Michal Čihař - Little patch for me, big change for phpMyAdmin

Little patch for me, big change for phpMyAdmin

I just commited to phpMyAdmin trunk (will be released once as 3.1) few small patches, but the change is quite important - phpMyAdmin will now default to cookie authentication method and it will not allow to login as root user without password (unless it is explicitly enabled in configuration).

Reasons for both changes are simple - most people change default authentication to cookie in production environment anyway, so why not to make it default and giving remote access to freshly installed MySQL server has been always considered a bit security issue. Well it was an user problem, but why not to prevent such issues?

New Comment

Due to excessive spam, new comments are disabled. If you have some feedback on this post, please send me email or followup on Twitter or Facebook.