default password error bottome of phpmyadmin

Problems with the Windows version of XAMPP, questions, comments, and anything related.

default password error bottome of phpmyadmin

Postby horseatingweeds » 10. September 2009 04:26

XAMPP 1.7.1
Widows xp sp3

I'm getting this error at the bottom of phpmyadmin:
Code: Select all
Your configuration file contains settings (root with no password) that correspond to the default MySQL privileged account. Your MySQL server is running with this default, is open to intrusion, and you really should fix this security hole by setting a password for user '.root'.


I've un-commented and given the [client] a password in mysql/bin/my.ini, and the my.ini in Window reflects that. I've stopped and started Apache and Mysql in the control panel and tried the Refresh button on there - trying to restart Apache.

Anyone know what this error is about? Searched around but such a long error is tricky to search for.
horseatingweeds
 
Posts: 20
Joined: 10. September 2009 03:17

Re: default password error bottome of phpmyadmin

Postby Izzy » 10. September 2009 05:30

First revert the my.ini files to their original state before you edited them.

Then read this section A matter of security (A MUST READ!) in the C:\xampp\readme_en.txt file which contains the procedure to follow that will rid you of the warning message in phpMyAdmin (it's not an error message).
Izzy
 
Posts: 3344
Joined: 25. April 2006 17:06

Re: default password error bottome of phpmyadmin

Postby horseatingweeds » 10. September 2009 06:10

Ok, I see. Good old read-me. I was screwing around in the documentation. It's just a simple notice to anyone brazen enough try putting this system up live. Thanks
horseatingweeds
 
Posts: 20
Joined: 10. September 2009 03:17

Re: default password error bottome of phpmyadmin

Postby XamppHacker » 12. September 2009 06:26

horseatingweeds wrote:It's just a simple notice to anyone brazen enough try putting this system up live. Thanks

Brazen is probably the wrong word. Ignorant is probably closer to the truth, but a bit harsh. How about uninformed? (People don't RTFM...it's a fact of life).

Sad truth is that there are many, many XAMPP sites that have gone live without locking down phpmyadmin. They aren't that hard to find with Google, and new ones appear more or less daily. Most don't survive long before they are hacked to death.

Hopefully the new security features in 1.7.2 will put an end to the nonsense.
XamppHacker
 
Posts: 4
Joined: 26. July 2009 07:36


Return to XAMPP for Windows

Who is online

Users browsing this forum: No registered users and 48 guests