| Angel -
 
 
 Joined: 17 Nov 2003
 Posts: 157
 Location: Everett, Washington
 
 | 
			
				|  Posted: Tue Oct 19, 2004 11:50 am    Post subject: Setting Up A Log in Screen For PhpMyadmin |   |  
				| 
 |  
				| Here's some added security I found out about somewhere (I dont quite recall where or what site)  to ward of those hackers. 
 
  	  | Quote: |  	  | PhpMyAdmin supports two types of Authentication cookie based and HTTP-based.
 to use Either way you need to first create a MySql user with restricted permissions.
 You wont be using this account to log in anywhere it is simply and account that
 PhpMyAdmin uses to check Authentication.
 
 Create A Restricted User
 
 You can Create the User by using the following Query on PhpMyAdmin in this example the
 user name and Password are SECURE. you should change this for security purposes.
 
 
 GRANT USAGE ON mysql.* TO SECURE@localhost IDENTIFIED BY "SECURE";
 
 
 
 GRANT SELECT (
 
 Host, User, Select_priv, Insert_priv, Update_priv, Delete_priv,
 
 Create_priv, Drop_priv, Reload_priv, Shutdown_priv, Process_priv,
 
 File_priv, Grant_priv, References_priv, Index_priv, Alter_priv,
 
 Show_db_priv, Super_priv, Create_tmp_table_priv, Lock_tables_priv,
 
 Execute_priv, Repl_slave_priv, Repl_client_priv
 
 ) ON mysql.user TO SECURE@localhost;
 
 
 
 GRANT SELECT ON mysql.db TO SECURE@localhost;
 
 
 
 GRANT SELECT ON mysql.host TO SECURE@localhost;
 
 
 
 GRANT SELECT (Host, Db, User, Table_name, Table_priv, Column_priv)
 
 ON mysql.tables_priv TO SECURE@localhost;
 
 
 Doing this creates a user that can use and perform SELECT queries on all the tables
 in the MySql database.
 
 
 Decide which type of authentication you would like to use.
 And follow the instructions Accordingly.
 
 
 COOKIE AUTHENTICATION INSTRUCTIONS
 Next you'll need to configure your config.inc.php file. Find the
 
 controluser
 &
 controlpass
 
 variables located in the file and edit them to resemble the example below.
 
 $cfg['blowfish_secret'] = 'FISHY';
 
 $cfg['Servers'][$i]['host']          = 'localhost'; // MySQL hostname
 $cfg['Servers'][$i]['port']          = '';          // MySQL port - leave blank for default port
 $cfg['Servers'][$i]['socket']        = '';          // Path to the socket - leave blank for default socket
 $cfg['Servers'][$i]['auth_type']     = 'cookie';    // Authentication method
 $cfg['Servers'][$i]['user']          = '';          // MySQL user
 $cfg['Servers'][$i]['password']      = '';          // MySQL password
 $cfg['Servers'][$i]['controluser']   = 'SECURE';     // MySQL control user settings
 $cfg['Servers'][$i]['controlpass']   = 'SECURE';// access to the grant tables
 
 
 Remember to remover your old user name and password as I have in the example. Also
 the variable $cfg['blowfish_secret'] can be anything you would like it to be. and cookie
 should have replace the word config.
 
 Now go and log into your PhpMyAdmin using YOUR name and password not the one we created
 but the one you normally use.
 
 
 
 HTTP AUTHENTICATION INSTRUCTIONS
 
 
 Configure your config.inc.php file. Find the
 
 controluser
 &
 controlpass
 
 variables located in the file and edit them to resemble the example below.
 
 $cfg['blowfish_secret'] = 'FISHY';
 
 $cfg['Servers'][$i]['host']          = 'localhost'; // MySQL hostname
 $cfg['Servers'][$i]['port']          = '';          // MySQL port - leave blank for default port
 $cfg['Servers'][$i]['socket']        = '';          // Path to the socket - leave blank for default socket
 $cfg['Servers'][$i]['auth_type']     = 'HTTP';    // Authentication method
 $cfg['Servers'][$i]['user']          = '';          // MySQL user
 $cfg['Servers'][$i]['password']      = '';          // MySQL password
 $cfg['Servers'][$i]['controluser']   = 'SECURE';     // MySQL control user settings
 $cfg['Servers'][$i]['controlpass']   = 'SECURE';// access to the grant tables
 
 
 Remember to remover your old user name and password as I have in the example. Also
 the variable $cfg['blowfish_secret'] can be anything you would like it to be. and cookie
 should have replace the word config.
 
 Now go and log into your PhpMyAdmin using YOUR name and password not the one we created
 but the one you normally use.
 | 
 
 Hope this helps.....   :)
 _________________
 Noize Pollution | Angel's Online | Free Net Builders | Pagan Portal
 |  |