Database Security and Encryption

As a brief conclusion to this chapter, I should mention a few of the security issues to consider when using and administering your databases. Then I will demonstrate a few more MySQL functions that can be used to encrypt and decrypt data.

Security practices

If you have administrative-level control over your database, you should keep in mind the following:

  • Do not allow anonymous users to connect to MySQL.

  • Always require a password to connect to MySQL.

  • Require users to also specify a hostname. This limits from what computers users can and cannot access MySQL (although this requirement can be tedious).

  • Assign each user the absolute minimum required privileges.

  • Limit the root user to localhost access only.

  • Delete the ...

Get PHP and MySQL for Dynamic Web Sites: Visual Quickpro Guide, Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.