Securing phpMyAdmin
Security can be examined at the following various levels:
How we can protect the phpMyAdmin installation directory
Which workstations can access phpMyAdmin
The databases that a legitimate user can see
Protecting phpMyAdmin at directory level
Suppose an unauthorized person is trying to use our copy of phpMyAdmin. If we use the simple config authentication type, anyone knowing the URL of our phpMyAdmin will have the same effective rights to our data as we do. In this case, we should use the directory protection mechanism offered by our web server (for example, .htaccess, a file name with a leading dot) to add a level of protection. More details are available at http://en.wikipedia.org/wiki/Basic_access_authentication.
If we decide on using http or cookie authentication types, our data would be safe enough. However, we should take normal precautions with our password (including its periodic change).
The directory where phpMyAdmin is installed contains sensitive data. Not only the...
