Solved

Mysql hardening and db security

Posted on 2012-03-30
2
539 Views
Last Modified: 2012-04-11
Guys,
I have my questions with customer with db hardening with Mysql, do anyone here have any best practices
0
Comment
Question by:motioneye
2 Comments
 
LVL 7

Assisted Solution

by:designatedinitializer
designatedinitializer earned 250 total points
ID: 37789674
1. Change mysql 'root' user password;
2. Disable remote access to mysql server;
3. Always create a db user for each db, and always grant that said user only the privileges needed on a daily basis. For instance, 99% of web applications won't be needing to ALTER, CREATE or DROP tables;
4. Use transactions;
5. Always encrypt passwords and sensitive information;
6. Use unreversible encryption (e.g. MD5) for passwords;
7. Log all errors;
8. Sanitize all input before performing your queries;
0
 
LVL 15

Accepted Solution

by:
Insoftservice earned 250 total points
ID: 37799588
Normally we do the fix in my.cnf /ini files .
please view the links
try out
mysql_secure_installation

http://www.greensql.com/articles/mysql-security-best-practices
http://security-24-7.com/hardening-guide-for-mysql-5-1-47-on-redhat-5-4-64bit-edition/
0

Featured Post

Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

Join & Write a Comment

A lot of articles have been written on splitting mysqldump and grabbing the required tables. A long while back, when Shlomi (http://code.openark.org/blog/mysql/on-restoring-a-single-table-from-mysqldump) had suggested a “sed” way, I actually shell …
Does the idea of dealing with bits scare or confuse you? Does it seem like a waste of time in an age where we all have terabytes of storage? If so, you're missing out on one of the core tools in every professional programmer's toolbox. Learn how to …
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now