Sooner or later, any website owner is faced with working directly with a database. For these purposes, phpmyadmin was developed, which in most cases is already installed and configured on your hosting. But often the webmaster is required to change the root password for phpmyadmin. It seems like a simple task, but for some reason this problem causes considerable difficulties for most people. Personally, this was the case for me.
I had this need after reinstalling the operating system on a VPS server from Majordomo, after which I simply could not log into phpmyadmin with the default password. I had to urgently change it.
The password itself to access phpmyadmin matches the password root to the MySQL server that you specified during installation. If you forgot this password for some reason, you can recover it quite simply. The password recovery method is described in the article:
There is one more small nuance that should be considered when you use phpmyadmin - this is the way to authorize this add-on.
Only one phpmyadmin configuration file is responsible for all this - config.inc.php, which in the FreeBSD operating system is located in the directory /usr/local/www/phpMyAdmin. The contents of my file, which is the combat file, are:
Now let's look at where, what and how...
- blowfish_secret is an arbitrary phrase that is needed to encrypt passwords in cookies. It is safer to change it to any other one, just not the standard one.
- auth_type– this is an authorization type that can take 2 values: config And cookie:
- config– indicates that the login/password will be taken from this file (the next two lines user And password). With this mode, a successful login will always happen when you or someone else simply goes to your domain, where phpmyadmin is also located and may have the opportunity to do all sorts of dirty tricks there.
- cookie– indicates that the login/password will be asked every time someone goes to the address where phpmyadmin is located. The correct password will be stored encrypted in cookies on your computer.
- user And password– this is the username (in our case it should be root) and password. In this configuration file they are added just for example and for use cookie they can be removed altogether.
- AllowNoPassword– can take values true(true) and false(lie). Actually, login without a password is allowed (true) or not (false)
- extension– can take on a meaning mysql And mysqli. The first must be specified if you are using phpmyadmin in MySQL bundles below 4.1.3. The second one is if you are using a MySQL version higher than 4.1.3.
Of course, there are more of these parameters; here are only the most basic ones that are necessary for the normal operation of phpmyadmin.
Recovering the admin password using phpMyAdmin. Wodrpress, DLE, Joomla and other cms
When a web master has only one website or blog, and email, only in Yandex and Google, there is no confusion with access passwords to the admin area.
Over time, new sites appear, new boxes for various purposes. Of course, it is impossible to keep this entire array of data in your head without proper accounting.
Probably the simplest and most reliable tool is a simple table created in Word or Excel. It is better if it is stored on a removable storage device like a flash drive. But as always, disorganization and Russian aptitude interfere, like I’ll write down the data later.
When purchasing one site, I received files and a database dump. After installation on my hosting, I was denied access to the admin panel. Since when uploading a new database, WordPress changed the password, login and email of the admin. What to do in such a case?
As always, phpMyAdmin comes to the admin's rescue! If you have access, changing your password, login, or email takes place in a matter of minutes. This method is not new, it is described in various sources, but it is the most efficient and accessible for beginners.
A small digression. In the database, user passwords are stored encrypted using MD5. The operating principle is as follows. When entering the admin panel, the admin enters his password and login. A hash function is calculated from the entered password, and the result is compared with the value stored in the database. If the values are equal, the password is correct.
On a well-known resource, there is a simple service that allows you to MD5 encryption:
There are many similar services on the Internet, you just have to type “MD5” in the search.
Changing password, login and email. Wordpress mail via phpMyAdmin:
Go to the phpMyAdmin panel of your site
2. Select the desired database, if there is more than one
3. Select the wp_users table, action "Browse"
4. Click the mouse and look:
user_pass- $P$BkIM9ktWqa4z5yUiGh442kNqbKx/fG0
user_nicename- admin
user_email- [email protected]
display_name- admin
Editing the data in the table:
Here I think explanations are unnecessary; we can safely change all this data to our own.
Now let's remember about MD5, encrypt your new password and enter it in the user_pass field.
For example:
admin-
superadmin -
123
-
1. Insert the required password value into the user_pass field
2. Change your email to yours
3. Click on the “Go” button
An SQL query is executed and the changes made in the database table are shown:
After this, you can safely go to the admin panel, you need to enter not a hash, but a word encrypted in MD5, for example, as in my examples: admin, superadmin or 123.
