Linux Security Web And Vulnerability

phpMyAdmin is one way to memananage our database. With it we can save a lot of databases that exist within our website, but to the question of security, even the admins are still many users who each secured phpmyadmin untuyk underestimate it, because if a cracker can log in as user root in phpmyadmin, and he knows the path of the web, it could have been on our website hacked, because by so doing, can plant a shell via phpmyadmin web.
It also was the author of this blog that is on the http://web-vuln.blogspot.com/2009/07/upload-shell-melalui-phpmyadmin.html

Here we will try to secure phpmyadmin using the login page and create a password for the root user

Please Install phpmyadmin that you like, I use phpMyAdmin which has been integrated with XAMPP for Linux Operating system.
we need to know the folder path phpMyadminnya
Writer put phpMyAdmin on the folder path / opt / lampp / phpmyadmin

Let's Start

edit the file config.inc.php

ngelih@franky-xcode:~$ cd /opt/lampp/phpmyadmin
ngelih@franky-xcode:/opt/lampp/phpmyadmin$ sudo gedit config.inc.php

change $cfg['Servers'][$i]['auth_type'] =; become $cfg['Servers'][$i]['auth_type'] = 'cookie';



Then go to phpmyadmin via a web browser ==> localhost / phpmyadmin
click privilliges ===> edit privilliges for the root user, as like in the picture below





Then please enter the password for the root user, as represented in images that are demonstrated in red circle below, then click OK



If we succeed, then later, if we will go to phpMyAdmin, then there will be a login form, like this: