phpMyAdmin is one way to memananage our database. With it we can save a lot of databases that exist within our website, but to the question of security, even the admins are still many users who each secured phpmyadmin untuyk underestimate it, because if a cracker can log in as user root in phpmyadmin, and he knows the path of the web, it could have been on our website hacked, because by so doing, can plant a shell via phpmyadmin web.
It also was the author of this blog that is on the http://web-vuln.blogspot.com/2009/07/upload-shell-melalui-phpmyadmin.html
Here we will try to secure phpmyadmin using the login page and create a password for the root user
Please Install phpmyadmin that you like, I use phpMyAdmin which has been integrated with XAMPP for Linux Operating system.
we need to know the folder path phpMyadminnya
Writer put phpMyAdmin on the folder path / opt / lampp / phpmyadmin
edit the file config.inc.php
ngelih@franky-xcode:~$ cd /opt/lampp/phpmyadmin
ngelih@franky-xcode:/opt/lampp/phpmyadmin$ sudo gedit config.inc.php
change $cfg['Servers'][$i]['auth_type'] =; become $cfg['Servers'][$i]['auth_type'] = 'cookie';
Then go to phpmyadmin via a web browser ==> localhost / phpmyadmin
click privilliges ===> edit privilliges for the root user, as like in the picture below
Then please enter the password for the root user, as represented in images that are demonstrated in red circle below, then click OK
If we succeed, then later, if we will go to phpMyAdmin, then there will be a login form, like this:
11:51 AM -NGELIH-