This method works on any platform, such as DLE, Joomla, Joostina or Drupal, i.e. on all sites using a MySQL database. The only difference is in the names of the tables where user passwords are stored. For example, let's look at the site database on dle.
Changing password, login and email. DLE mail via phpMyAdmin:
1. Open the dle database of the site
2. Find the dle_users table, user data is stored here
3. Click on "Browse"
4. Edit and save data
Method number 2.
1. Go to phpMyAdmin
2. Select SQL at the top
3. You must insert the following request into the form:
INSERT INTO `dle_users` (`email` , `password` , `name` , `user_group`)
VALUES(" [email protected]", "d9b1d7db4cd6e70935368a1efb10e377", "newadmin", "1");
4. After this, log in to the site with the following data:
Login: newadmin
Password: 123
How to change the admin password to access the admin panel of a site on Joomla:
1. Open the database of the joomla site
2. Looking for a table
3. Edit your password, login or email
4. Save
You can work with any site in a similar way, the main thing is to find a table with users. If there are many users on the site, then the main administrator always has user_id=1.
For those new to the internet, don't worry or be afraid to use phpMyAdmin. Any operation can be canceled if you doubt the correctness of your actions. But learning and using it practically competently can only be done through trial and error.
I would like to separately note that the described method is not the only one. You can also change the password using an SQL query. But for beginners it is still complicated, and experienced webmasters do not need any explanation.
This method of password recovery, as well as changing the admin’s login and email, can be used both on a local Denver server and on virtual hosting.
Good luck in mastering phpMyAdmin, never lose your passwords and access data!
Hello, friends! Today we will talk about changing the admin password in WordPress.
Changing the password in the user profile
The easiest way to change your password is from the admin menu. To change your password you need to go to Users -> Your profile.
On the page that opens, find two fields for entering a new password. Enter your new password and repeat it in the field below.
After entering the new password, be sure to press the button "Update profile", which is located at the very bottom of the page.
Changing your password using phpMyAdmin
Using the database MySQL in which WordPress stores all user data, you can also change the password. To do this you need to log into the application phpMyAdmin, which allows via browser administer the MySQL server, run commands SQL and view the contents of tables and databases. Access to phpMyAdminavailable from your hosting account.
Go to phpMyAdmin, select your site's database and click on it. After clicking, a list of database tables will open, in which we need to select a table wp_users(this table stores data about all registered users of your site).
After you click on the table wp_users you will see a list of users (if there are many) in which you need to click "Change" in the line of the user whose password we want to change. It is easy to identify a user by login, which can be seen in the column user_login.
By pressing the button "Change", you will see a form for editing user information.
In line user_pass Necessarily select MD5 functionfrom the drop-down list, then remove the old password and enter a new one.
Replacing the old password with a new one - “NewPassword”
After entering a new password save changes pressing a button OK.
Ready! You can now log into the WordPress admin menu using your new password.
If something doesn't work out for you, write in the comments and I will try to help you.
Hello, friends! Today we will talk about changing the admin password in WordPress. Changing the password in the user profile The easiest way to change the password is available from the administrative menu. To change your password, go to Users -> Your profile. On the page that opens, find two fields for entering a new password. Enter your new password and repeat it in the field below. After entering a new password, be sure to click the “Update profile” button, which is located at the very bottom of the page. Changing the password using phpMyAdmin Using the MySQL database in which WordPress stores all user data, you can also change the password. To do this, you need to log in to the phpMyAdmin application, which allows you to administer the MySQL server through your browser,...
Setting up phpmyadmin (this article)
08/16/2010 Tigrusha
and you also need to remember root for those who don’t know how to find 2 files config.inc and config.inc.php in the phpMyAdmin folders and find /* Authentication type and info */
$cfg["Servers"][$i]["auth_type"] = "config";
$cfg["Servers"][$i]["user"] = "root";
$cfg["Servers"][$i]["password"] = "";
$cfg["Servers"][$i]["AllowNoPassword"] = true;
and minya eat on your crawler current first in the base, don’t forget
01/09/2011 serdjuzz
Tell me please:
when I type in the browser (Chrome and IE they write:
The web page at http://localhost/phpmyadmin may be temporarily unavailable or may have been permanently moved to a new location.
