security of XAMPP
Posted: 15. November 2012 15:56
I've just noticed after installing XAMPP for the first time in months that in phpMyAdmin users section that there are quite a few other users including:
I came across this after googling XAMPP security and found a tutorial on some extra security considerations around XAMPP http://robsnotebook.com/xampp-security-hardening, telling me that user pma is pre-installed and doesn't require a password, which neets to be changed in the config.inc.php file. Now this tutorial was from 2007, and i was wondering what the exact implications of this are? Whilst writing this post i noticed that from the Users overview panel in phpMyAdmin above that it seemed that i can just make up a name and leave the password blank and still log in, which i did and was successful. As a complete starter in XAMPP, again what are the implications of this, does this leave my system open to abuse and how do i change it?
Also what other potential security holes should i be looking for and plugging?
I came across this after googling XAMPP security and found a tutorial on some extra security considerations around XAMPP http://robsnotebook.com/xampp-security-hardening, telling me that user pma is pre-installed and doesn't require a password, which neets to be changed in the config.inc.php file. Now this tutorial was from 2007, and i was wondering what the exact implications of this are? Whilst writing this post i noticed that from the Users overview panel in phpMyAdmin above that it seemed that i can just make up a name and leave the password blank and still log in, which i did and was successful. As a complete starter in XAMPP, again what are the implications of this, does this leave my system open to abuse and how do i change it?
Also what other potential security holes should i be looking for and plugging?