• There is NO official Otland's Discord server and NO official Otland's server list. The Otland's Staff does not manage any Discord server or server list. Moderators or administrator of any Discord server or server lists have NO connection to the Otland's Staff. Do not get scammed!

PhpMyAdmin issues

J

jeffaklumpen

Member
Joined
Jan 20, 2022
Messages
76
Solutions
2
Reaction score
15
GitHub
jeffaklumpen
I've got a server online and noticed that one random player started activating raid events. I then noticed that he had group_id: 5 making him a GM. My first thought was that the database had been hacked so I looked for things to make the database safer.

I blocked the port 3306. I changed the password for the "root" and "pma" users to a randomly generated password. But after I did that I get this error message in the PhpMyAdmin interface:

Access denied for user 'pma'@'localhost' (using password: YES)

I'm not using either the root user or pma. I made a user with full access. How can I fix this? I'm using Uniserver.
 
Last edited:
Sort by date Sort by votes
jeffaklumpen said:
I've got a server online and noticed that one random player started activating raid events. I then noticed that he had group_id: 5 making him a GM. My first thought was that the database had been hacked so I looked for things to make the database safer.

I blocked the port 3306. I changed the password for the "root" and "pma" users to a randomly generated password. But after I did that I get this error message in the PhpMyAdmin interface:

Access denied for user 'pma'@'localhost' (using password: YES)

I'm not using either the root user or pma. I made a user with full access. How can I fix this? I'm using Uniserver.
Click to expand...
serverfault.com

Changing host permissions for MySQL users

I have the following grants for a user/database mysql> SHOW GRANTS FOR 'username'@'localhost'; +---------------------------------------------------------------------------+ | Grants for username@
serverfault.com serverfault.com
 
Upvote 0 Downvote
jeffeklumpen, just a few mentions about security. Dont open all ports and make sure you have your server behind a proper firewall. Having all ports open by default would open your server up to all kinds of attacks. If you need to manage it remotely, use a VPN with strong a strong protocol. PPTP for example is from what I understand easily broken.

Use port forwarding for the specific ports you want to use, point at your server IP. Normally that would be 7171, 7172 for game server and 80, 443 for web server. All of these could be hosted on the same server.
Using cloudflare for example, you could secure 80 and 443 by presenting the webpage through their proxy, and only allow connections from cloudflare to your ip. Proxying traffic that the game server uses is harder and, to my knowledge, requires a paid proxy host, using iptables or similar on a linux host. This is because proxies like cloudflare only handle HTTP traffic, and not general TCP.

Also make sure you generate strong passwords for the database and only grant minimal access for the database user.
User for server would have full access (not grant). And pma user needs everything (including grant, if you would like to manage user permissions) since this is the super user account.
When possible, dont use 'user'@'%', since % is wildcard. Specify connection ip, whether it is a different server ip or localhost.

As Alberto mentioned the solution is to run a sql query within the server to change permissions of pma user. Never used uniserver, but it looks like you'd do this in the mysql console: MySQL Console (Prompt) (http://www.uniformserver.com/ZeroXI_documentation/server_utils_mysql_console.html)

This is just my take on it, I'm sure we have plenty of people who are way better on securing servers here on otland.
 
Upvote 0 Downvote
jonasu said:
jeffeklumpen, just a few mentions about security. Dont open all ports and make sure you have your server behind a proper firewall. Having all ports open by default would open your server up to all kinds of attacks. If you need to manage it remotely, use a VPN with strong a strong protocol. PPTP for example is from what I understand easily broken.

Use port forwarding for the specific ports you want to use, point at your server IP. Normally that would be 7171, 7172 for game server and 80, 443 for web server. All of these could be hosted on the same server.
Using cloudflare for example, you could secure 80 and 443 by presenting the webpage through their proxy, and only allow connections from cloudflare to your ip. Proxying traffic that the game server uses is harder and, to my knowledge, requires a paid proxy host, using iptables or similar on a linux host. This is because proxies like cloudflare only handle HTTP traffic, and not general TCP.

Also make sure you generate strong passwords for the database and only grant minimal access for the database user.
User for server would have full access (not grant). And pma user needs everything (including grant, if you would like to manage user permissions) since this is the super user account.
When possible, dont use 'user'@'%', since % is wildcard. Specify connection ip, whether it is a different server ip or localhost.

As Alberto mentioned the solution is to run a sql query within the server to change permissions of pma user. Never used uniserver, but it looks like you'd do this in the mysql console: MySQL Console (Prompt) (http://www.uniformserver.com/ZeroXI_documentation/server_utils_mysql_console.html)

This is just my take on it, I'm sure we have plenty of people who are way better on securing servers here on otland.
Click to expand...
Thank you for the tips! I'll look into that :D
 
Upvote 0 Downvote

Similar threads

Steven92
  • Question
Solved database connection issue
Replies
0
Views
174
Steven92
Steven92
P
  • Question
Solved TFS 1.4 won't connect to database
Replies
0
Views
130
Pidign
P
excool
  • Question
TFS 1.5 Downgrade 8.6 by Nekiro Problems while creating the server!
Replies
0
Views
289
excool
excool
E
  • Question
how to have an woking theforgottenserver 1.2 due to a prob of mysql and sha2?
Replies
2
Views
358
PuszekLDZ
PuszekLDZ
Epsilons
  • Question
OTClient Stuck on "Please wait : Connecting to login server" (ERROR: got a network message with invalid checksum)
Replies
9
Views
519
Marko999x
Marko999x
Back
Top