phpMyAdmin is a very useful and powerful web-based GUI administration and management tool for MySQL and MariaDB database system. So good that phpMyAdmin may become a security vulnerability if unauthorized people can gain access to the databases through phpMyAdmin.
One way to secure phpMyAdmin is to forbid the login using root account. Root account in MySQL and MariaDB has unrestricted privileges to access every databases and perform every functions in regards to the database system.
This tutorial guides you how to restrict login by root through phpMyAdmin.
Login to the web server which is hosting the phpMyAdmin via SSH or physical console.
Locate and change directory (CD) to the location where the scripts of phpMyAdmin are installed. For example, /var/www/html/phpmyadmin/ or /usr/share/phpmyadmin.
Edit the phpMyAdmin configuration file, i.e. config.inc.php with editor such as vi or vim, and change the values of following parameters:
$cfg['Servers'][$i]['AllowRoot'] = FALSE;
Note
If no config.inc.php file is found, create it by copying from config.sample.inc.php file at the same location.
Save the config and now root user will be rejected from logging in via phpMyAdmin.
LK is a technology writer for Tech Journey with background of system and network administrator. He has be documenting his experiences in digital and technology world for over 15 years.Connect with LK through Tech Journey on Facebook, Twitter or Google+.
NoteIf no config.inc.php file is found, create it by copying from config.sample.inc.php file at the same location.
