SMF Support > SMF 2.0.x Support

phpMyAdmin Security

(1/1)

Jaap Stam:
A disgrunteled ex-admin has gained access to our phpMyAdmin and is deleting members periodically from there. Despite having changed the login to our host CP it seems that this hasn't booted this persom from phpMyAdmin. I'm wondering if you could suggest any ways we might achieve this? It seems at the moment that as long as this idiot keeps his window open he'll be able to do as much damage as he pleases.

Many thanks

Orangine:
did you change all phpmyadmin user passwords (and root of course too)?

Jaap Stam:
It appears to me that our host doesn't have passwords for phpmyadmin. Just an actual login to the control panel and then direct access thereon.

I have changed the password to the databases (the one that appears in setting.php) but this has done nothing to abate him.

Jaap Stam:
It's a real pain. This swine has deleted tens of members he just happened not to get along with in his time on the forum.

(F.L.A.M.E.R):
- Ask your host to change the necessary passwords in case of security breaches.
- Change your database passwords.
- Remove him from administration permissions or even ban him if required.
- Check for any suspicious files he has uploaded and delete them.

That should most probably stop the user from getting access to phpmyadmin.

Navigation

[0] Message Index