cPanel & WHM Version 92 has been released, and brings a slew of great updates. Take a look at what is included, and then upgrade today!

As an administrator I want to manage table-level privileges in MySQL so I don't need to leave cPanel & WHM for this administrative duty

Melan Peiris shared this idea 7 years ago
Open Discussion

As cpanel administrator, Manage users and privileges via phpmyadmin is very important. Because recently we are experiencing few of our customers web sites got hacked. This can be happened due to some vulnerability of the CMS's. Can be hacked the cms and DB and DB users. If so they can edit the relevant tables that user has been granted.


This must be worst. And as security concern if we can be able to manage the table-level privileges via GUI it'll be strict with up to some extend.


It's not to be strict to the phpmyadmin, if it's can be integrated with the WHM that also should be ok.

Comments (6)

photo
2

Simply give us back the ability to edit user privileges within phpMyAdmin that was recently removed as per http://forums.cpanel.net/f354/phpmyadmin-users-tab-gone-367661.html


There are times where direct privilege edits are useful so please return the functionality that was foolishly removed from phpMyAdmin.

photo
1

cPanel needs to either provide a configuration override that adds the Users tab back to WHM's phpMyAdmin.. or they need to enhance the cpanel database wizard to allow cpanel users to create database users that only have specific table-level privileges.


An example of WHY this is needed:

* Customer has a web application that has a private backend website and a public frontend website

* On the backend website, a database user is created that has full read/write to all tables within a database

* On the frontend website, a database user should be created that only has READ access to the SPECIFIC tables within the database that is needed.


Without the ability to do this, the customer is forced to create a database user that has READ access to ALL tables within the database, which can create a security issue for the website and increase the changes of a hacker gaining access to data they should not.


cPanel removing this functionality (the Users tab in WHM's phpMyAdmin), without first making sure that they provide the same functionality elsewhere is irresponsible and unprofessional. I am surprised and disappointed that cPanel would have made this change.

photo
1

if hackers added a user to the DB (which could be that they did) it should show in privileges section. Now i can't see them.

photo
1

When running a website, I would want to limit reading to specific tables, and writing to specific table, and maybe I have specific columns in specific tables.

All this was possible before removing the Users tabs, and it is a great deal of security consideration.

photo
1

I think this is compensating for deficiencies in Cpanel / WHM which should be able to accommodate creation of database outside of cpanel. This is extremely frustrating.

photo
1

Without it, we can't be server admin and go everything command line, so much time consuming!!! Please bring back