93 KiB
config.inc.php
Configuration
Almost all configurable data is placed in config.inc.php. If this file does not exist, please refer to the setup section to create one. This file only needs to contain the parameters you want to change from their corresponding default value in libraries/config.default.php.
If a directive is missing from your file, you can just add another line with the file. This file is for over-writing the defaults; if you wish to use the default value there's no need to add a line here.
The parameters which relate to design (like colors) are placed in themes/themename/layout.inc.php. You might also want to create config.footer.inc.php and config.header.inc.php files to add your site specific code to be included on start and end of each page.
Note
Some distributions (eg. Debian or Ubuntu) store config.inc.php in /etc/phpmyadmin instead of within phpMyAdmin sources.
Warning
Mac users should note that if you are on a version before Mac OS X, PHP does not seem to like Mac end of lines character (\r). So ensure you choose the option that allows to use the *nix end of line character (\n) in your text editor before saving a script you have modified.
Basic settings
Server connection settings
Generic settings
Cookie authentication options
Navigation panel setup
Main panel
Database structure
Browse mode
Editing mode
Export and import settings
Tabs display settings
PDF Options
Languages
Web server settings
Theme settings
Please directly modify
themes/themename/layout.inc.php, although your changes will be overwritten with the next update.
Design customization
Text fields
SQL query box settings
Web server upload/save/import directories
If PHP is running in safe mode, all directories must be owned by the same user as the owner of the phpMyAdmin scripts.
If the directory where phpMyAdmin is installed is subject to an open_basedir restriction, you need to create a temporary directory in some directory accessible by the PHP interpreter.
For security reasons, all directories should be outside the tree published by webserver. If you cannot avoid having this directory published by webserver, limit access to it either by web server configuration (for example using .htaccess or web.config files) or place at least an empty index.html file there, so that directory listing is not possible. However as long as the directory is accessible by web server, an attacker can guess filenames to download the files.
Various display setting
Page titles
Theme manager settings
Default queries
MySQL settings
Developer
Warning
These settings might have huge effect on performance or security.
Examples
See following configuration snippets for usual setups of phpMyAdmin.
Google Cloud SQL with SSL
To connect to Google Could SQL, you currently need to disable certificate verification. This is caused by the certficate being issued for CN matching your instance name, but you connect to an IP address and PHP tries to match these two. With verfication you end up with error message like:
Peer certificate CN=`api-project-851612429544:pmatest' did not match expected CN=`8.8.8.8'Warning
With disabled verification your traffic is encrypted, but you're open to man in the middle attacks.
To connect phpMyAdmin to Google Cloud SQL using SSL download the client and server certificates and tell phpMyAdmin to use them:
// IP address of your instance
$cfg['Servers'][2]['host'] = '8.8.8.8';
// Use SSL for connection
$cfg['Servers'][$i]['ssl'] = true;
// Client secret key
$cfg['Servers'][$i]['ssl_key'] = '../client-key.pem';
// Client certificate
$cfg['Servers'][$i]['ssl_cert'] = '../client-cert.pem';
// Server certification authority
$cfg['Servers'][$i]['ssl_ca'] = '../server-ca.pem';
// Disable SSL verification (see above note)
$cfg['Servers'][$i]['ssl_verify'] = false;:config$cfg['Servers'][$i]['ssl'], :config$cfg['Servers'][$i]['ssl_key'], :config$cfg['Servers'][$i]['ssl_cert'], :config$cfg['Servers'][$i]['ssl_ca'], :config$cfg['Servers'][$i]['ssl_verify']