Some of the security recommendations while using MySQL are as follows:
1. Access to the user table should never be given to avoid SQL injection attacks.
2. Privileges such as GRANT and REVOKE must be made use of.
3. SHOW GRANTS can be used to see the list of users who have access.
4. Never run the MySQL server as the Unix root user
5. Do not store the cleartext passwords in your database.
6. Do not choose the passwords from the dictionaries.
7. Invest in a firewall. This protects you from at least 50% of all types of exploits in any software. Put MySQL behind the firewall or in a demilitarized zone (DMZ).
8. Applications that access MySQL should not trust any data entered by users, and should be written using proper defensive programming techniques.
9. Do not transmit plain (unencrypted) data over the Internet. This information is accessible to everyone who has the time and ability to intercept it and use it for their own purposes. Instead, use an encrypted protocol such as SSL or SSH. MySQL supports internal SSL connections. Another technique is to use SSH port-forwarding to create an encrypted (and compressed) tunnel for the communication.
0 Comments