paloola
05-14-2008, 11:51 AM
Hi I have a vbulletin forum and my friend helped me install it. So he now knows my database password and username. Is there any risk involved I mean i was looking and I dont really see how he could do anything if he ever tried to, with my database pass/username
(I have changed my cpanel username/pass so he cannot get through there now but he still knows my database info..)
Peggy
05-14-2008, 01:11 PM
who are you hosted with? You should be able to change that info. But if you do, remember to also change it in the config.php file
paloola
05-14-2008, 06:25 PM
I have an external web host, anyways I asked them to change it and im waiting for their reply.
But he told me he could easily get to my database tables etc with the database username and password. But is that really possible even if he doesnt know my cpanel information..? :mad:
because the only way i can think of him getting to my database info is through phpmyadmin which he would get through /cpanel and he doesnt know that pass..
Dave A
05-14-2008, 11:10 PM
The problem is the username is essentially another access account into your backend. It might not get access to everything, but your db is your main treasure on a forum site.
Don't stuff around. Just change it. As much for your bud as for you.
One day something goes wrong with your database and you'll be sitting wondering "was that my bud?"
If he set up a cron job to backup your database and put the archive file somewhere he could get to it, then he would be able to download the file and view the data. If he set up a new FTP account with access to your server you don't know about, he could have access to a lot of things. He might even be able to have Shell access.
A person doesn't necessarily have to have access to your cPanel to gain access to other areas of your system.
Jim
paloola
05-15-2008, 07:27 AM
ok thanks, i will change it just in case.. my webhost emailed me how to change it..:D