More information about this error
The original error message is shown below
Error 101 (net::ERR_CONNECTION_RESET): Unknown error.
What's wrong?
Thank you
01/09/2011 serdjuzz
it's always like this)))
ask and you will figure it out)))
thank you, your help is mature = I’m being stupid
01/20/2011 Alexey
Thanks for this tutorial! Everything is very detailed and well written. The only thing I couldn’t do was to allow phpMyadmin to log in from the Internet (it works locally). When typing http://sitename/phpmyadmin in the browser, it gives an error:
New XAMPP security concept:
Access to the requested object is only available from the local network.
This setting can be configured in the file "httpd-xampp.conf".
I see that I need to dig in the "httpd-xampp.conf" file, but I don't know what to fix.
Admin, can you help me? Thank you in advance.
01/21/2011 admin
Alexey, in the article “Configuring and protecting Apache under Windows” I touched on this topic.
Let's look at the very end of the article.
I quote
===============
In the latest versions of xampp, access to administrative scripts is possible only with a local login, external access is closed, phpmyadmin is also only available locally.
If you want to open external access for phpmyadmin or other standard scripts, look at the file again
There is a similar design here
.....
This construction prohibits access from outside, of course the ban itself is inside this construction, but if you need to open external access for example for phpmyadmin, then simply remove it from this list.
==============
That is, from the line
remove phpmyadmin
03/14/2011 Andrey
When I register http://localhost/phpmyadmin/, I get the error The connection could not be established for the user specified in the controluser directive, using the parameters defined in the configuration file config.inc.php. Help me please!
03/15/2011 admin
Andrey, we are talking about the user pma.
The login or password for pma is incorrect.
In the settings file you need to specify a login password for it if you changed it.
$cfg["Servers"][$i]["controluser"] = "pma";
$cfg["Servers"][$i]["controlpass"] = "";
05/26/2011 Dmitry
After all the settings, phpAdmin stopped opening altogether. Doesn't respond to button presses on the panel. After entering it into the command line in the local area, it gives an error 403 and “access denied.” From the outside there is also an error. Where to dig? Everything is set up strictly according to your instructions.
05/27/2011 Admin
Dmitry, most likely they did something in the server settings.
403 is most likely a request sent to a directory that does not have an index file and file listing is prohibited in the server settings.
It seems to me that somewhere in the Apache settings the wrong path to phpmyadmin was written.
05/27/2011 Dmitry
In general, I rechecked everything again and found out this thing. If in the file
/xampp/apache/conf/extra/httpd-xampp.conf
.....
That's it... phpmyadmin becomes unavailable at all. Neither from the locale, nor from outside. Everything you need is written down in the hosts file. the paths are all correct.
True, it gave another error:
In the php.ini file, if I specified the directory D:/xampp/, it gave an error. It turned out that you need to register D:\xampp\. In this file, half of the paths are written with slashes in one direction or the other. Maybe build 1.7.4 is not properly tested?
05/30/2011 admin
Dmitry, there’s a strange situation with slashes.
There really is such a problem, slashes in different directions.
For some this causes problems, for some it does not.
For some, slashes work in one direction, for others in the other.
And for many, all slashes work.
Why such nonsense with these slashes, I can’t understand
08/10/2011 Oleg
I installed it, made protection, configured php, mysql, phpmyadmin, I don’t need anything else yet, so this appeared
Access forbidden!
You don"t have permission to access the requested directory. There is either no index document or the directory is read-protected.
If you think this is a server error, please contact the webmaster.
Error 403
localhost
10.08.2011 23:38:10
Apache
I can log into phpmyadmin, but I don’t know what to do. please help.
08/11/2011 Oleg
And I forgot to add that everything worked until I restarted Apache
08/22/2011 Victor
Oleg, in the settings there is a ban on reading a directory without an index file or somewhere else there is a ban.
