MySQL Users
Once you've secured the operating system, you need to lock down MySQL itself. The first step to doing this is to address the user accounts and privilege model.
- Set a strong password for the root@localhost account. The reasoning behind this should be obvious; there is no mechanism in MySQL for locking out a user if the password is guessed incorrectly a number of times. A brute-force attack on MySQL usernames and passwords is fairly effective, as MySQL worms have proven in the past. Setting strong passwords will help defend against the possibility of an attacker guessing yours.
- Remove all non-root MySQL users. During the initial setup phase it is important to know where you stand in terms of the users that have access to the database. The best approach is to strip the users down to the barest essentials — the root account — and then build up users as you need them.
- Rename the root MySQL user to something obscure. The root account in MySQL is a well-known account name; several publicly available tools, scripts, and exploits rely on the fact that there is an account named root. MySQL attaches no specific meaning to the account name root, so there's absolutely no reason why you can't rename it to something a little more obscure, like this:
update mysql.user set user='mysql_admin' where user='root';
- If remote connections are enabled, specify REQUIRE SSL in the GRANT statement used to set up the user. This is a slightly trickier configuration step that will enforce SSL encryption ...
Get The Database Hacker's Handbook: Defending Database Servers now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.