Cookie authentication options ¶
$cfg['blowfish_secret']¶-
Type: string Default value: ''The "cookie" auth_type uses AES algorithm to encrypt the password. If you are using the "cookie" auth_type, enter here a random passphrase of your choice. It will be used internally by the AES algorithm: you won't be prompted for this passphrase.
The secret should be 32 characters long. Using shorter will lead to weaker security of encrypted cookies, using longer will cause no harm.
Note
The configuration is called blowfish_secret for historical reasons as Blowfish algorithm was originally used to do the encryption.
Changed in version 3.1.0: Since version 3.1.0 phpMyAdmin can generate this on the fly, but it makes a bit weaker security as this generated secret is stored in session and furthermore it makes impossible to recall user name from cookie.
$cfg['LoginCookieRecall']¶-
Type: boolean Default value: true Define whether the previous login should be recalled or not in cookie authentication mode.
This is automatically disabled if you do not have configured
$cfg['blowfish_secret'].
$cfg['LoginCookieValidity']¶-
Type: integer [number of seconds] Default value: 1440 Define how long a login cookie is valid. Please note that php configuration option session.gc_maxlifetime might limit session validity and if the session is lost, the login cookie is also invalidated. So it is a good idea to set
session.gc_maxlifetimeat least to the same value of$cfg['LoginCookieValidity'].
$cfg['LoginCookieStore']¶-
Type: integer [number of seconds] Default value: 0 Define how long login cookie should be stored in browser. Default 0 means that it will be kept for existing session. This is recommended for not trusted environments.
$cfg['LoginCookieDeleteAll']¶-
Type: boolean Default value: true If enabled (default), logout deletes cookies for all servers, otherwise only for current one. Setting this to false makes it easy to forget to log out from other server, when you are using more of them.
$cfg['AllowArbitraryServer']¶-
Type: boolean Default value: false If enabled, allows you to log in to arbitrary servers using cookie authentication.
Note
Please use this carefully, as this may allow users access to MySQL servers behind the firewall where your HTTP server is placed. See also
$cfg['ArbitraryServerRegexp'].
$cfg['ArbitraryServerRegexp']¶-
Type: string Default value: ''Restricts the MySQL servers to which the user can log in when
$cfg['AllowArbitraryServer']is enabled by matching the IP or the hostname of the MySQL server to the given regular expression. The regular expression must be enclosed with a delimiter character.It is recommended to include start and end symbols in the regullar expression, so that you can avoid partial matches on the string.
Examples:
// Allow connection to three listed servers: $cfg['ArbitraryServerRegexp'] = '/^(server|another|yetdifferent)$/'; // Allow connection to range of IP addresses: $cfg['ArbitraryServerRegexp'] = '@^192\.168\.0\.[0-9]{1,}$@'; // Allow connection to server name ending with -mysql: $cfg['ArbitraryServerRegexp'] = '@^[^:]\-mysql$@';
Note
The whole server name is matched, it can include port as well. Due to way MySQL is permissive in connection parameters, it is possible to use connection strings as
`server:3306-mysql`. This can be used to bypass regullar expression by the suffix, while connecting to another server.
$cfg['CaptchaLoginPublicKey']¶-
Type: string Default value: ''The public key for the reCaptcha service that can be obtained from https://www.google.com/recaptcha/intro/v3.html.
reCaptcha will be then used in Cookie authentication mode.
$cfg['CaptchaLoginPrivateKey']¶-
Type: string Default value: ''The private key for the reCaptcha service that can be obtain from https://www.google.com/recaptcha/intro/v3.html.
reCaptcha will be then used in Cookie authentication mode.