But you have to look at everything locally, it’s so difficult to say why access to the directory is denied.
09/21/2011 maxim
changed the password to root and the login method set cookies
Now when I log into the admin panel it gives an error
Error
MySQL said: Documentation
#1130 - Host "localhost" is not allowed to connect to this MySQL server
Connection for controluser as defined in your configuration failed.
phpMyAdmin tried to connect to the MySQL server, and the server rejected the connection. You should check the host, username and password in your configuration and make sure that they correspond to the information given by the administrator of the MySQL server.
02.09.2012 Anton
Hello! I encountered the same problem as Dmitry
"If in the file
/xampp/apache/conf/extra/httpd-xampp.conf
remove the phpmyadmin parameter from the line
.....
That's it... phpmyadmin becomes unavailable at all. Neither from the locale, nor from outside. Everything you need is written down in the hosts file. the paths are all correct."
please tell me what to do and what and how to fix it so that everything works
01/15/2013 zenon
great article, thanks
02/20/2013 Gannibal
Please tell me how to correctly remove those that are highlighted with arrows on the screen.
Http://radikal.ru/F/s45.radikal.ru/i108/1302/a0/2868efa2d6f6.jpg.html
02/10/2014 Crooked article
After setting the password, there is no access to the admin panel. It’s 10 times easier to move the hamrr folder to another directory while NOT using phpmyadmin. And no one in life will find her.
07/26/2016 Evgeniy
A typical absolutely useless article, written by someone unknown and for what purpose!
“Go to the Privileges tab...” But there is NO SUCH TAB in PHPmyadmin!!! ABSOLUTELY NO! Why the hell write such articles???
That's why I started looking for materials because this stupid program, in principle, does not contain anything similar to access settings in the interface. And the author of this “article” did not help at all.
.
3.
Now you must create a configuration file (config.inc.php). Creating a configuration file is a prerequisite primarily for launching phpMyAdmin, and is also necessary for setting some features. This task can be accomplished in two different ways. Traditionally, users can manually edit a copy of the config.inc.php file. In addition, users who prefer graphical installation can use the installation wizard (installation script).
- In order to manually create a configuration file, a simple text editor is enough, with which you need to create the file config.inc.php. To simplify the task, you can copy the contents of the config.sample.inc.php file into a text editor - a sample working configuration containing a minimum number of configuration variables.
The created file must be placed in the main phpMyAdmin directory (the one that contains index.php). phpMyAdmin first loads libraries/config.default.php, and then replaces the values of the variables written in it with those it finds in config.inc.php. If the default value (of those variables defined in libraries/config.default.php) suits you, then there is no need to include it in config.inc.php. To run phpMyAdmin you will need at least a few directives, the simplest configuration might look like this:
$cfg["blowfish_secret"] = "ba17c1ec07d65003"; // use here a value of your choice
$i=0;
$i++;
$cfg["Servers"][$i]["auth_type"] = "cookie";
?>
Or, if you do not want to enter your login/password every time (this configuration is not recommended for security reasons), the configuration file may look like this: - Instead of manually editing the config.inc.php file, you can use an installation script. First of all, you need to manually create a "config" folder in the main phpMyAdmin directory. This is a security measure. When working under Linux/Unix OS, you can use the following commands:
To edit an existing configuration file, you can use the following commands:
On other platforms, simply create a directory and make sure your web server has read and write permissions to it. FAQ 1.26 may help in this case.
Then, open scripts/setup.php in your browser. Remember that changes will not be saved to disk until the "Save" button in the "Configuration" block is clicked. If all is well, the script will save the new config.inc.php to the config/ directory, but if the web server does not have the necessary rights, you may see a "Cannot load or save configuration" error message. In this case, make sure that the config/ directory has been created and has the necessary rights, or use the "Download" link to save the configuration file to your local disk and then upload it (for example, via FTP) to the server.
Once the file has been saved, you need to move it from the config/ directory to the main phpMyAdmin directory and, for security reasons, reset its permissions:
The file is now ready to use. You can view and edit the configuration file in a text editor if you need to install some advanced options that are not included in the installation script.
