Cpanel Phpmyadmin

[will72wein]

Hi,

I just switched to cpanel from ensim. CPanel is definitely much better. I have a question about phpMyadmin. It shows up as preinstalled in the Cpanel control panel. When I click on it I don't have to enter a password again. Is it operating under the main cpanel password and that is why i don't need to enter the password again? Is it possible to have a separate password for it. How secure is phpMyadmin that comes preinstalled? Are there any additional measures i can take to make it more secure? Where are the databases stores? Is it possible to access it on the domain without going through the 2082 port? Is it safe to use phpMyadmin and how much safer is it than installed phpmyadmin on the domain and not using the cpanel version?

[cPanelDavidN]

will72wein,

Welcome! Glad to hear you're enjoying cPanel. PhpMyAdmin is one of several 3rd party applications that are including with cPanel's core functionality. All included 3rd party applications are given special care by our developers and integration staff to ensure stability and security. This includes refactoring and authoring patches that we not only apply to our own product, but, often times, also send upstream to the maintainers.

Authentication: Yes, your assumption is essentially correct. If one has access to yourdomain.com:2082, then one has access to phpMyAdmin. Again, phpMyAdmin is similar to other 3rd party applications that included with our product: we handle the security and auth exchange. To my knowledge, there cannot be a separate password for a phpMyAdmin. If one has a phpMyAdmin username that's the same as the domainowner username, they must be synchronized.

The databases are stored just like any other server. It's dependent on you hosting provider. In the simplest scenario, they're on the same server that is serving your domain. How the databases and the privileges are managed is up to your hosting provider and their implementation of cPanel. Out of the box, cPanel v11.25.0 and lesser use the traditional 'domainowner_uniquedbname' name structure and the various grants within the MySQL schema necessary to enforce ACL. Future versions of cPanel will implement an internal mapping schema for the name structure that will help overcome the inherit length limitation of MySQL db names (16 alphanumeric). For this reason alone, installing a db managing software might prove futile in future cPanel versions. (unless you apply our patches).

While it may be possible to install phpMyAdmin within your own domain, it's probably not going to make it any more secure. In fact, unless you monitor CVE, frequently update applications and manage other errata related to this community application, I don't see it being a substantial benefit vs. risk vs. effort. However, I understand your desires. If you decide to go that route I hope it works. Let us know on the forums!

Best Regards,
-David

--
David Neimeyer
Quality Assurance
cPanel, INC.

[winger]

Hi David,

so we can not use phpmyadmin only with the user database login?

thanks!

[cPanelDavidN]

Hi winger,

I'm not sure I understand you phrasing fully?

phpMyAdmin, as implemented in cPanel, is only accessible via the cPanel (ie, http://yourdomain.net:2082 or https://yourdomain.net:2083 or http://yourdomain.net/cpanel). Therefore, one must have the cPanel credentials.

Another way to state it: when selecting phpMyAdmin from the cPanel interface, it automatically logs you in; there's no login page, it's designed to be a direct access portal for the cPanel user.

If you need to give someone access to your various databases there's 3 essential steps:

1) create the database user and grant user access to any database as necessary using "MySQL Databases" in your cPanel interface.

2) enter their IP or domain (or a wildcard if absolutely necessary) using "Remote MySQL". NOTE, a wildcard will allow ANY remote MySQL connection and is not recommended. By specifying a particular IP or domain, you greatly decrease the likelihood of a dictionary or brute force attack.

2) find or recommend to this person a MySQL client that they can use. Personally, I like mysql CLI However, a quick web search for "MySQL GUI" yields many positive possibilities.

Cheers,
-Dave

--
David Neimeyer
Quality Assurance
cPanel, INC.