Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision | |||
mysql:security_tips [2013/01/02 17:51] 188.143.232.12 LmffUJPxOA |
mysql:security_tips [2013/01/03 09:09] (current) zagi old revision restored |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | It' | + | ====== MySQL Security tips ====== |
+ | |||
+ | **Never store the MySQL ‘root’ user password in a ~root/ | ||
+ | |||
+ | Do you need to store a MySQL password in a file? Yes. Connection management for your application is an example, however that use should never be ‘root’ user to connect to your application. | ||
+ | You may also need to run scripts to backup your data with mysqldump. The solution is to create a dedicated user .e.g. ‘backup’, | ||
+ | |||
+ | < | ||
+ | $ mysql -uroot -p[password] | ||
+ | mysql> create user dba@localhost identified by ' | ||
+ | mysql> grant all on *.* to dba@localhost with grant option; | ||
+ | mysql> exit | ||
+ | |||
+ | # Check you can really login | ||
+ | $ mysql -udba -pnewpassword | ||
+ | mysql> select host,user from mysql.user; | ||
+ | # Drop ' | ||
+ | mysql> drop user root@127.0.0.1; | ||
+ | mysql> drop user root@localhost; | ||
+ | mysql> drop user root@[hostname]; | ||
+ | mysql> select host,user from mysql.user; | ||
+ | mysql> exit | ||
+ | </ |