Find the Best Cosmetic Hospitals

Explore trusted cosmetic hospitals and make a confident choice for your transformation.

โ€œInvest in yourself โ€” your confidence is always worth it.โ€

Explore Cosmetic Hospitals

Start your journey today โ€” compare options in one place.

Managing MariaDB Root Password and Connection Behavior in XAMPP (Ubuntu)


โ˜๏ธ Introduction

When working with MariaDB/MySQL inside XAMPP on Ubuntu, many developers face confusing issues related to root password behavior, localhost vs 127.0.0.1 access, and authentication plugins.
This tutorial provides a comprehensive step-by-step guide to understand, troubleshoot, and secure your MariaDB setup.

โœ… Learn why password prompts behave differently,
โœ… How to fix broken authentication (even after using --skip-grant-tables),
โœ… And how to set up proper security best practices for production or local development.


๐Ÿ›‘ Problem: Different Behavior Between localhost and 127.0.0.1

You may notice:

  • When connecting via localhost, MariaDB allows login without password.
  • When connecting via 127.0.0.1, it asks for root password.

โœ… This is not a bug โ€” it’s due to different connection methods.

Connection TypeBehavior
localhostConnects via Unix Socket (auth_socket plugin)
127.0.0.1Connects via TCP/IP (password-based plugin)

In MariaDB, different plugins can authenticate based on how you connect.


๐Ÿ” How to Check Current User Authentication Plugins

Login to MariaDB (even without password if allowed):

sudo mysql -u root

Run:

SELECT user, host, plugin FROM mysql.user;
Code language: CSS (css)

Typical result:

userhostplugin
rootlocalhostauth_socket
root127.0.0.1mysql_native_password

๐Ÿ›  How to Fix: Make Root Always Require Password

By default, in Ubuntu XAMPP, root@localhost may use auth_socket, meaning system login, not password login.
To fix and enforce password login, change the authentication plugin.

โœ… Correct command for MariaDB:

ALTER USER 'root'@'localhost' IDENTIFIED BY 'yourStrongPassword';
FLUSH PRIVILEGES;
Code language: JavaScript (javascript)

โœ… After that:

  • Connecting via localhost or 127.0.0.1 both require password.
  • No automatic system user trust.

๐Ÿ›  What If You See --skip-grant-tables Error?

If you get:

ERROR 1290 (HY000): The MariaDB server is running with the --skip-grant-tables option
Code language: JavaScript (javascript)

It means:

  • Grant tables are disabled,
  • You cannot ALTER USER or SET PASSWORD.

โœ… Solution:

  1. Stop MariaDB:
sudo /opt/lampp/lampp stopmysql
  1. Start MariaDB normally:
sudo /opt/lampp/lampp startmysql
  1. Then login and fix password properly.

๐Ÿ“ฆ How to Check and Remove Permanent --skip-grant-tables

Sometimes, --skip-grant-tables is accidentally set in XAMPPโ€™s MariaDB configuration.

Check file:

sudo nano /opt/lampp/etc/my.cnf

Look for:

skip-grant-tables

โœ… If found, comment it out:

#skip-grant-tables
Code language: CSS (css)

โœ… Then restart MariaDB.


๐Ÿ”ฅ Best Practices to Secure MariaDB on Ubuntu (especially inside XAMPP)

PracticeWhy It Matters
Always set a strong password for rootPrevent unauthorized access
Disable root remote loginroot should only login from localhost
Create a new admin userUse adminuser@localhost for your apps instead of root
Keep your MariaDB updatedGet latest security patches
Secure XAMPP itselfPassword-protect XAMPP dashboard and phpMyAdmin

๐Ÿ›  How to Create a New Admin User (Recommended)

  1. Login:
mysql -u root -p
  1. Run:
CREATE USER 'adminuser'@'localhost' IDENTIFIED BY 'yourSecurePassword123!';
GRANT ALL PRIVILEGES ON *.* TO 'adminuser'@'localhost' WITH GRANT OPTION;
FLUSH PRIVILEGES;
Code language: JavaScript (javascript)

โœ… Now you can use adminuser safely for all database operations.


๐Ÿ“‹ Summary Checklist

ActionDone?
Fix root password with ALTER USERโœ…
Restart MariaDB without --skip-grant-tablesโœ…
Remove skip-grant-tables from my.cnfโœ…
Disable root remote access (optional)โœ…
Create separate admin user for appsโœ…

๐Ÿš€ Final Notes

  • When using MariaDB with XAMPP in Ubuntu, always verify connection method differences (localhost vs 127.0.0.1).
  • Ensure MariaDB server runs without –skip-grant-tables for full security.
  • Don’t use root for web apps โ€” create a limited user.
  • Always restart XAMPP cleanly after major database config changes.

