Home
Feb 07
Tuesday

DesignLance welcomes the new member Dolly Supersonic
Publishers :Create an account now and start publishing your articles online for free!
This week is devoted for WinDev Software from PcSoft and 5GL. We welcome related articles and tutorials.
Check the site frequently for rich articles about new trends in IT world.

The Road for Securing phpMyAdmin Print E-mail

Tags: .htaccess | Apache | MySQL | PHP | PHPMyAdmin

You can secure your PHPMyadmin by editing your config.inc.php file at the line auth_type

auth_type http or cookie

  • In a shared server environment where others could potentially read your config.inc.php, you should use auth_type cookie or http. If you were to use config, other users may be able to read your password from config.inc.php; with cookie and http that information is not stored in the file.
  • auth_type config automatically logs a user in to the server using whatever log in name and password are in config.inc.php. If an unauthorized user is able to guess the location of your phpMyAdmin, they could gain access. Again, http or cookies is preferred for this setting.

Limit access to library files and sensitive directories

Most webservers (Apache, IIS, and others) provide a means to limit access to certain files and directories (for example, with Apache .htaccess files). You should deny access to the ./libraries subdirectory as a security precaution.

The .htaccess file provides the ability for information protection on the HTTP server.

Permissions: config.inc.php, ./scripts, etc

  • All of the phpMyAdmin files and subdirectories should be owned by your user and the group under which Apache runs.
  • config.inc.php should be chmod 660.
  • ./scripts/ should not contain a copy of config.inc.php.

PHP Safe Mode

  • Safe mode is a PHP security method. It will be removed in PHP 6.
  • By running PHP in safe mode, other users will not be able to include your config.inc.php (which may contain sensitive information, such as your database username and password).
  • If PHP is running in safe mode, all files and subdirectories need to have the same owner.

Limit MySQL access

Securing MySQL is very complicated, but here are some simple tips as a start:

  • Most MySQL installations default to listening via network port 3306. Most users do not need this functionality, so it's resommended to block access either with a firewall or by changing your MySQL configuration.
  • Many MySQL installations install with an anonymous user which has limited permissions. It may be desirable to remove that user.
 
Home