Web Hosting Forums

Page 1 of 2 1 2 LastLast
Results 1 to 15 of 19

This is a discussion on Is it possible to allow discreet access to phpMyAdmin in the Hosting Talk & Chit-chat forum
I have access to phpMyAdmin through the cPanel. Is it possible to give someone (say one of my developers) access to a particular DB through ...

  1. #1
    Loyal Client
    Join Date
    Apr 2004
    Posts
    30

    Is it possible to allow discreet access to phpMyAdmin

    I have access to phpMyAdmin through the cPanel.

    Is it possible to give someone (say one of my developers) access to a particular DB through phpMyAdmin without giving them full access to my cPanel?

    Thanks.
    Miguel
    AIM: Zoologico
    ICQ: 31576006
    MSN: [email protected] <---not my email
    Yahoo: Zoologic0 <---last char is a zero

  2. #2
    Community Leader jason's Avatar
    Join Date
    Sep 2001
    Location
    Rochester, NY
    Posts
    5,884
    Not with the cpanel version of phpMyAdmin AFAICT, but you can if you install it in your webspace. To limit what the developer can see, create a MySQL user account for him (in CPanel) and then grant permissions to only the database(s) he needs. He can use that to log in to your local phpMyAdmin and will only see "his" databases when he does.

    --Jason
    Jason Pitoniak
    Interbrite Communications
    www.interbrite.com www.kodiakskorner.com

  3. #3
    Loyal Client
    Join Date
    Apr 2004
    Posts
    30
    Quote Originally Posted by jason View Post
    Not with the cpanel version of phpMyAdmin AFAICT, but you can if you install it in your webspace. To limit what the developer can see, create a MySQL user account for him (in CPanel) and then grant permissions to only the database(s) he needs. He can use that to log in to your local phpMyAdmin and will only see "his" databases when he does.

    --Jason
    You rock.
    I'll give this a try right now.
    Thanks.
    Miguel
    AIM: Zoologico
    ICQ: 31576006
    MSN: [email protected] <---not my email
    Yahoo: Zoologic0 <---last char is a zero

  4. #4
    Yeah, I know a LOT! Vin DSL's Avatar
    Join Date
    Mar 2003
    Location
    Arizona Uplands
    Posts
    10,661
    Yep!

    They've even got a 'demo' mode. Never tried it myself, except on the phpMyAdmin developers web sites...

    BTW, everyone should be running there own install of phpMyAdmin! You wouldn't believe the difference it makes...
    DISCLAIMER Any resemblance between the views expressed above and those of the owners and operators of this system is purely coincidental. Any resemblance between these views and my own are non-deterministic. The existence of Vin DSL is questionable. The existence of views in the absence of anyone to hold them is problematic. The existence of the reader is left as an exercise in the second-order coefficient.

    No Guts, No Story! VinDSL 2010

  5. #5
    Loyal Client
    Join Date
    Apr 2004
    Posts
    30
    Quote Originally Posted by Vin DSL View Post
    Yep!

    They've even got a 'demo' mode. Never tried it myself, except on the phpMyAdmin developers web sites...

    BTW, everyone should be running there own install of phpMyAdmin! You wouldn't believe the difference it makes...
    So how do I make it so that pMA uses the users defined within my cPanel?

    I got it installed and I can access it, but when I try to log in using one of the users I create in my MySQL Databases area, I can see it is trying to use the user defined in my config.inc.php file instead.

    It outputs that pmauser is not allowed or something to that effect.

    Also, what authentication is best? cookie, http, or config?

    Finally, can I use https on my JaguarPC hosting? I have the X5 deal.
    Miguel
    AIM: Zoologico
    ICQ: 31576006
    MSN: [email protected] <---not my email
    Yahoo: Zoologic0 <---last char is a zero

  6. #6
    Loyal Client
    Join Date
    Apr 2004
    Posts
    30
    Quote Originally Posted by Zoologico View Post
    Also, what authentication is best? cookie, http, or config?
    I think I found the answer to this question:

    PHP Code:
     This is needed for cookie based authentication to encrypt password in 
     
    cookie
     
    */ 
    Miguel
    AIM: Zoologico
    ICQ: 31576006
    MSN: [email protected] <---not my email
    Yahoo: Zoologic0 <---last char is a zero

  7. #7
    Yeah, I know a LOT! Vin DSL's Avatar
    Join Date
    Mar 2003
    Location
    Arizona Uplands
    Posts
    10,661
    Heh! Last things first... I only have a minute...

