Is is a security risk to have phpmyadmin available to customers from the cpanel. if so is there any way to lock it down so they cant use it but I can use it as root?
Hello,
Yes, You can disable phpmyadmin for cpanel through your WHM>>Packages >> Feature Manager >> edit default Feature List and untick the phpmyadmin and save that list.
Yes, You can disable phpmyadmin for cpanel through your WHM>>Packages >> Feature Manager >> edit default Feature List and untick the phpmyadmin and save that list.
Honestly, it's a lot more secure to allow them to use phpmyadmin through cPanel than if they put it on their account themselves. I've seen lots of security issues from customers putting thier own copy of phpmyadin on their site; I haven't seen any issues from use via cPanel. If one of your customers needs it, I'd recommend letting them use it via cPanel, rather than risk having them install it themselves. They'll only have access to databases associated with their account anyway.
You could disable phpMyAdmin in the feature list associated with the package assigned to the account. However, the user may then opt to install phpMyAdmin manually to the account, as the previous poster suggested.
Thank you.
| Thread starter | Similar threads | Forum | Replies | Date |
|---|---|---|---|---|
|
Possibilities to disable WordPress FileManager and phpMyAdmin plugins | Security | 7 | |
| F | SOLVED [CPANEL-25286] Updating phpMyAdmin | Security | 2 | |
|
SOLVED [CPANEL-24366] phpMyAdmin version 4.8.4 | Security | 2 | |
|
Temp FTP and phpMyAdmin access for Developer? | Security | 1 | |
| S | default PhpMyAdmin version is unsecure | Security | 3 |