01.20.09

How to Disable Root Logins in phpmyadmin with Ubuntu

Posted in Technology at 7:58 am

Edit – April 29, 2011 – This is no longer working for me in Ubuntu 10.04 with everything updated. If you can figure it out, please drop a comment!

This took me a bit too long to figure out. Using Ubuntu 8.10 on a server, I wanted to use phpmyadmin to graphically manage my MySQL databases, but disallow root logins for security reasons.

There are two things you must do in the phpmyadmin config file – typically found at /etc/phpmyadmin/config.inc.php:

  1. Change the ‘auth_type’ to ‘cookie’. This will be under the /* Authentication type */ comment. The line should read as
    $cfg['Servers'][$i]['auth_type'] = ‘cookie’;

    Make sure it is uncommented by removing the “//” before it, and then change the parameter to ‘cookie’ if that’s not already set.

  2. Add a new line below this, that says
    $cfg['Servers'][$i]['AllowRoot'] = FALSE;

That’s it! Very easy but was tough to find in the forums.

Happy administrating!

Related posts:

  1. Documenting, Diagramming, and Critiquing the Pligg Database

10 Comments »

  1. Billy said,

    01.20.09 at 10:06 am

    I was wondering how to do this a couple of weeks ago. Thanks.

  2. Uncle A said,

    01.22.09 at 3:48 am

    Thanks, just what every senior citizen needs to know.
    Now I can play Solitary feeling secure.

  3. Omar said,

    11.24.09 at 1:22 am

    I’m trying to figure out which file this is under

  4. Omar said,

    11.24.09 at 4:36 am

    Never mind, I found it. Thank you.
    /etc/phpmyadmin/config.inc.php

  5. Leif Harmsen said,

    01.30.11 at 6:47 pm

    Hmf. Didn’t work. I can still log in as root from phpmyadmin same as before.

  6. YI said,

    04.15.11 at 6:21 am

    Why don’t you just remove super user root ??

  7. Berto said,

    05.13.11 at 11:00 am

    Remove root from the entire system? Hah… I kind of need that guy. Unless you mean to use sudo and not have root. A good idea to explore, but not going to test it on a production server.

  8. Schadenfroh said,

    05.15.11 at 3:08 pm

    Greetings,

    Thanks for this post, helped me discover the correct setting to disable root.

    Seems to be working in Ubuntu Server 11.04.

    Just had to add:
    $cfg['Servers'][$i]['auth_type'] = ‘cookie’;
    $cfg['Servers'][$i]['AllowRoot'] = FALSE;

    Before the line in config.inc.php that states:
    /* Configure according to dbconfig-common if enabled */

    As adding it after would cause $i to be off by one under certain conditions (it is incremented inside that conditional statement).

  9. patryk said,

    08.15.11 at 6:31 am

    i’m using one more thing, since i want to b able to login as root from some spciffic computers…

    so i have a file with IPs of root-allowed hosts (/etc/phpmyadmin/root.hosts)
    one IP per line.
    and under ‘$cfg['Servers'][$i]['AllowRoot'] = FALSE;’

    i have this piece of code:

    $roothosts = file_get_contents(‘/etc/phpmyadmin/root.hosts’);
    $roothosts = explode(“\n”, $roothosts);
    $roothostsi = 0;
    while(isset($roothosts[$roothostsi])){
    if($_SERVER['REMOTE_ADDR'] == $roothosts[$roothostsi]){
    $cfg['Servers'][$i]['AllowRoot'] = TRUE;
    }
    $roothostsi++;
    }

    this way i can login as root only from sellected IPs ;)

  10. Michael said,

    08.19.11 at 5:33 pm

    Worked like a charm! Thx!

RSS feed for comments on this post · TrackBack URL

Leave a Comment