Database Reference
In-Depth Information
In this case, all
deny
rules will be applied first, followed by
allow
rules. If a case is
not mentioned in the rules, access is granted. Being more restrictive, we'd want to
deny by default. We can use:
$cfg['Servers'][$i]['AllowDeny']['order'] = '
allow,deny
';
This time, all
allow
rules are applied first, followed by
deny
rules. If a case is not
mentioned in the rules, access is denied. The third (and most restrictive) way of
specifying rules order is:
$cfg['Servers'][$i]['AllowDeny']['order'] = '
explicit
';
Now,
deny
rules are applied before
allow
rules. But for them to be accepted, a
username/IP address must be listed
in the
allow
rules, and not in the
deny
rules.
Simplified rule for root access
As the
root
user is present in almost all MySQL installations, it's often the target of
attacks. Starting with phpMyAdmin 2.6.1, a parameter permits us to easily block all
logins of the MySQL's
root
account, using the following:
$cfg['Servers'][$i]['AllowRoot'] = FALSE;
Restricting the list of databases
Sometimes it is useful to avoid showing in the left panel, all the databases a user has
access to. phpMyAdmin offers two ways of restricting—
only_db
and
hide_db
.
To specify the list of what can be seen, the
only_db
parameter is used. It may contain
a database name or a list of database names. Only these databases will be seen in the
left panel:
$cfg['Servers'][$i]['only_db'] = 'payroll';
$cfg['Servers'][$i]['only_db'] = array('payroll', 'hr);
The database names can contain MySQL wildcard characters like
_
and
%
. If an array
is used to specify many databases, they will be displayed on the interface in the same
order they are listed in the array.
Another feature of
only_db
is that you can use it not to restrict the list, but instead
to put emphasis on certain names that will be displayed on top of the list. Here, the
myspecial
database name will appear first, followed by all other names:
$cfg['Servers'][$i]['only_db'] = array('myspecial', '*');
Search WWH ::
Custom Search