Databases
cancel
Showing results for 
Search instead for 
Did you mean: 

phpmyadmin hpux 11.11 & security

Jim Krol
Advisor

phpmyadmin hpux 11.11 & security

Has anyone got phpmyadmin to work in a secure multiuser environment? I have the HP version of apache 2.X which includes php support and I am using mysql 4.0.x. All works fine until I try to add security. I have tried http security and it keeps telling me "authorization failed". I have heard that there is a problem with the way passwords are encrypted. So the question remains, "has anyone successfully run phpmyadmin in a secure multiuser environment.

Thanks,
Jim Krol
james.krol@boeing.com
2 REPLIES
Andrew Cowan
Honored Contributor

Re: phpmyadmin hpux 11.11 & security

Hi Jim,

I've done this on Windows and Linux. I think that the mistake you are making is that you have to change the "config.inc.php" file as follows:

$cfg['Servers'][$i]['host'] = 'localhost';
$cfg['Servers'][$i]['port'] = '';

$cfg['Servers'][$i]['controluser'] = '';
$cfg['Servers'][$i]['controlpass'] = 'passwd';
$cfg['Servers'][$i]['auth_type'] = 'config';

$cfg['Servers'][$i]['user'] = 'root';
$cfg['Servers'][$i]['password'] = 'passwd';

You obviously need to alter these values to suit your the users and passwords you have setup. It is a security issue that your password is stored here in "clear" so you should do the following:

1. Create a SQL user with no permissions other than those needed to access MySQL.
2. Protect this file and directory as much as possible.

If you want to make SQL even more secure it is possible to create a special DB user that does not need to have a password entered in this file. I can tell you how to do this, but its quite complicated, and I think you are best getting this working first.

Good luck,
Andrew
Jim Krol
Advisor

Re: phpmyadmin hpux 11.11 & security

I have that method of security working fine. What I need to do is set up either http or cookie security for a multi user environment. Whenever I try to access with a user account I get access denied.

Jim Krol
james.krol@boeing.com