How to Disable Root Logins in phpmyadmin with Ubuntu

January 20, 2009

Edit – April 29, 2011 – This is no longer working for me in Ubuntu 10.04 with everything updated. If you can figure it out, please drop a comment!

This took me a bit too long to figure out. Using Ubuntu 8.10 on a server, I wanted to use phpmyadmin to graphically manage my MySQL databases, but disallow root logins for security reasons.

There are two things you must do in the phpmyadmin config file – typically found at /etc/phpmyadmin/config.inc.php:

  1. Change the ‘auth_type’ to ‘cookie’. This will be under the /* Authentication type */ comment. The line should read as

    $cfg[‘Servers’][$i][‘auth_type’] = ‘cookie’;

    Make sure it is uncommented by removing the “//” before it, and then change the parameter to ‘cookie’ if that’s not already set.

  2. Add a new line below this, that says

    $cfg[‘Servers’][$i][‘AllowRoot’] = FALSE;

That’s it! Very easy but was tough to find in the forums.

Happy administrating!

Posted in by Berto.

11 Responses to "How to Disable Root Logins in phpmyadmin with Ubuntu"

  • By Billy January 20, 2009 - 10:06 am

    I was wondering how to do this a couple of weeks ago. Thanks.

    Reply
  • By Uncle A January 22, 2009 - 3:48 am

    Thanks, just what every senior citizen needs to know.
    Now I can play Solitary feeling secure.

    Reply
  • By Omar November 24, 2009 - 1:22 am

    I’m trying to figure out which file this is under

    Reply
  • By Omar November 24, 2009 - 4:36 am

    Never mind, I found it. Thank you.
    /etc/phpmyadmin/config.inc.php

    Reply
  • By Leif Harmsen January 30, 2011 - 6:47 pm

    Hmf. Didn’t work. I can still log in as root from phpmyadmin same as before.

    Reply
  • By YI April 15, 2011 - 6:21 am

    Why don’t you just remove super user root ??

    Reply
  • By Berto May 13, 2011 - 11:00 am

    Remove root from the entire system? Hah… I kind of need that guy. Unless you mean to use sudo and not have root. A good idea to explore, but not going to test it on a production server.

    Reply
  • By Schadenfroh May 15, 2011 - 3:08 pm

    Greetings,

    Thanks for this post, helped me discover the correct setting to disable root.

    Seems to be working in Ubuntu Server 11.04.

    Just had to add:
    $cfg[‘Servers’][$i][‘auth_type’] = ‘cookie’;
    $cfg[‘Servers’][$i][‘AllowRoot’] = FALSE;

    Before the line in config.inc.php that states:
    /* Configure according to dbconfig-common if enabled */

    As adding it after would cause $i to be off by one under certain conditions (it is incremented inside that conditional statement).

    Reply
  • By patryk August 15, 2011 - 6:31 am

    i’m using one more thing, since i want to b able to login as root from some spciffic computers…

    so i have a file with IPs of root-allowed hosts (/etc/phpmyadmin/root.hosts)
    one IP per line.
    and under ‘$cfg[‘Servers’][$i][‘AllowRoot’] = FALSE;’

    i have this piece of code:

    $roothosts = file_get_contents(‘/etc/phpmyadmin/root.hosts’);
    $roothosts = explode(“\n”, $roothosts);
    $roothostsi = 0;
    while(isset($roothosts[$roothostsi])){
    if($_SERVER[‘REMOTE_ADDR’] == $roothosts[$roothostsi]){
    $cfg[‘Servers’][$i][‘AllowRoot’] = TRUE;
    }
    $roothostsi++;
    }

    this way i can login as root only from sellected IPs ;)

    Reply
  • By Michael August 19, 2011 - 5:33 pm

    Worked like a charm! Thx!

    Reply
  • By Stephen February 22, 2012 - 11:12 am

    I tried doing this as well, and adding the line in the /etc/phpmyadmin/config.inc.php did not work.

    Solution: add that line in the /usr/share/phpmyadmin/config.inc.php

    Works well.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *


*