If the MySQL database is enabled on the server, note the following security settings for the MySQL database:
Delete all default users in mysql, retain only the local root account, and add a complex password to the root user. Grant the updatedeletealertcreatedrop permission to a common user and limit it to a specific database. In particular, avoid having the common user the permission to operate the mysql database. Check the mysql. user table and cancel unnecessary shutdown_priv, reload_priv, process_priv, and File_priv permissions. These permissions may leak more server information including non-mysql information. You can set a startup user for mysql. This user only has permissions on the mysql directory. Set the permission of the data database in the installation directory (this directory stores the data information of the mysql database ). Add read, column directory, and execution permissions to users in the mysql installation directory.