    Use cookie auth! That way, among other things, the user can logout without a bunch of silliness.

    And, yes, you can use a secure link! I use a redirect via .htaccess and, of course, implement https in the config.inc.php settings.

    Gotta run...
    DISCLAIMER Any resemblance between the views expressed above and those of the owners and operators of this system is purely coincidental. Any resemblance between these views and my own are non-deterministic. The existence of Vin DSL is questionable. The existence of views in the absence of anyone to hold them is problematic. The existence of the reader is left as an exercise in the second-order coefficient.

    No Guts, No Story! VinDSL 2010

  8. #8
    Loyal Client
    Join Date
    Apr 2004
    Posts
    30
    Quote Originally Posted by Vin DSL View Post
    Heh! Last things first... I only have a minute...

    Use cookie auth! That way, among other things, the user can logout without a bunch of silliness.

    And, yes, you can use a secure link! I use a redirect via .htaccess and, of course, implement https in the config.inc.php settings.

    Gotta run...
    OK, I got the cookie authentication done.

    I don't yet know how to do those other things, I just want to get connected using my own installation of pMA.

    Any ideas how to make it work?
    Miguel
    AIM: Zoologico
    ICQ: 31576006
    MSN: [email protected] <---not my email
    Yahoo: Zoologic0 <---last char is a zero

  9. #9
    Loyal Client
    Join Date
    Apr 2004
    Posts
    30
    Found this in the MySQL Databases for the DB:

    PHP Code:
    $dbh=mysql_connect ("localhost""dbname""<PASSWORD HERE>") or die ('I cannot connect to the database because: ' mysql_error());
    mysql_select_db ("dbname"); 
    I suspect I have to do something with it and the config.inc.php file of pMA.

    Hope I'm on the right track.
    Miguel
    AIM: Zoologico
    ICQ: 31576006
    MSN: [email protected] <---not my email
    Yahoo: Zoologic0 <---last char is a zero

  10. #10
    Loyal Client
    Join Date
    Apr 2004
    Posts
    30
    Got it running.
    I forgot to add the hosting prefix to the uname.
    DUH!!
    Thanks for all the help.
    By the way, what are the most important thing I can do to make this setup as secure as possible?
    Last edited by Zoologico; 01-03-2007 at 07:22 PM.
    Miguel
    AIM: Zoologico
    ICQ: 31576006
    MSN: [email protected] <---not my email
    Yahoo: Zoologic0 <---last char is a zero

  11. #11
    Yeah, I know a LOT! Vin DSL's Avatar
    Join Date
    Mar 2003
    Location
    Arizona Uplands
    Posts
    10,661
    Sorry! I'm still running around...
    Quote Originally Posted by Zoologico View Post
    By the way, what are the most important thing I can do to make this setup as secure as possible?
    You already did it -- cookie auth!

    Like I said, I run it in a secure link (https), but it really isn't necessary. I do the same thing with SquirrelMail, et cetera. I just figure it's a good habit to use SSL, if/when at all possible...
    DISCLAIMER Any resemblance between the views expressed above and those of the owners and operators of this system is purely coincidental. Any resemblance between these views and my own are non-deterministic. The existence of Vin DSL is questionable. The existence of views in the absence of anyone to hold them is problematic. The existence of the reader is left as an exercise in the second-order coefficient.

    No Guts, No Story! VinDSL 2010

  12. #12
    Yeah, I know a LOT! Vin DSL's Avatar
    Join Date
    Mar 2003
    Location
    Arizona Uplands
    Posts
    10,661
    Quote Originally Posted by Zoologico View Post
    Got it running.
    I forgot to add the hosting prefix to the uname.
    DUH!!
    It's actually pretty simple, isn't it? I can have phpMyAdmin running in 5 minutes! Ppl don't know what they're missing!

    I don't fart around with the installer -- I just use Notepad (that's for the_ancient).

    I don't know what theme you're using. My fav is ' Arctic Ocean', and I've patched it for PMA 2.9.1.1. Been thinking about submitting it to PMA SourceForge, but I never seem to get around to it.

    Anyway, if you would like to try it, let me know, and I'll make it available for download...
    Last edited by Vin DSL; 01-03-2007 at 10:26 PM.
    DISCLAIMER Any resemblance between the views expressed above and those of the owners and operators of this system is purely coincidental. Any resemblance between these views and my own are non-deterministic. The existence of Vin DSL is questionable. The existence of views in the absence of anyone to hold them is problematic. The existence of the reader is left as an exercise in the second-order coefficient.

    No Guts, No Story! VinDSL 2010

  13. #13
    Community Leader jason's Avatar
    Join Date
    Sep 2001
    Location
    Rochester, NY
    Posts
    5,884
    Quote Originally Posted by Zoologico View Post
    Got it running.
    By the way, what are the most important thing I can do to make this setup as secure as possible?
    The most important thing to do, as with any web application you install, is to keep it up to date. PMA updates are released pretty regularly, so keep an eye on the PMA site and apply security updates as they are released.

    Aside from that, as Vin suggests, you can reduce your risk of having passwords or sensitive data sniffed out my using SSH. To do so, use the URL https://secureXX.nocdirect.com/~USER/phpmyadmin, where XX is the server number (find the one to use on the network status page in the JPC client area), USER is your cPanel username and /phpmyadmin is the path under public_html where your installed PMA.

    You can also use a simple mod_rewrite rule to force SSL by forwarding requests for http://www.yourdomain.com/phpmyadmin to the above URL. This is what Vin was getting at, but it isn't a necessary step in using SSL, just a convenience thing.

    --Jason
    Jason Pitoniak
    Interbrite Communications
    www.interbrite.com www.kodiakskorner.com

  14. #14
    Yeah, I know a LOT! Vin DSL's Avatar
    Join Date
    Mar 2003
    Location
    Arizona Uplands
    Posts
    10,661
    Quote Originally Posted by jason View Post
    Aside from that, as Vin suggests, you can reduce your risk of having passwords or sensitive data sniffed out my using SSH. To do so, use the URL https://secureXX.nocdirect.com/~USER/phpmyadmin, where XX is the server number (find the one to use on the network status page in the JPC client area), USER is your cPanel username and /phpmyadmin is the path under public_html where your installed PMA.

    You can also use a simple mod_rewrite rule to force SSL by forwarding requests for http://www.yourdomain.com/phpmyadmin to the above URL. This is what Vin was getting at, but it isn't a necessary step in using SSL, just a convenience thing.
    In order for this to work, you also need to modify/add this to the top of your 'config.inc.php' file...

    Code:
    $cfg['PmaAbsoluteUri'] = 'https://secureXX.nocdirect.com/~USER/phpmyadmin/';
    Be careful of the folder spelling. It's case sensitive!

    Personally, I use 'phpMyAdmin'...
    DISCLAIMER Any resemblance between the views expressed above and those of the owners and operators of this system is purely coincidental. Any resemblance between these views and my own are non-deterministic. The existence of Vin DSL is questionable. The existence of views in the absence of anyone to hold them is problematic. The existence of the reader is left as an exercise in the second-order coefficient.

    No Guts, No Story! VinDSL 2010

  15. #15
    Loyal Client
    Join Date
    Apr 2004
    Posts
    30
    Quote Originally Posted by Vin DSL View Post
    It's actually pretty simple, isn't it? I can have phpMyAdmin running in 5 minutes! Ppl don't know what they're missing!

    I don't fart around with the installer -- I just use Notepad (that's for the_ancient).

    I don't know what theme you're using. My fav is ' Arctic Ocean', and I've patched it for PMA 2.9.1.1. Been thinking about submitting it to PMA SourceForge, but I never seem to get around to it.

    Anyway, if you would like to try it, let me know, and I'll make it available for download...
    Thanks.
    I'll take a look at it.
    No offense, but could someone use a phpMyAdmin theme maliciously?
    Miguel
    AIM: Zoologico
    ICQ: 31576006
    MSN: [email protected] <---not my email
    Yahoo: Zoologic0 <---last char is a zero

Page 1 of 2 1 2 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •