If you plan to use phpmyadmin regularly to manage your databases over the network (or worse, over the Internet!), you don’t want to use the account root. This is valid not only for phpmyadmin but also for any other web based interface.
In /etc/phpmyadmin/config.inc.phpfind the following line and make sure that the directive AllowRoot is established in FALSE:
$cfg['Servers'][$i]['AllowRoot'] = FALSE;
In Ubuntu/Debian you need to add these two lines as shown:
/* Tipo de autenticación */
$cfg['Servers'][$i]['auth_type'] = 'cookie';
$cfg['Servers'][$i]['AllowRoot'] = false;Save changes and reboot Apache .
------------- En sistemas CentOS/RHEL -------------
# systemctl restart httpd.servic------------- En sistemas Debian/Ubuntu ----------
# systemctl restart apache2.service
Then, follow the steps outlined in the tips above to get to the phpmyadmin login page ( https://) and try to log in as root:
Then connect to your database MySQL/MariaDB via the command prompt and, using the credentials the root, create as many accounts as necessary to access one database each. In this case we will create an account called jdoe with password jdoespassword :
# mysql -u root -p Enter password: Welcome to the MariaDB monitor. Commands end with ; or g. Your MariaDB connection id is 24 Server version: 10.1.14-MariaDB MariaDB Server Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others. Type 'help;' or 'h' for help. Type 'c' to clear the current input statement. MariaDB [(none)]> CREATE USER 'jdoe'@'localhost' IDENTIFIED BY 'jdoespassword'; Query OK, 0 rows affected (0.04 sec) MariaDB [(none)]> GRANT ALL PRIVILEGES ON gestion.* to 'jdoe'@'localhost'; Query OK, 0 rows affected (0.00 sec)
Then let’s log in with the above credentials. As you can see, this account only has access to a single database:
Congratulations! You have disabled root access to your phpmyadmin installation and can now use it to manage your databases.
I recommend that you add an additional layer of security to your installation. the phpmyadmin con .htaccess password protection y configure HTTPS (SSL certificate) to avoid sending the username y Password in plain text format over the network.