How can I find out who accessed phpmyadmin

Question

I would like to have a log file of every access to my phpmyadmin containing the account used, the remote ip, the date and time and whatever information that can be useful to track any unauthorized access or unauthorized attempt of access to it.

Do you know if the functionality is already built-in or if this is something I'll have to build myself ?

Thank you!

Answer 1

dont give up dude,finally I found solution....paste this code in xampp/phpmyadmin/index.php...and create newfile.txt..find finally you get ip log with date-time in newfile.txt.........best of luck!!

//==========ip log who accessed phpmyadmin===========

 date_default_timezone_set('Asia/Calcutta'); 
 $ip = getenv('REMOTE_ADDR');
 $time = date("Y-m-d H:i:s");
 $txt = $ip."=>".$time."%%%%%%%%";
 $myfile = file_put_contents('newfile.txt', $txt.PHP_EOL , FILE_APPEND | 
 LOCK_EX);
//=====================================================

Answer 2

phpmyadmin is simply a web application written in php. It is configurable in that you can authenticate in a number of ways. This configuration is done by editing the config.php file.

If you have people accessing the server via the public internet it is a very good idea to have this setup so that you can only access it using https, and phpmyadmin has a configuration setting that helps with this, forcing connections to use https.

As a web application, standard weblogs/apache access logs will give you most if not all the things you are looking for. There is nothing specifically in phpmyadmin that provides logging, as there is no administration system, but you could built in some basic logging beyond the web logs, in a small amount of time, although you would be patching it.