MySQL is a open source relational database
management system (RDBMS) that runs as a server providing
multi-user access to a number of databases .
Following are the ways to harden mysql
1. Disable remote Access
Add 'bind-address =127.0.0.1' to the 'mysqld' section of 'my.cnf ' file. You can find 'my.cnf' in '/etc/mysql'. You need root privilege to change the file.
2. Disable use of local infile
The "LOCAL INFILE" command can be used to gain access to other files on the operating system, for example "/etc/passwd".
To disable this add " set-variable=local-infile=0 " to the 'mysqld' section of 'my.cnf' file.
3. Change Default username and password
Login to mysql prompt and enter the following
RENAME USER root TO newuser
4. Remove default database
Use the following command to remove default database
drop database test
5. Root privilege to 'mysql' folder
The databases are stored in '/var/lib/mysql' . For security reasons enable root privilege to this folder
Following are the ways to harden mysql
1. Disable remote Access
Add 'bind-address =127.0.0.1' to the 'mysqld' section of 'my.cnf ' file. You can find 'my.cnf' in '/etc/mysql'. You need root privilege to change the file.
2. Disable use of local infile
The "LOCAL INFILE" command can be used to gain access to other files on the operating system, for example "/etc/passwd".
To disable this add " set-variable=local-infile=0 " to the 'mysqld' section of 'my.cnf' file.
3. Change Default username and password
Login to mysql prompt and enter the following
RENAME USER root TO newuser
4. Remove default database
Use the following command to remove default database
drop database test
5. Root privilege to 'mysql' folder
The databases are stored in '/var/lib/mysql' . For security reasons enable root privilege to this folder
No comments:
Post a Comment