MySQL Hardening – Easy one click hardening

Did you know that 77% of all websites have vulnerabilites? One major data breach is discovered every month? More info at this Oracle Report.

These vulnerabilities consist on Weak Access Controls, Weak authentication, lack of encryption, unsecured backups and so on.

Well, you have setup your database, known it’s time to give it a little bit of security, that’s what hardening is meant to be. In most cases it’s a group of best practices, changing some profile privilege, access, and that stuff, well, for our luck we can do this in only one simple command.

sudo mysql_secure_installation

This command would allow you to:

  • update the password plugin;
  • set a password for the root account (if one already exists, you can opt to keep it or change it);
  • remove root accounts that are accessible from outside the local host;
  • remove anonymous-user accounts; and
  • remove the test database and privileges that permit anyone to access databases with names that start with test_.

We really recommend that your MySQL instance should de Hardened since the moment you installed; this would help you avoid future problems, especially when you have users that have weak passwords.

Important notes

This process disallows remote administration; so if you want to use the root user you should reconfigure this function on your server; again it’s not recommended.

Here you have some more tips of securing your MySQL / Maria database (Link)

More information:

MySQL Reference Manual Security Guidelines




Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.