Security can be examined at the following various levels:
- How we can protect the phpMyAdmin installation directory
- Which workstations can access phpMyAdmin
- The databases that a legitimate user can see
Protecting phpMyAdmin at directory level
Suppose an unauthorized person is trying to use our copy of phpMyAdmin. If we use the simple
config authentication type, anyone knowing the URL of our phpMyAdmin will have the same effective rights to our data as we do. In this case, we should use the directory protection mechanism offered by our web server (for example,
.htaccess, a file name with a leading dot) to add a level of protection. More details are available at http://en.wikipedia.org/wiki/Basic_access_authentication.
If we decide ...