Shulou(Shulou.com)06/01 Report--

I. MySQL server security specification

1. It is forbidden to apply directly connected DB, which is generally accessed through a proxy.

two。 Access to the DB public network is prohibited.

3. Interworking between production and office is prohibited, and the production environment and office environment should be separated.

4. Linux system initialization security options:

1), some alias, write / etc/profile to prevent misoperation

Alias clockwise clear'

Alias cp='cp-i'

Alias l.='ls-d. *-color=auto'

Alias ll='ls-l-color=auto'

Alias ls='ls-color=auto'

Alias mv='mv-i'

Alias rm='rm-i'

Alias MySQL='MySQL-U'

Where MySQL-U prevents update and delete from not specifying a condition and rejects the operation.

2) delete linux operation log information and MySQL operation history to avoid being dragged.

Rm .bash _ history .MySQL _ history

Ln-s / dev/null .bash _ history

Ln-s / dev/null. MySQL _ history

3) avoid "Too many open files"

OS limit: cat / etc/security/limits.conf,MySQL users can open 65535 file descriptors

MySQL soft nofile 65535

MySQL hard nofile 65535

My.cnf parameter modification:

Open_files_limit = 65535

Innodb_open_files=65535

5. MySQL initialization configuration security options:

1) reasonably plan the directory structure, write the recommended mechanical disk (binlog/slowlog/relaylog) in the log directory sequence, and write the recommended ssd in the data directory at random.

2). Set dedicated MySQL groups and users in MySQL-related directories. The MySQL background startup method cannot be launched with root, such as MySQL users.

3) set bind-address to intranet native IP.

4) modify the default service port number of MySQL. 3306 is not recommended. Different port numbers are set for different businesses.

5), by modifying max_connections and max_user_connections to control the maximum number of connections, overload protection.

6) enable safe-user-create, and the user cannot create a new user with the Grant statement unless the user has INSERT permission for the MySQL.user table.

7) disable local-infile=1 and turn on load data local file permissions to avoid data leakage and hacker attacks.

8) disable skip-grant-tables startup to prevent MySQL from bypassing the permission system

9), configure and add skip-name-resolve to prevent the hostname from being resolved.

10) skip-networking is prohibited, and other machines cannot use tcp/ip to connect.

11) disable symbolic-links=1 and turn off the soft link function.

2. MySQL account management security policy and system table related to MySQL permissions:

1. MySQL.USER table

2. MySQL.DB table

3. MySQL.TABLES_ copy table

4. MySQL.COLUMNS_ copy table

Top-down, step-by-step verification, step-by-step granularity control of account permissions

MySQL initialization:

1. Delete accounts whose online password length is less than 16.

two。 Delete a non-root account

3. Delete non-localhost and 127.0.0.1 accounts.

4. Delete test database

5. Account distinction: monitoring account, managing account, copying account, backing up account, application account

1), monitoring account (localhost and 127.0.0.1):

GRANT SELECT,PROCESS,REPLICATION CLIENT

2), backup account (localhost and 127.0.0.1):

GRANT SELECT,LOCK TABLES,RELOAD

3). Copy the account (corresponding to the main database ip):

GRANT REPLICATION SLAVE,REPLICATION CLIENT

4), manage account (corresponding to agent ip):

GRANT ALL PRIVILEGES

5), root account

Root passwords use a strong password policy with at least 32-bit random passwords. It is recommended to use pwgen and makepasswd to generate 32-bit random passwords, including uppercase and lowercase, numbers, letters and special characters.

The root account only authorizes localhost and 127.0.0.1 and cannot grant% permission.

The root account is recommended to be modified every 3 months. Different root passwords are set for different instances.

6), application account

a. The application account must not have permissions such as Super, Create, Drop, File,Grant,Reload,Shutdown,Process, etc.

b. Minimum permission principle: select,insert,update,delete permission. It is forbidden to set the account permission to all.

c. The application account must not have any permissions in the system database (MySQL) and cannot be authorized using *. *.

d. The application account only authorizes the database of the application to which it belongs, and only the IP or agent of the application to which it belongs.

E. MySQL slave library must add read-only, only select permission is given, and all is strictly prohibited, resulting in read-only invalidation.

f. The account password policy is the same as root, and it is recommended to modify it every 3 months.

III. MySQL data security strategy

1. Physical (xtrabackup) and logical (MySQLdump) combination of backup strategy, full + incremental + remote.

two。 Database backup files are played back regularly and the recoverability of backups is verified periodically.

3. When establishing delay database for important business systems or setting lvm policy when Linux initialization is adopted, snapshots can be flashback.

4. Suppose there is Binlog Server, and the data can be recovered in case of emergency.

Attached: MySQL command line prompt configuration

MySQL- uroot-p123456-- prompt= "MySQL-\\ v-> [\ r:\\ m:\\ s] [\\ u@\\ h:\\ d] >"

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.