Mysql hardening and db security

Guys,
I have my questions with customer with db hardening with Mysql, do anyone here have any best practices
motioneyeAsked:
Who is Participating?
 
InsoftserviceConnect With a Mentor Commented:
Normally we do the fix in my.cnf /ini files .
please view the links
try out
mysql_secure_installation

http://www.greensql.com/articles/mysql-security-best-practices
http://security-24-7.com/hardening-guide-for-mysql-5-1-47-on-redhat-5-4-64bit-edition/
0
 
designatedinitializerConnect With a Mentor Commented:
1. Change mysql 'root' user password;
2. Disable remote access to mysql server;
3. Always create a db user for each db, and always grant that said user only the privileges needed on a daily basis. For instance, 99% of web applications won't be needing to ALTER, CREATE or DROP tables;
4. Use transactions;
5. Always encrypt passwords and sensitive information;
6. Use unreversible encryption (e.g. MD5) for passwords;
7. Log all errors;
8. Sanitize all input before performing your queries;
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.