# Host '%s' is not allowed to connect to this MySQL server



## rtwingfield (Dec 28, 2015)

I just upgraded an installation from FreeBSD 10.1 RELEASE to v10.2.  Also updated all ports.  Now, databases/phpmyadmin will not connect to the mysqld (mysql-server).  The following message is announced; however, I can find no logged information.

This vendor URL lists only the error message by the number:
http://dev.mysql.com/doc/refman/5.7/en/error-messages-server.html

```
Error: 1130 SQLSTATE: HY000 (ER_HOST_NOT_PRIVILEGED)

Message: Host '%s' is not allowed to connect to this MySQL server
```

I have no idea how to resolve this.  (It worked prior to the upgrade.)


----------



## rtwingfield (Jan 4, 2016)

I have continued to pursue a solution to this problem.  Essentially, I believe the problem lies with the phpMyAdmin configuration regarding the designation of user id and password.

To wit, MySQL is fully functional from a command line, but phpMyAdmin continues to fail with error 





> #2006 - MySQL server has gone away


 . . .if the system generated config.inc.php script is configured as follows:

```
<?php
/*
* Generated configuration file
* Generated by: phpMyAdmin 4.5.3 setup script
* Date: Mon, 04 Jan 2016 10:55:10 -0600
*/

$i = 0;

/* Server: Bravo [1] */
$i++;
$cfg['Servers'][$i]['verbose'] = 'Bravo';
$cfg['Servers'][$i]['host'] = 'localhost';
$cfg['Servers'][$i]['port'] = 3306;
$cfg['Servers'][$i]['socket'] = '/tmp/mysql.sock';
$cfg['Servers'][$i]['ssl'] = true;
$cfg['Servers'][$i]['connect_type'] = 'tcp';
$cfg['Servers'][$i]['nopassword'] = true;
$cfg['Servers'][$i]['auth_type'] = 'cookie';
// $cfg['Servers'][$i]['user'] = 'root';
$cfg['Servers'][$i]['user'] = '';
$cfg['Servers'][$i]['password'] = '';

$cfg['blowfish_secret'] = '9999999999999.99999999';
$cfg['DefaultLang'] = 'en';
$cfg['ServerDefault'] = 1;
$cfg['UploadDir'] = '';
$cfg['SaveDir'] = '';
?>
```
(BTW, I have obfuscated the auto-generated _blowfish secret_.)
I have read that if "cookie" authorization is used, then userid and password should be left blank.  This avoids having the values "hard-coded" and _vulnerable_ in the php script.  The system setup script auto generated the "root" value for userid; however, manually editing a change to blank (NULL ?) value also produces the same failed result.

Experimenting with 'auth_type' set to 'config' results with the following complaint":


> *Error*
> *MySQL said: *
> 
> 
> ...


What is phpMyAdmin looking for?

The following is quoted from the phpMyAdmin 4.5.3 documentation:


> Many people have difficulty understanding the concept of user management with regards to phpMyAdmin. When a user logs in to phpMyAdmin, that username and password are passed directly to MySQL. phpMyAdmin does no account management on its own (other than allowing one to manipulate the MySQL user account information); all users must be valid MySQL users.


. . .so if I have created the following user in the MySQL User table:

```
mysql> select Host, User, Password from user;
+--------------------+----------+-------------------------------------------+
| Host  | User  | Password  |
+--------------------+----------+-------------------------------------------+
| bravo.qwerty.net | pizza  | hotpie9  |
| bravo.qwerty.net | mysql  | 9999999999*obfuscated*999999999999|
+--------------------+----------+-------------------------------------------+
2 rows in set (0.00 sec)
```
. . .then why does the system fail with the *#2006 - MySQL server has gone away* message?  This regardless of whatever userid and password provided to the phpMyAdmin login prompt.


----------

