phpmyadmin security

Problems with the Windows version of XAMPP, questions, comments, and anything related.

phpmyadmin security

Postby embeddedprogrammer » 17. February 2010 00:10

I am a new user of xampp.

How can I lock down phpmyadmin in xampp? I think it has been breached because someone wiped out one of my databases. Also, my root privileges in mysql.user were reduced to read only and a new user name admin was added with full privileges. Because of that I couldn't restore my database which I back up nightly with mysqldump because access was denied!

I tried starting mysql with the grant trick to allow editing but no luck. Finally I got control back by replacing the three files beginning with the name "user" in the xampp/mysql/data/mysql directory with ones I had backed up earlier.

I tried to rename the phpmyadmin directory to abc, and it no longer worked by accessing http://www.myserver.com/abc/index.php like it did when the directory was named d:\xampp\phpmyadmin. I would like to rename the directory and restrict IPs. I know this should be easy but I am missing something in the configuration somewhere.

Also, when I go to the security directory for xampp it says that everything is secure. I am running Windows Server 2003.
embeddedprogrammer
 
Posts: 2
Joined: 17. February 2010 00:00

Re: phpmyadmin security

Postby embeddedprogrammer » 18. February 2010 19:10

I think I may have fixed this by changing phpmyadmin security from cookie to http. Time will tell....
embeddedprogrammer
 
Posts: 2
Joined: 17. February 2010 00:00


Return to XAMPP for Windows

Who is online

Users browsing this forum: No registered users and 134 guests