Wednesday, 26 December 2018

PHP: PHPMyAdmin Enable Authentication Setup Username and Password Using Cookies

Enable authentication for PHPMyAdmin is the next big step you need to take once you have installed 
XAMPP, LAMP or WAMP suite. I am using XAMPP latest version here 3.2.2 but it will be the same
 standard process for all PHPMyAdmin installations.
Very first step you need to do is find the config.inc.php file which should be inside the 
PHPMYADMIN directory. Take a backup of this file before proceeding.
You need to change the configuration mainly on these lines
1) Change auth_type=’cookie’
$cfg['Servers'][$i]['auth_type'] = 'cookie';
So now your config file will look like this
/* Authentication type and info */
$cfg['Servers'][$i]['auth_type'] = 'cookie';
$cfg['Servers'][$i]['user'] = 'root';
$cfg['Servers'][$i]['password'] = '';
$cfg['Servers'][$i]['extension'] = 'mysqli';
$cfg['Servers'][$i]['AllowNoPassword'] = true;
Go to URL http://localhost/phpmyadmin/, you will be seeing a login screen. Enter ‘root’ as Username
 then click GO. You will be logging in to PHPMYADMIN page.
Now you might be wondering that you have not provided password to login. How to fix that?
Yes for that you need to first access your MYSQL instance and set a password for your mysql
 root user. We will see that in a bit. A point to note here is that your password for successfully 
logging in to PHPMYADMIN will be your mysql instance root password. Even if you set some 
password for the variable
$cfg['Servers'][$i]['password'] = 'MYOWNPASSWORD';
in the configuration file you will not be able to see MYSQL page and will get an error saying 
‘Cannot log in to the MySQL server’
phpmyadmin_login_error
So in order to fix this, Once you are in the phpmyadmin page [You should leave the password 
variable blank as shown above to login successfully]. Click on SQL and run this query. 
Make sure to use your own password here.
phpmyadmin_run_sql_query
SET PASSWORD FOR 'root'@'localhost' = PASSWORD('mynewpass')
You should be seeing something similar.
phpmyadmin_2
Great!! You have set password for your mysql instance. One last step is Change 
AllowNoPassword=false in the config file.
$cfg['Servers'][$i]['AllowNoPassword'] = false;
Save the file !!
Now reload the page http://localhost/phpmyadmin/ and provide username and password. 
Authentication for PHPMyAdmin has been successfully configured. For me it is ‘root’ 
and ‘mynewpass’. Now your PHPMYADMIN is secure đŸ™‚
You can make it more secure by changing this value in the config.inc.php file
$cfg['blowfish_secret'] = 'xampp'; /* YOU SHOULD CHANGE THIS FOR A MORE
SECURE COOKIE AUTH! */

0 comments:

Post a Comment