Help - Search - Members - Calendar
Full Version: phpmyadmin access
The Planet Forums > Control Panels > Plesk
root_loggins
Jan 12 2004, 01:57 PM
Thinking about installing phpmyadmin to access all tables in mysql.

I don't want to access it using the admin user and password....would it be best to add a superuser to mysql and use this account for access and does Plesk play nice with this idea?

I'm new to Plesk and I don't want to *&^^%% it up!
newuser
Jan 12 2004, 04:17 PM
Use the login name "admin" and use your plesk password.

that should give you access to all tables.
root_loggins
Jan 12 2004, 07:12 PM
Rather not use the admin pass in case it gets intercepted while logging into phpmyadmin...I think thats a bad idea.

Like to use a user and pass combination that accesses mysql only and not the server or its control panel.

Paranoia is a good thing to have when securing a server!!!
newuser
Jan 12 2004, 07:14 PM
In this situation it doesn't matter, since any login that can access all your mysql databases can also access the psa database that plesk stores its info.

Setup your phpmyadmin under a secure server, instead of normal http port 80.

Edit: No server login passwords (passwords for shell accounts on the server) should ever be also used at any other location, including plesk.
root_loggins
Jan 12 2004, 07:46 PM
Playing with it now, and yes running it under ssl.

"In this situation it doesn't matter, since any login that can access all your mysql databases can also access the psa database that plesk stores its info"

I disagree since someone would have to gain access to your server through shell, ftp (placing a script in a directory), or mysql port such as 3306 to do anything with the mysql user and pass combination.

What I am trying to avoid is using a username and password for phpmyadmin that is also used to access the server through the control panel, as admin obviously does.

I've done some searching around and I am surprised that this issue hasn't been brought up, if people are using their admin user and pass combinations to run phpmyadmin I think thats asking for trouble IMHO (or if you do, I would advise changing the admin pass when done).

I just don't like using admin logins for other task such as this...
newuser
Jan 12 2004, 07:52 PM
You can also treat plesk like you treat ssh and restrict it to only specific ips for access.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2009 Invision Power Services, Inc.