Database Security and Encryption

As a brief conclusion to this chapter, I should mention a few of the security issues to consider when using and administering your databases. Then I will demonstrate a few more MySQL functions that can be used to encrypt and decrypt data.

Security practices

If you have administrative-level control over your database, you should keep in mind the following:

  • Do not allow anonymous users to connect to MySQL.

  • Always require a password to connect to MySQL.

  • Require users to also specify a hostname. This limits from what computers users can and cannot access MySQL (although this requirement can be tedious).

  • Assign each user the absolute minimum required privileges.

  • Limit the root user to localhost access only.

  • Delete the ...

Get PHP and MySQL for Dynamic Web Sites: Visual Quickpro Guide, Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.