This article is sponsored by Ilanniweb, starting in Slime Line the world
Want to get more articles, you can follow my ilanniweb
In fact, this article has long wanted to write, but has not had the time. It was just a little bit empty this afternoon, so I sorted out this article.
About phpMyAdmin article, in Baidu a search, can search out a lot. In this article I will introduce how to control the operation of the database by the phpMyAdmin of the developer.
Of course, the security of the database, we can consider from three aspects:
1), MySQL database server, including the security of the server itself, and so on.
2), MySQL access rights, including database user rights, and access to database methods.
3), after the MySQL database access security, including whether to allow the export of data and so on.
Today we use phpMyAdmin to control the operation of the database by developers, in fact, the 2nd and 3rd to prohibit users from accessing the database after exporting data.
First, phpMyAdmin installation
First of all we have to install phpMyAdmin, where we use the source method for installation, and installed is the latest version of 4.6.4, as follows:
wget Https://files.phpmyadmin.net/phpMyAdmin/4.6.4/phpMyAdmin-4.6.4-all-languages.zip
Unzip phpmyadmin-4.6.4-all-languages.zip-d/data/dg/
Mv/data/dg/phpmyadmin-4.6.4-all-languages//data/dg/app_db/
chmod 755-r/data/dg/app_db/
Note: phpMyAdmin requires a LNMP environment, so it is necessary to install the relevant basic environment before running the phpMyAdmin.
phpMyAdmin decompression After the installation is complete, we will configure the Nginx, as follows:
Here I opened the Nginx directory indexing function, mainly considering that if there are multiple databases, we can be distinguished by the way directory names.
For example, our online database is as follows:
Now visit, as follows:
Through, we can clearly see that the phpMyAdmin has been able to access the normal, but we need to enter the relevant user name and password.
Second, phpmyadmin password-free configuration
In the first chapter, we have installed the phpMyAdmin, this chapter we will configure the next phpmyadmin, password-free login access.
Here we take app_db this database as an example. To implement password-free login, we also need to create a read-only user ilanniread in the MySQL database for the app_db database.
Create the SQL statement as follows:
Mysql-hrm-bp183j9f186nd4933.mysql.rds.aliyuncs.com-uroot-p ' Ilanni '-e "Grant Select on app_db.* to ' ilanniread ' @ '% ' ID Entified by ' readonlyqwe ';
Once Ilanniread is created, we will now modify the phpMyAdmin configuration file config.default.php.
for config.default.php files, we only need to modify 106, 252, 259 rows, where line 106th is the connection address of the database, and rows No. 252 and 259 are the user name and password of the database, respectively. As follows:
After the modification, we come back to see the actual effect, as follows:
Through, we can obviously see that the current access to phpMyAdmin is not required to enter the database user name and password.
And by doing so, we can also let developers do not need to know the actual database address and database user name and password, relative security or improve a lot.
third, prohibit phpmyadmin export data
In the second section, we configured phpMyAdmin password-free access, and now configure how to prohibit the export of data that is queried through phpMyAdmin.
By default, phpMyAdmin is able to export the entire database, as follows:
In order to prevent developers from exporting the results of the query, we can do this, the phpMyAdmin root directory under the tbl_export.php or export.php file to rename it, as follows:
MV Export.php Export.php.bak
Once the modifications are complete, we'll export the data to see the following:
Through, we can easily see the current cannot export data, so that we prohibit phpmyadmin export data purposes.
Note: The export.php file is exported for the entire database, if you want to prohibit the export after the query, then we need to rename the tbl_export.php file.
PS: Security is relative, there is no absolute security, we can only do to prevent a gentleman against the villain.
Slime: Database management phpmyadmin password-free configuration