Noah Berlove <[EMAIL PROTECTED]> said: > Darrell, > > Another option is to take advantage of Advanced Authentication using > phpMyAdmin. Thanks for the comment Noah. My choice was to keep it simple for the majority of users whom I'm willing to bet do all the admin work themselves. To meet this market, I chose to force SSL and grant access to the admin user only. Having said this, I agree with you 100%. Advanced Authentication has many benefits. In addition to Advanced Authentication, anyone truly concerned with security should change all the default mySQL application usernames/passwords, editing the applications individual config files as appropriate, after every install. Again, I think your idea is excellent. I'm note sure if a new rpm release incorporating it is best or if a better choice may be for you to create a 'phpMyAdmin Advanced Security HowTo'. This way we have a simple rpm for everyone and those that have the need to tighten things up can do so themselves. What does the community think? -- Darrell May DMC NETSOURCED.COM http://netsourced.com -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
