You need to login to send post. No account yet? Create one:

Securing MySQL on VPS (for web design)

No replies

Thu, 09/01/2011 - 09:33

admin

MySQL database is heart of almost any Web application on Linux web server. As there all your precious data are stored, it needs a little hardening.

Two most important things you can do immediately and without any side effects:

Restrict remote access to localhost

That is really important - while nobody but your server have access to database, security is improved dramatically!

Just uncomment (or add) to [mysqld] section of my.cnf file row:

bind-address=127.0.0.1

Disable command "LOAD LOCAL INFILE"

This command is affecting not just MySQL but all computer - using it you can read content of any file on web server's hard drive. Don't give too much informations away so easily and add to [mysqld] section of my.cnf file:

set-variable=local-infile=0

This should be enough for majority of production sites, but if you wish more security (or for further reading), see article MySQL Security Best Practices.

Don't forget restart MySQL:

sudo /etc/init.d/mysql restart

Lucie Jancovicova
www.noble-drinks.co.uk

On the first page of The Google on choosen keywords in 2 months. Amazing! Our event articles are going automatically on recent if date passed - we never been such accurate before!

Thank you!

Gabriela Mark
www.ycpk.cz

Maintain PHP and HTML website is painful. I never imagine how easy could be do it in CMS by Seo Web Design Aberdeen before. Now can do that my assistant itself. Lovely :-)

All the Best!

www.seo-web-design-aberdeen.co.uk

Securing MySQL on VPS (for web design)

Restrict remote access to localhost

Disable command "LOAD LOCAL INFILE"