5. Open the main phpMyAdmin directory in your browser. The phpMyAdmin and Your Databases welcome window should appear, or the login window if using HTTP or cookie authentication mode. 6. You must deny access to the ./libraries subdirectory via your web server. If you are using the Apache web server, you can use the .htaccess file to protect the directory. When using other web servers, you must deny access to the ./libraries directory yourself. Such configuration is a preventive measure in case of detection of vulnerabilities: possible path exposure and cross-site scripting (XSS).
Linked-tables infrastructure
To use many of the options (bookmarks, comments, SQL history, PDF schemas, field content conversion, etc.) you need to create a set of special tables. These tables can be located both in your database and in the central database in a multi-user system (in this case, this database can only be accessed by the controluser user, respectively, other users do not have rights to it).Go to the scripts/ directory, here you will find the create_tables.sql file. (If you are using a Windows server, pay special attention to FAQ 1.24).
If you have MySQL server version 4.1.2 or later installed, use instead of the above file create_tables_mysql_4_1_2+.sql, for a new installation.
If you already have a ready-made infrastructure and are upgrading MySQL to version 4.1.2 or higher, use upgrade_tables_mysql_4_1_2+.sql.
You can use phpMyAdmin to create databases and tables; to do this, you must have administrative privileges to create databases and tables, and therefore the script may need some minor configuration (specifying the name of the database).
After importing create_tables.sql, you must define table names in the config.inc.php file, using the directives described in the "Configuration" section. In addition, you must have controluser rights to the table data (see below, section “Using the authentication mode”).
Updating an old version
Just copy the configuration file ./config.inc.php from the previous version to the directory where phpMyAdmin was unpacked. Configuration files from very old versions (2.3.0 or older) may require some adjustments because... some options have been changed or removed.If you have upgraded your MySQL server from a version older than 4.1.2 to version 4.1.2 or later, and are using a linked table infrastructure, then you need to run the SQL script that is located in scripts/upgrade_tables_mysql_4_1_2+.sql.
Using Authentication Modes
When using the "HTTP" and "cookie" modes of phpMyAdmin, it is recommended to create a user (controluser), who should only have rights to select (SELECT) from the following tables: mysql.user (all columns except "Password"), mysql.db ( all columns), mysql.host (all columns) and mysql.tables_priv (all columns except "Grantor" and "Timestamp").GRANT USAGE ON mysql.* TO "pma"@"localhost" IDENTIFIED BY "pmapass";
GRANT SELECT (
Host, User, Select_priv, Insert_priv, Update_priv, Delete_priv,
Create_priv, Drop_priv, Reload_priv, Shutdown_priv, Process_priv,
File_priv, Grant_priv, References_priv, Index_priv, Alter_priv,
Show_db_priv, Super_priv, Create_tmp_table_priv, Lock_tables_priv,
Execute_priv, Repl_slave_priv, Repl_client_priv
) ON mysql.user TO "pma"@"localhost";
GRANT SELECT ON mysql.db TO "pma"@"localhost";
GRANT SELECT ON mysql.host TO "pma"@"localhost";
GRANT SELECT (Host, Db, User, Table_name, Table_priv, Column_priv)
ON mysql.tables_priv TO "pma"@"localhost";
You need to set the settings for controluser in the config.inc.php file in the following sections: $cfg["Servers"][$i]["controluser"] And $cfg["Servers"][$i]["controlpass"].
In the example below, the following values are used for training purposes: "controluser" - "pma", "pmapass" - "controlpass". But in practice, use other values in your files!
Of course, if necessary, localhost must be replaced with the real name of the web server.
If you are using an older version of MySQL (below 4.0.2), replace the first GRANT SELECT query with the following:
GRANT SELECT (Host, User, Select_priv, Insert_priv, Update_priv, Delete_priv, Create_priv, Drop_priv, Reload_priv, Shutdown_priv, Process_priv, File_priv, Grant_priv, References_priv, Index_priv, Alter_priv) ON mysql.user TO "pma"@"localhost";
And if you want to use the bookmarking and linking features:
GRANT SELECT, INSERT, UPDATE, DELETE ON
(of course, this assumes that the linked table infrastructure must be configured).
