WordPress Themes PHPMyAdmin – or PMA – is an excellent free, open source web-based database client which can be used to interact more easily with MySQL and WordPress databases. I’ll describe how to install it, secure it and some common scenarios with which it can assist you in WordPress administration. Here’s an online demo of PMAfor you to explore.
In addition to offering a visual GUI for database operations, I also appreciate being able to run command line SQL operations via my browser without having to log in to the server via SSH. For example, some WiFi and mobile connections regularly terminate persistent SSH sessions, making database tasks problematic.
Getting started with PMA is fairly straightforward on Linux. I’ll describe how to do so with Ubuntu 14.x at Digital Ocean. Log in to your server via SSH:
apt-get install phpmyadmin
You can use the default settings during installation or customize them to your liking.
On a typical WordPress installation, there aren’t any direct ports to MySQL for a hacker to try to access. They might try to break in via SSH or try SQL injection attacks against WordPress, but they can’t directly attack the database. Once you install PMA, anyone can run web-based attacks against it in order to gain control of your database, so care is warranted.
There are a few precautions I recommend when configuring PMA.
1. Use very strong passwords for all of your MySQL accounts, especially the root account. e.g. 25 characters for the root password.
2. Use different MySQL accounts and privileges for each WordPress site running on a single server. This way if one WordPress password is compromised, only one site’s database is compromised.
3. Change the default URL used by PMA. This way people can’t visithttp://yourblog.com/phpmyadmin. While this security by obscurity isn’t a very effective technique, it does add some protection.
Add an alias to the apache.conf file:
Alias /myobscuredpma /usr/share/phpmyadmin
service apache2 reload
Then, to access PMA, visit http://yourblog.com/myobscuredpma
If you need to modify your PHPMyAdmin password, you can edit the config-db.phphere:
4. Configure Web Authentication for the PMA Site. This will require that you enter an additional password to gain access to PMA, in addition to your database password, like this:
It’s very important to remember that PMA allows you to directly manipulate the WordPress database; that means it’s quite easy to break your WordPress site if you don’t know what you’re doing. It’s especially unwise to apply database scripts from the web unless you understand them completely. Use PMA with great care.
for more: http://code.tutsplus.com/tutorials/installing-and-using-phpmyadmin-with-wordpress–cms-21944
This Demo Content Brought to you by Momizat Team
E-posta hesabınız yayımlanmayacak. Gerekli alanlar * ile işaretlenmişlerdir
2014 Powered By Wordpress, Goodnews Theme By Momizat Team