• Skip to main content
  • Skip to primary sidebar
  • Skip to footer

securitywing

Menu
  • About
  • Must Read
      • IIS Performance Boost
      • RFID Security
      • Web App Security Testing
      • How to Secure Home Network
      • Prevent Cross-Site Scripting Attacks
      • Renew Self-Signed Certificates
      • Penetration Testing Tools
      • VPN Concentrator
      • Forensic Investigation Tools
      • Digital Certificates
      • Cloud Security Issues
      • Advanced Evasion Prevention
      • Firewall Types
      • Tips to Prevent Data Exfiltration
      • Classified Info Handling
      • MySQL Security
      • Definition of 7 Types of Malware
      • VOIP Security
      • Why Antivirus Software Fails
      • 15 Network Security Vulnerabilities
      • Web App Security
      • IT Security Standards
      • Types of Virtualization
      • Android Security
      • Digital Signature
      • Advanced Malware Protection
    • Close
  • Consultancy
  • Contact

MySQL Security Settings Checklist and Issues

by wing

Securing MySQL requires not only hardening the security configuration of your database itself but also the web server along with the operating system. As you know that most of the web hosting provider love Linux and Apache as part of their web-hosting solution, you need to make sure that your host is taking proper security measures to ensure tighter control of Apache and OS. Your main task will be to perform a few simple tasks or test on your MySQL to remove all the known and easy-to-solve security vulnerabilities of your database. And the good news is that if you are new website owner and reluctant to learn some basic SQL tricks to, then also you can fix the basic security settings of your database from PhPMySQLadmin interface of your Cpanel.

Unless you are hosting your website on your own server in your own premise, you should let the task of Apache and OS security setting to your hosting provider. Now, checkout the following  steps required for MySQL security:       

 

  • To ensure that your MySQL has the basic security protection, at first you have to make sure that remote access to your database has been blockThe Preventive action will reduce the risk of threats to your website from the outsider with a direct TCP/IP connection. The easiest way to disable remote access to your database is to delete the remote access persimmon to any particular host- you can do so with a click on your “remote MySQL” option in the database.
  • Change the default admin ID of your database. When you install your SQL database, normally, it takes the admin name of your web account as the prefix of SQL database, which makes your SQL database name quite predictable.
  • Update you MySQL regularly. After login on to MYsql admin check the current version of your mysql and then visit sql security page, where you will find all the latest security patches for mysql to cover the security weakness of the current version of the database. If you find your MySql is not updated, contact your host to update their database version.
  • In the Cpanel click on the PhPMyAdmin and then click on the” SQL” to run the “SHOW GRANTS” command. To execute the command click on the go button and then look out for the users who has the following privileges:

ALL PRIVILEGES

ALTER TABLES

GRANT ALL

CREATE

SHUTDOWN

KILL

UPDATE

 

mysql security
mysql security: SHOW GRANT command usage
  • Make sure that all the unnecessary databases have been removed and there is no unknown user except the approved and known users who has access to your database. You can do this verification from your PhPMyAdmin in the Cpanel. After clicking on your database name, just click on the database name users table to see all the users with granted access to the database. Use the edit button to modify users’ privileges, if required.
  • Always clear the history of mysql-history file. Not deleting the MQSQL history will keep track of who is using which commands. Normally, Linux stored this history file in the home directory as a plain text. To remove this file use the following command:

$ > ~/.mysql_history

  • Not allowing history from storing in your disk is another good option to get rid of mysql history file by setting the MYSQL_HISTFILE parameters to /dev/null and then storing this new setup in to your start-up shell files. I would recommend you not to delete the history file entire, rather you can think about renaming it and then clear the stored history record on regularly.
  • In case of remote backup of SQL database, always use SSH (secure socket shell)

To keep yourself updates with the security issues of MySQL, always search through the MySQL forums to learn about latest security concern of MySQL and ensure the following:

  1.  Database should run in a chrooted mode and the access right to this directory should be 755.
  2. Always change the database account and administrator account and maintaining the minimum password standard.
  3.  There should be not a single sample data in your database.
  4. Allow access to your database only locally, not remotely.

Related Posts:

  • 20 Types of Database Security to Defend Against Data Breach
  • 12 Things to Remember when Handling Classified Information
  • Database Security Issues and Countermeasures
  • Oracle Audit Setting Commands
  • Oracle Security Basics

Filed Under: Internet Security and Safety Tagged With: database, mysql, security tips

Primary Sidebar

CISSP Sample Test

Take a CISSP Sample Test

CISA IT governance Sample test



Twitter Follow @securitywing

Categories

  • AWS
  • containers
  • Internet Security and Safety
  • IS Audit
  • IT Security Exams
  • Network Security Tips
  • Off Track
  • Telecom
  • Tutorial

Pages

  • About
  • Best IT Security Certification Exam
  • CISA IT governance Sample test
  • CISA Sample Test
  • CISSP Sample Test Online
  • Consultancy
  • Contact

Popular Posts

  • 3 Steps to Install Miniku...
  • How to install a new Goda...
  • 63 Web Application Securi...
  • How to Renew Self-Signed...
  • How to Setup AWS CloudFro...
  • Host Based IDS vs Network...
  • 8 Effective Ways to Impro...
  • Active vs Passive FTP Mod...
  • Top 10 RFID Security Conc...
  • How to Configure AAA (TAC...

Footer

Copyrights

Protected by Copyscape Duplicate Content Detection Software

Securitywing.com reserves the copyrights of all of its published articles.No contents of this site is permitted to be published to anywhere else in the Internet.If any contents are found in any other websites, securitywing reserves the rights to file a DMCA complaint. But you have the right to use the link of any relevant article of this site to point from your website if you consider that it might improve the quality of your article.

Tags

antivirus audit AWS backup browser check cisco cloud computer cyber data database encryption firewall home hsrp ids informaiton internet intrusion it kubernetes linux load balancing malware network protection putty risk router security security tips server ssh SSL switch tools virus vpn vulnerability web webserver website windows wordpress

Copyright © 2010-2023 ·All Rights Reserved · SecurityWing.com