Page 1 of 1

Suspicious host name "ec2amaz-1qpqh3j", Full Privileges

PostPosted: 06. October 2019 15:16
by Mugé
Suspicious host name "ec2amaz-1qpqh3j", Full Privileges, NO Password in latest XAMPP version, User Account.

I have downloaded Version 7.3.9 XAMPP for Windows yesterday to my local PC. As I was going to set a password, I realized a host name as above with full privileges and no password. Does anyone have any explanation?
I downloaded the installer version.

This is to bring Attention for review / explanation if any.
Thank you.

Re: Suspicious host name "ec2amaz-1qpqh3j", Full Privileges

PostPosted: 20. October 2019 01:36
by elle
I have the same question/issue. I had uninstalled and then installed again and wonder if it might be related to that.

Re: Suspicious host name "ec2amaz-1qpqh3j", Full Privileges

PostPosted: 21. October 2019 13:06
by Mugé
@elle The first reaction is that you take away all privileges and password protect that host. Then, after password protecting, you will need to manually enter your root password into >XAMPP >phpMyAdmin >config.inc.php . Where it states $cfg['Servers'][$i]['AllowNoPassword'] = true; change to false and enter your Password into where it says Password, because the default showed empty even after I password protected through the phpMyAdmin interface. Don't panic if you cannot get back into the phpMyAdmin. Just modify the above.

Re: Suspicious host name "ec2amaz-1qpqh3j", Full Privileges

PostPosted: 24. October 2019 07:51
by gonzalo
Hi,

Thanks for reporting this issue. "ec2amaz-1qpqh3j" is the hostname of the machine we used the last time we generated the default MariaDB data using mysql_install_db.exe. When you use this binary to generate the MariaDB data folder, it creates a 'root'@'hostname' entry.

As a workaround, you can manually remove that entry from phpMyAdmin. We will release a new revision of the installers fixing this issue.

Regards,
Gonzalo

Re: Suspicious host name "ec2amaz-1qpqh3j", Full Privileges

PostPosted: 24. October 2019 08:17
by Mugé
@gonzalo Thank you for bringing an explanation. I appreciate all efforts put into these open source programs by also keeping them free of enterprise malpractices.

Kind regards,
Mugé

Re: Suspicious host name "ec2amaz-1qpqh3j", Full Privileges

PostPosted: 24. October 2019 11:34
by gonzalo
Hi,

Thanks for your kind words. We released a new revision of our installers removing the extra entry in the mysql.user table.

Released installers: 7.1.32-2, 7.2.23-1 and 7.3.10-1