Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
The VPS I was using used to have phpMyAdmin pre-installation option but removed it stating it poses security risk. Does it?
If so do you recommend an alternative for browsing DB on production (other than running SQL commands in console)?
Any extra software you add to a system adds complexity. Complexity is the enemy of security.
PHP webapps are notorious for sloppy coding and certainly phpMyAdmin has had more than its share of security holes in the past. You can certainly mitigate the damage by eg. putting behind HTTPS with a client certificate, but that’s not going to prevent cross-site-request-forgery attacks.
For a production machine, I’d really prefer to stick to the console.