Extend PHPMyAdmin to open database without password

Viewed 36

It may be possible to access to phpmyadmin injecting the user and pass into the url via .

2 Answers

The HestiaCP panel does not have this function, hence there is no such function in our module either.

I realize that it is convenient because we also used many hosting panels and in some there was such a function, but in terms of security it was not recommended. In order for PHPMyAdmin to be able to log in to each database, it must be invoked with root privileges and this is a serious security problem. Another way to solve this problem would be to list the access data each time a database is created, and then use that list to automatically open the databases. It is also not secure and recently more and more systems do not facilitate access to the database and require unambiguous access data to a specific database.

Since our module only "controls" the HestiaCP mechanisms, we also do not want to build such a function from scratch, because from experience we believe that security is the most important thing.

I hope this indicates an approach focused on safety, even at the ex

It looks like this functionality is already in development by HestiaCP team, we hope that it will be available in the API