Seems "pma" account is vulnerable if I use phpmyadmin

Problems with the Windows version of XAMPP, questions, comments, and anything related.

Seems "pma" account is vulnerable if I use phpmyadmin

Postby yukija » 29. October 2009 11:46

Seems "pma" account is vulnerable if I use phpmyadmin. So I've decided to drop the pma account which can give you access mysql database without password. So my question is if I drop "pma" account by sql command through phpmyadmin will it create any problem for my running site or any other issues? Please experts kindly advise me. Thank you.
yukija
 
Posts: 16
Joined: 07. July 2009 00:40
Operating System: Windows 2003 Server

Re: Seems "pma" account is vulnerable if I use phpmyadmin

Postby Izzy » 29. October 2009 19:42

No need to drop the pma user - see my reply in your other topic:
viewtopic.php?p=151267#p151267
Izzy
 
Posts: 3344
Joined: 25. April 2006 17:06

Re: Seems "pma" account is vulnerable if I use phpmyadmin

Postby yukija » 01. November 2009 13:35

If I do not drop "pma" user or not change the password anybody who knows phpmyadmin well can access to the database as a "pma" user...however I have deleted "pma" account as well tried to change the password of "pma" account (using my root account) to restrict from outside experienced users but the problem is in both cases the mysql is not stopping from xampp control (I am usig xampp windows) though mysql servces are starting and sites are working. How can I stop mysql services without error by xampp control panel after deleting/changing pma account? Thanks and hope to reply from you soon.
yukija
 
Posts: 16
Joined: 07. July 2009 00:40
Operating System: Windows 2003 Server


Return to XAMPP for Windows

Who is online

Users browsing this forum: No registered users and 87 guests