Shulou(Shulou.com)05/31 Report--

This article mainly shows you "what are the precautions for mysql security settings", which is easy to understand and clear. I hope it can help you solve your doubts. Let the editor lead you to study and learn this article "what are the precautions for mysql security settings?"

1. If the client-server connection needs to span and pass through an untrusted network, SSH tunneling is needed to encrypt the connection's traffic.

two。 Use the setpassword statement to change the user's password, three steps, first "mysql-uroot" to log in to the database system, then "mysql > updatemysql.usersetpassword=password ('newpwd')", and finally execute "flushprivileges".

3. The attacks that need to be guarded against eavesdropping, tampering, playback, denial of service, etc., do not involve availability and fault tolerance. Use security measures based on ACL, that is, access control lists, to complete all connections, queries, and other operations. There is also some support for SSL connections.

4. No user other than root is allowed to access the user table in the mysql master database

Once the encrypted user password stored in the user table is disclosed, others are free to use the corresponding database of the user name / password.

5. Use grant and revoke statements for user access control

6. Instead of using plaintext passwords, one-way hash functions such as md5 () and sha1 () are used to set the password

7. Do not choose the words in the dictionary as the password

8. Use firewalls to remove 50% of external hazards, let database systems work behind firewalls, or place them in DMZ zones

9. Use nmap to scan port 3306 from the Internet, or use the telnetserver_host3306 method to test. Access to the database server's port 3306 TCP from an untrusted network is not allowed, so it needs to be set up on the firewall or router.

10. In order to prevent malicious input of illegal parameters, such as whereID=234, but others enter whereID=234OR1=1 to cause full display, so use''or "" to use strings in web forms, adding% 22 for double quotes,% 23 for pound marks, and% 27 for single quotes in dynamic URL; it is very dangerous to pass unchecked values to the mysql database.

11. Check the size when passing data to mysql

twelve。 The application that needs to connect to the database should use a general user account and open only a few necessary permissions to that user.

The above is all the contents of the article "what are the considerations for mysql security settings?" Thank you for reading! I believe we all have a certain understanding, hope to share the content to help you, if you want to learn more knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.