Securing MySQL

Here is my quick secure guide for MySQL:

• Rename root user account

  • mysql -u root -p
  • use mysql;
  • update user set user=”mydbadmin” where user=”root”;
  • flush privileges;

• Set the root password for database

  • mysqladmin -u mydbadmin password ‘the-new-password’

• Drop default test database

  • mysql -u mydbadmin -p
  • drop database test;
  • quit;

• Edit the MySQL server config

  • vi /etc/my.cnf and under [mysqld]
  • skip-networking <– Disables network access
  • set-variable=local-infile=0 <– prevent against unauthorized reading from local files
  • bind-address=127.0.0.1
  • restart mysql /etc/init.d/mysqld restart