if you have mysql installed or are running phpmyadmin, Your password for root access is stored in a file.. is this not a security risk?...
please let me know what i can do to stop people from hacking the root password... regards J
It is only a security risk if you haven't installed PHPmyAdmin correctly.Originally Posted by jonniejoejonson
All you need to do to configure PHPmyAdmin in a secure manner is to unpack the tarball as supplied by the developers, rename the example config file to config.inc and then edit the line which asks you to set a blowfish key.
I would also suggest putting it behind on an SSL-enabled site rather than not; at that point, you can log in using whatever MySQL username/password you choose and you will be restricted to doing whatever that MySQL username is allowed to do.
I think you're misinformed or running on a very insecure system somewhere.
Register1.net
.co £17.99
.com .net .org .uk £5.48
Premium UK Virtual Hosting from £16 a year
Quad Core 2.66Ghz 1GB 2TB 250GB Xeon Servers from £49
Company reg: 04186664 VAT reg: GB 815 5899 88
[Any views expressed on this forum are my own, and may not represent the views of any organisation that I own or am connected with.]
Thanks for your help guys...
the server was preinstalled with mysql etc...
As you may soon gather, i know very little about servers,
however i thought that there was also a root password in a file somewhere for mysql but as i understand it from Terry froyle it is only the phpmyadmin that is of concern but that should be ok if i add a blowfish key...
thanks guys.
... is the best misspelling of my name that I've seen in the last five years :-)
Think yourself lucky I've had letters addressed to Mark Cashole and worse.
••• Mark Castle ••• Secura Hosting Ltd •••
••• Managed Hosting •••
••• AS29452 • UK Company Reg No: 04330657 • VAT Number: 789 2703 81 • Sales: 0845 123 2632 •••
My views are my own and not those of my company.
You can take next steps:
You can simply not store the password in a file
Your root's password must be very difficult to hack
I agree with TerryFroy: SSL also can help it.
To continue the thread drift, Joan Whitney was my favourite.
Wiggly-Amps Ltd
Healthcare specialists
www.wiggly-amps.com
UK Registered company 4036700 :::: VAT Number GB759 6712 81
Me: Hi, Edward speaking
Caller: Hi Amy, this is...
Do I *really* sound like an Amy?
Freethought Internet Limited - Hosting, Servers and Connectivity
Freethought Internet Limited registered in London No. 5862996. Registered office: The Old Church Hall, 2A Cromwell Street, Lincoln, LN2 5LP. VAT number GB 987 0952 66.
Powercore Networks is a trading name of Freethought Internet Limited.
I've gone from Manuel Tuthill to Marcel Patel (french india?)
OFF:
It would be better to help topickstarter then to mill the wind
That is hilarious coming from you - it is usually you that un-earths old threads and posts useless two line post counter comments... ROTFLMAO....
CCS Leeds Ltd
Company reg: 03507910 VAT reg: GB 698 2027 05
------------------------------------------------
10Meg UK Leased Line only £550 per month
100Meg Leased Line Broadband £1500 per month
------------------------------------------------
Excuse me whilst I got to mill the wind...
Freethought Internet Limited - Hosting, Servers and Connectivity
Freethought Internet Limited registered in London No. 5862996. Registered office: The Old Church Hall, 2A Cromwell Street, Lincoln, LN2 5LP. VAT number GB 987 0952 66.
Powercore Networks is a trading name of Freethought Internet Limited.
Lol, Ed = Windy Miller!
CCS Leeds Ltd
Company reg: 03507910 VAT reg: GB 698 2027 05
------------------------------------------------
10Meg UK Leased Line only £550 per month
100Meg Leased Line Broadband £1500 per month
------------------------------------------------
That did make me Laugh Out Loud
I commonly get Hawkin - they think that's how Steven Hawking is spelt, and believe that's the only spelling of Hawkin*. - And you can guess how the nicknames go from there
Nick Hawkins
Market Hosting :: UK Hosting Solutions :: 0845 459 4314
Web Hosting | Reseller | Dedicated | Server Management
Market Hosting Limited : Company# 06773403
All views expressed on this forum are my own and not those of my company
Find us on Facebook and Twitter @MarketHosting
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
LinkBack URL
About LinkBacks
Reply With Quote