Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

PhpMyAdmin; Should I disable root login?

I have this setup in Phpmyadmin:

    USER              HOST         PASSW           PRIVILEGES         GRANT

debian-sys-maint    localhost      Yes          ALL PRIVILEGES         YES
phpmyadmin          localhost      Yes          USAGE                  NO
root                127.0.0.1      Yes          ALL PRIVILEGES         YES
root                localhost      Yes          ALL PRIVILEGES         YES
root                my_hostname    Yes          ALL PRIVILEGES         YES
username            localhost      Yes          ALL PRIVILEGES         YES

Where "username" is my username and "my_hostname" is my hostname.

I am currently only logging in as the last one (username, localhost). Also, I have php which also uses the last ones login details.

Should I disable the other ones?

And, what other security measures should I take?

BTW: My server is Linux and I have root access.

Thanks


2 Answers

Short answer: yes

This goes for SQL, but also for SSH and any other service attacked regularly from port scanning bots.

You should create your own user with sufficient rights (and users for other sysadmins) with strong password and disable root from logging to phpmyadmin and remotely to SQL.

You do not have to delete the root account. That is not preferable. This does not apply to a server where SSH access to shell (or port forwarding) is given to unsecure users. in such case it is better to increase the strength of the password to a point in which such attacks are useless even from localhost.

like image 94
Martin Ledvina Avatar answered Jun 30 '26 13:06

Martin Ledvina


If you're not using one, delete it (Don't delete the three root logins, they will allow you to get super user access to fix something if something goes wrong)...

However, I'd suggest "limited permission" users. Grant each user access only to the data it needs to modify. That way you limit the damage an attacker can do. Using one login for everything is just as bad as using root in production...

like image 42
ircmaxell Avatar answered Jun 30 '26 12:06

ircmaxell



Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!