    Apr 2003
    Location
    Canada, Ontario, Mississauga
    Posts
    312
    Thanks
    0
    Thanked 0 Times in 0 Posts

    phpMyAdmin 2.5.4 security

    I am using phpMyAdmin 2.5.4, the problem is, there is no secruity, if people know where my phpMyAdmin's index.php page is located, then that person will have full access to my database.

    I tried to modify the index page and the config page (user must enter username, password and server_name into the form), but I can't get it working.

    Can you help me?? any suggestions will be great.

    Thanks,

    Mike

  • #2
    Senior Coder missing-score's Avatar
    Join Date
    Jan 2003
    Location
    UK
    Posts
    2,194
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I would set up a .htaccess file, most control panels come with this option, usually called Password Protect Directories, or something like that.

  • #3
    Regular Coder
    Join Date
    Apr 2003
    Location
    Canada, Ontario, Mississauga
    Posts
    312
    Thanks
    0
    Thanked 0 Times in 0 Posts

    missing-score

    Hello missing score,

    Do you know you are the first person who got me into php and mysql, long long time ago (I doubt that you remember me), I was a newbie (like everyone else), and you helped me out alot by answering my post, and now I am back again. thank you missing-score for all the supports...

    anyway,

    I don't quite understand what you mean there, can you explain a little more?

  • #4
    Senior Coder missing-score's Avatar
    Join Date
    Jan 2003
    Location
    UK
    Posts
    2,194
    Thanks
    0
    Thanked 0 Times in 0 Posts
    wow, did i? i do remember you but i cant remember what the post was about.

    .htaccess is something that can be used for site config. It can allow/disallow access to folders and files, set error documents (eg: when you see a customised HTTP 404 page), stop people hot linking images (displaying your image on their site via http:// link) and password protect directories. There are other things that .htaccess can do, and this link may help. http://javascriptkit.com/howto/htaccess.shtml

    as far as i know, .htaccess isnt available on NT servers, but appearently there are similar capabilities.

    anyways, do you have a site control panel? If you do, there is a good chance that it will have a "Password Protect Directories" section, or something similar to that. Here you can automatically set up .htaccess password protection for certain directories.

    If there is no link on the control panel, there is instructions on that link to manually setting up a .htaccess password protection, however, i have never manually set one up.

    If you do not have .htaccess, I will have a look at phpMyAdmin (im running on my local server) and look for a built in password protection system.

  • #5
    New Coder
    Join Date
    Sep 2003
    Posts
    98
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Um

    config.inc.php

    Find
    $cfg['Servers'][$i]['auth_type'] = '
    make sure inside the ''s it is http so it looks like

    $cfg['Servers'][$i]['auth_type'] = 'http'; // Authentication method (config, http or cookie based)?

    this prompts for the user and pass (control user?)

  • #6
    Senior Coder missing-score's Avatar
    Join Date
    Jan 2003
    Location
    UK
    Posts
    2,194
    Thanks
    0
    Thanked 0 Times in 0 Posts
    or do that , never realised that was in there.

  • #7
    Regular Coder
    Join Date
    Apr 2003
    Location
    Canada, Ontario, Mississauga
    Posts
    312
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Thank you all so much

    that prompts for user and pass, is there a way to prompt for the mysql server where I want it to connect?

    I am working on many servers..

    Thank you

  • #8
    New Coder
    Join Date
    Sep 2003
    Posts
    98
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Not that I am aware of :-(

  • #9
    Senior Coder missing-score's Avatar
    Join Date
    Jan 2003
    Location
    UK
    Posts
    2,194
    Thanks
    0
    Thanked 0 Times in 0 Posts
    no, i dont think there is, ive had a quick look through but i cant find anything.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •