Securing MySQL

Due to differing needs and requirements this is difficult to answer except on a case by case basis. The MySQL website has a section regarding general security of a MySQL database available here: http://dev.mysql.com/doc/refman/5.0/en/security.html

-Additionally some good practices are:

-Verify your root MySQL account password is set.

-Make sure that each account has a password set.

-Do not grant global privileges unnecessarily.

-Avoid using wildcards in the hostname value associated with accounts.

-Periodically review users and databases that are setup in MySQL.

-Do not use passwords on the command line. From the command line you can login to MySQL using "shell> mysql –u root –password=somepassword mysql" the problem with this is anyone on the server could view your password with a simple process list command "shell> ps". The correct usage would be: "shell> mysql –u root –p mysql", from this MySQL will prompt your for your password and it will not show up in the process list as plain text.

  • 961 Users Found This Useful
Was this answer helpful?

Related Articles

MySQL Optimization / Repair Information

How MySQL Uses MemoryThis page lists some of the ways that the mysqld server uses memory, and...

How can I monitor what my MySQL server is doing?

A handy little Linux application called Mytop fits this just perfectly. This is a near time...

How do I backup a MySQL database?

By logging into cPanel >> Backups you can download and restore any individual MySQL...

How to reset a mySQL password?

If you have lost your root user password for MySQL, you can reset it with the following...

Repairing MySQL tables

This should be handled on a case by case basis, but if you are using the default MySQL table type...