Skip to main content

Overview

This page covers common database-related errors in DVWA, including access denied errors, connection issues, and authentication method problems.

Database Configuration

The default database variables in config/config.inc.php: 
$_DVWA[ 'db_server'] = '127.0.0.1';
$_DVWA[ 'db_port'] = '3306';
$_DVWA[ 'db_user' ] = 'dvwa';
$_DVWA[ 'db_password' ] = 'p@ssw0rd';
$_DVWA[ 'db_database' ] = 'dvwa';

Common Database Errors

Error Message

Database Error #1045: Access denied for user 'notdvwa'@'localhost' (using password: YES).
This error means the username or password in the config file do not match those configured on the database.The error is telling you that you are using the username notdvwa.Video Help

Troubleshooting Steps

1. Double check the config fileVerify what you think you put in the config file is what is actually there.2. Test database login from command lineAssuming you have a database user of dvwa and a password of p@ssw0rd, run:
mysql -u dvwa -pp@ssw0rd -D dvwa
There is no space after the -p
3. Interpret the resultsIf successful, you’ll see:
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 14
Server version: 10.3.22-MariaDB-0ubuntu0.19.10.1 Ubuntu 19.10

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [dvwa]>
As you can connect on the command line, it is likely something wrong in the config file. Double check that and then raise an issue if you still can’t get things working.If you see this error:
ERROR 1045 (28000): Access denied for user 'dvwa'@'localhost' (using password: YES)
The username or password you are using is wrong. Repeat the Database Setup steps and make sure you use the same username and password throughout the process.

Error Message

SQL: Access denied for user 'dvwa'@'localhost' to database 'notdvwa'
This error says you have pointed the config file at the wrong database. It is saying that you are using the user dvwa and trying to connect to the database notdvwa.Video Help

Command Line Test

If you get the following when testing the database connection:
ERROR 1044 (42000): Access denied for user 'dvwa'@'localhost' to database 'dvwa'
The user credentials are correct but the user does not have access to the database. Repeat the setup steps and check the database name you are using.

Error Message

Fatal error: Uncaught mysqli_sql_exception: Connection refused in /var/sites/dvwa/non-secure/htdocs/dvwa/includes/dvwaPage.inc.php:535
This means your database server is not running or you’ve got the wrong IP address in the config file.Video Help

Troubleshooting Steps

1. Check the config fileVerify the database server location:
$_DVWA[ 'db_server' ]   = '127.0.0.1';
2. Check if MariaDB is running (Linux)
systemctl status mariadb.service
You are looking for something like this (the important bit is active (running)):
 mariadb.service - MariaDB 10.5.19 database server
     Loaded: loaded (/lib/systemd/system/mariadb.service; enabled; preset: enabled)
     Active: active (running) since Thu 2024-03-14 16:04:25 GMT; 1 week 5 days ago
3. Start MariaDB if not running
sudo systemctl start mariadb.service
Use sudo and make sure you put your Linux user password in if requested.
For Windows: Check the status in the XAMPP console.

Error Message

ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
This is not an authentication issue but tells you that the database server is not running.

Solution

Database Error #2002: No such file or directoryStart the database server:
sudo service mysql start

Error Message

Database Error #2054: The server requested authentication method unknown to the client.
With the most recent versions of MySQL, PHP can no longer talk to the database in its default configuration.

Solution Options

Option 1: Switch to MariaDB (Recommended)The easiest solution is to uninstall MySQL and install MariaDB. Follow the official guide from the MariaDB project:How to Migrate from MySQL to MariaDBOption 2: Configure MySQL Native PasswordStep 1: As root, edit the file /etc/mysql/mysql.conf.d/mysqld.cnfStep 2: Under the line [mysqld], add:
default-authentication-plugin=mysql_native_password
Step 3: Restart the database:
sudo service mysql restart
Step 4: Check the authentication method for your database user:
mysql> select Host,User, plugin from mysql.user where mysql.user.User = 'dvwa';
+-----------+------------------+-----------------------+
| Host      | User             | plugin                |
+-----------+------------------+-----------------------+
| localhost | dvwa             | caching_sha2_password |
+-----------+------------------+-----------------------+
1 rows in set (0.00 sec)
Step 5: If you see caching_sha2_password, run:
mysql> ALTER USER dvwa@localhost IDENTIFIED WITH mysql_native_password BY 'p@ssw0rd';
Step 6: Re-run the check. You should now see mysql_native_password:
mysql> select Host,User, plugin from mysql.user where mysql.user.User = 'dvwa';
+-----------+------+-----------------------+
| Host      | User | plugin                |
+-----------+------+-----------------------+
| localhost | dvwa | mysql_native_password |
+-----------+------+-----------------------+
1 row in set (0.00 sec)
After all that, the setup process should now work as normal.For more information see: PHP MySQLi Requirements

The Problem

There are a few reasons you could be getting these errors, but the most likely is the version of database server you are running is not compatible with the version of PHP.This is most commonly found when you are running the latest version of MySQL as PHP and it do not get on well.

Solution

Best advice: Ditch MySQL and install MariaDB as this is not something we can support.For more information, see:Fix MySQL server has gone away and Packets out of order

The Problem

You may be running into problems with SELinux.

Solution

Either disable SELinux or run this command to allow the web server to talk to the database:
setsebool -P httpd_can_network_connect_db 1

MariaDB vs MySQL

The site will work with MySQL instead of MariaDB but we strongly recommend MariaDB as it works out of the box whereas you have to make changes to get MySQL to work correctly.

Creating Database User for MariaDB

If you are using MariaDB rather than MySQL (MariaDB is default in Kali), then you can’t use the database root user. You must create a new database user. To do this, connect to the database as the root user then use the following commands: 
MariaDB [(none)]> create database dvwa;
Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> create user dvwa@localhost identified by 'p@ssw0rd';
Query OK, 0 rows affected (0.01 sec)

MariaDB [(none)]> grant all on dvwa.* to dvwa@localhost;
Query OK, 0 rows affected (0.01 sec)

MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.00 sec)

Build docs developers (and LLMs) love

Get started for freeTalk to us