Shulou(Shulou.com)05/31 Report--

This article is to share with you what the MySQL security configuration scheme has. The editor thinks it is very practical, so share it with you as a reference and follow the editor to have a look.

MySQL security configuration scheme

Create a new account and give the account all permissions in the database used. This can not only ensure the full operation of the website to the corresponding database, but also ensure that the account will not affect the security because of the high authority.

1. Restrict access to ip of mysql port

Windows can be restricted through windows firewall or ipsec, and under linux through iptables.

2. Modify the port of mysql

Windows can modify the configuration file my.ini to achieve, linux can modify the configuration file my.cnf to achieve.

3. Set a strong password for all users and strictly specify the access ip of the corresponding account

In mysql, you can specify the user's access to ip in the user table

4. Processing of root privileged account

It is recommended to set a strong password for the root account and specify that only local login is allowed.

5. Log processing

If you need to open the query log, the query log will record the login and query statements.

6. Mysql process running account

It is forbidden to use localsystem to run the mysql account under windows. You can consider using networkservice or create a new account yourself, but you must give read permission to the directory where the mysql program resides and read and write permissions to the data directory; under linux, create a new mysql account and specify mysql to run as the mysql account during installation, giving read permission to the directory where the program resides and read and write permissions to the directory where the data is located.

7. Disk permissions of mysql running account

1) the mysql account needs to give read permissions to the directory where the program resides, as well as read and write permissions to the data directory. 2) other directories are not allowed to write and execute, especially those with websites. 3) cancel the execution authority of the mysql running account for some programs such as cmd,sh.

8. Deal with the mysql account used by the website

An account that gives all permissions to a single database will not have administrative privileges such as super,process,file. Of course, if you can clearly know what permissions my site needs, or do not give more permissions, because many times publishers do not know what permissions the site needs, I recommend the above configuration. And I mean general-purpose, specific to only a few machines, not many cases, I personally suggest to give only the necessary permissions, specific can refer to the recommendations in the table above.

9. Delete useless databases

Test database has default permissions for newly created accounts. Original link: 1.mysql user management and permissions settings 2. Detailed interpretation of permissions in MySQL

Thank you for reading! This is the end of this article on "what is the MySQL security configuration scheme?". I hope the above content can be of some help to you, so that you can learn more knowledge. if you think the article is good, you can share it for more people to see!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.