Thread: Hacked!!!
View Single Post
  #16  
Old 2nd March 2010, 13:39
SamTzu SamTzu is offline
HowtoForge Supporter
 
Join Date: Apr 2007
Location: Helsinki
Posts: 438
Thanks: 34
Thanked 56 Times in 39 Posts
Send a message via Skype™ to SamTzu
Default

I think I'm going to go with .htaccess that ask's LDAP (zimbra) for the user ID and password.

I all ready have the .htaccess ready but we have not used it anywhere yet because the LDAP is not SSL protected.

Anyway we can use somekind of phpmyadmin account and change it's password regularly to avoid problems like this.

Most ordinary clients do not use MySQL tools anyway. And those who need to use them can ask for a password.


PS. How often you guys change the mysql root password?
__________________

Sami Mattila
Internet-Content

Telephone:
00358942833310
Email: firstname.lastname@internet-content.org
Shop: http://shop.internet-content.net
Site: http://www.internet-content.net
Blog: http://www.internet-content.net/en/blog
FB: https://www.facebook.com/internetcontent

Reply With Quote