Due to differing needs and requirements this is difficult to answer except on a case by case basis. The MySQL website has a section regarding general security of a MySQL database available here: http://dev.mysql.com/doc/refman/5.0/en/security.html
Additionally some good practices are:
- Verify your root MySQL account password is set
- the test account and database that were created during the initial installation
- Login to mysql as root, from the command prompt “shell> mysql –u root –p mysql” and enter the password when prompted
- mysql> drop database test;
- mysql> use mysql;
- mysql> delete from user where user='test';
- mysql> delete from user where user='';
- mysql> flush privileges;
- Make sure that each account has a password set
- Do not grant global privileges unnecessarily
- Avoid using wildcards in the hostname value associated with accounts
- Periodically review users and databases that are setup in MySQL
- Do not use passwords on the command line. From the command line you can login to MySQL using "shell> mysql –u root –password=somepassword mysql" the problem with this is anyone on the server could view your password with a simple process list command "shell> ps". The correct usage would be: "shell> mysql –u root –p mysql", from this MySQL will prompt your for your password and it will not show up in the process list as plain text.
Note: There are many excellent articles available on the web for MySQL security. Go to your search engine of choice and search “securing mysql” and you should have reading for weeks.
Was this answer helpful?
The MySQL website has a complete reference manual with search capabilities available on their...
How MySQL Uses MemoryThis page lists some of the ways that the mysqld server uses memory, and...
If you have lost your root user password for MySQL, you can reset it with the following...
1. Copying from the mysql directoryBy default, MySQL databases on servers that use Linux are...
This should be handled on a case by case basis, but if you are using the default MySQL table type...