Restrict general database access

MySQL's access control is very finely grained - you have got a great deal of control over who can do what, so you should take advantage of this to make sure you only allow in people you absolutely trust.

Be sure to remove the guest account, leaving only the root user plus any others you use. Secondly, if you are running your server locally and the PHP scripts are local also, you do not need to allow access to anyone from outside - disable accounts that do not have "localhost" as the host, and also consider blocking port 3306 (the MySQL port) on your firewall.

 

Next chapter: Restrict PHP database access >>

Previous chapter: Hiding PHP

Jump to:

 

Home: Table of Contents

Follow us on Identi.ca or Twitter

Username:   Password:
Create Account | About TuxRadar