Posting in the Magento forums has been disabled pending the implementation of a new and improved forum solution which should better serve the community.
For new questions please post at magento.stackexchange.com, the community-run support site for the Magento community. We will be providing updates on the new forum solution soon. For questions or concerns please email firstname.lastname@example.org.
I’m just getting started using Magento and have been asked by a client to manage their current live store. As I’m poking around and starting to create a testing environment I noticed that access to their phpMyAdmin isn’t protected. This seems like a pretty big red flag to me in terms of security. Am I completely off base on this?