1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Prevent users from login to phpmyadmin...

Discussion in 'Scripting & Programming' started by HTF, Nov 7, 2009.

  1. HTF

    HTF Byte Poster

    181
    0
    14
    Hi,

    I have mysql and I also installed phpmyadmin to manage it, I created a user and data base for him so he could install forum, for example but I would like to prevent him to login directly into phpmyadmin panel, how I can achive this? Is there any security vulnerabilities and what is actually a minimum of the privileges that I should give him from this below (picture) so that he still could have done installations?

    [​IMG]

    Regards
    Sebastian
     
    Certifications: A+
  2. Notes_Bloke

    Notes_Bloke Terabyte Poster

    3,230
    54
    146
    Will the user be on the internal network?

    NB
     
    Certifications: 70-210, 70-215, A+,N+, Security+
    WIP: MCSA
  3. HTF

    HTF Byte Poster

    181
    0
    14
    Probably not, is it make a different, I'm testing so can you explain me in both cases ;)

    Reg
     
    Certifications: A+
  4. soundian

    soundian Gigabyte Poster

    1,460
    71
    107
    This might be useful to you.

    In case you're wondering how that affects phpMyAdmin:
    "Many people have difficulty understanding the concept of user management with regards to phpMyAdmin. When a user logs in to phpMyAdmin, that username and password are passed directly to MySQL. phpMyAdmin does no account management on its own (other than allowing one to manipulate the MySQL user account information); all users must be valid MySQL users."
    From here
     
    Last edited: Nov 8, 2009
    Certifications: A+, N+,MCDST,MCTS(680), MCP(270, 271, 272), ITILv3F, CCENT
    WIP: Knuckling down at my new job
  5. JamesCG

    JamesCG Bit Poster

    20
    2
    3
    phpmyadmin is just a GUI for managing your mysql databases. It's useful because you don't have to use the command prompt to alter/update/administrate your tables etc. Instead, you use the phpmyadmin interface which runs the MySQL queries on the back-end based on the actions you take.

    The point here is that having phpmyadmin isn't going to allow anyone to do anything they couldn't do previously through the command prompt if they had access to your database login information etc. You still have to have a user account to administrate the database in the first place.
     
  6. Willk83

    Willk83 New Member

    8
    0
    1

    Ditto to this. phpmyadmin is just an interface.
     

Share This Page

Loading...