๐Ÿง  Pro Tip

If youโ€™re planning to expose XAMPP or MariaDB over the internet (even in test environments):

  • Enable SSL/TLS for MySQL connections.
  • Use firewall rules to restrict IP access.
  • Prefer SSH tunnels for remote database connections instead of direct port opening.

๐Ÿ“ข Conclusion

“A secure database setup begins with understanding the basics: authentication, connection types, and privilege management.”

Following the steps in this tutorial will ensure you have a properly secured and consistent MariaDB environment inside XAMPP, ready for both development and production testing.

Stay secure. Happy coding! ๐Ÿš€


โœ… Ready-To-Use Final Command Set (Summary)

sudo /opt/lampp/lampp stopmysql
sudo nano /opt/lampp/etc/my.cnf   # Comment out skip-grant-tables if exists
sudo /opt/lampp/lampp startmysql

mysql -u root -p

ALTER USER 'root'@'localhost' IDENTIFIED BY 'YourStrongPassword!';
FLUSH PRIVILEGES;

CREATE USER 'adminuser'@'localhost' IDENTIFIED BY 'yourSecurePassword123!';
GRANT ALL PRIVILEGES ON *.* TO 'adminuser'@'localhost' WITH GRANT OPTION;
FLUSH PRIVILEGES;
EXIT;
Code language: PHP (php)

โœ… Done!

Find Trusted Cardiac Hospitals

Compare heart hospitals by city and services โ€” all in one place.

Explore Hospitals
I'm Rajesh Kumar, a DevOps, SRE, DevSecOps, Cloud, and Platform Engineering expert passionate about sharing practical knowledge, real-world experiences, and industry best practices. I have worked at Cotocus and regularly write about technology, travel, investing, health, product reviews, and digital marketing through my various platforms. I publish technical articles at DevOps School, travel stories at Holiday Landmark, stock market insights at Stocks Mantra, health and fitness guidance at My Medic Plus, product reviews at TrueReviewNow, and SEO and digital marketing strategies at Wizbrand.

Related Posts

Top 10 AI SEO Tools in 2026: Features, Pros, Cons & Comparison

Introduction In 2026, AI SEO tools have become indispensable for digital marketers, businesses, and content creators aiming to dominate search engine rankings. These tools leverage artificial intelligence…

Read More

Top 10 Product Lifecycle Management (PLM) Tools in 2026: Features, Pros, Cons & Comparison

Introduction Product Lifecycle Management (PLM) is a strategic approach to managing a productโ€™s journey from conception through design, manufacturing, and end-of-life. In 2026, PLM software has evolved…

Read More

Top 10 Patch Management Tools in 2026: Features, Pros, Cons & Comparison

Introduction: The Importance of Patch Management in 2026 In 2026, as cyber threats evolve and technology becomes more complex, patch management tools are critical for maintaining cybersecurity…

Read More

Top 10 Headless CMS Tools in 2026: Features, Pros, Cons & Comparison

Introduction In 2026, Headless Content Management Systems (CMS) have become the go-to solution for businesses seeking flexibility, scalability, and a modern approach to content management. Unlike traditional…

Read More

Top 10 AI Lead Scoring Tools in 2026: Features, Pros, Cons & Comparison

Introduction In 2026, AI lead scoring tools have become indispensable for B2B and B2C businesses aiming to optimize their sales pipelines. These tools leverage artificial intelligence to…

Read More

Top 10 AI Portfolio Optimization Tools in 2026: Features, Pros, Cons & Comparison

Introduction Investment management has always been about making smart choices at the right time. Traditionally, this required endless hours of research, manual calculations, and intuition. But in…

Read More
Subscribe
Notify of
guest
1 Comment
Newest
Oldest Most Voted
Jason Mitchell
Jason Mitchell
22 days ago

A commonly overlooked aspect in managing MariaDB root password behavior in XAMPP on Ubuntu is how different connection methods affect authentication results. In practice, the difference between using localhost and 127.0.0.1 often causes confusion because one may use a Unix socket while the other relies on TCP authentication, leading to inconsistent login behavior even when credentials appear correct.
Another gap is the reliance on default or simplified authentication setups in local XAMPP environments, where root access may initially be passwordless or tied to socket-based authentication. While convenient for development, this can create misalignment when moving toward more secure or production-like configurations where stricter authentication rules apply.
There is also limited focus on secure recovery practices, especially when using methods like --skip-grant-tables. Although useful for troubleshooting, this approach temporarily disables critical security controls and should be handled carefully to avoid exposing the database to unauthorized access during recovery operations.
In real-world usage, a better approach is to avoid using root for application connections and instead implement dedicated users with restricted privileges, along with consistent authentication settings. This helps maintain security, reduces configuration drift, and ensures smoother transitions between development, staging, and production environments.

1
0
Would love your thoughts, please comment.x
()
x