How to use MySQL_MySQL safely

Source: Internet
Author: User
MySQL has become one of the most widely used databases on the network. especially for Web applications, MySQL has the absolute advantage of small and medium-sized applications. All of this comes from its small and easy-to-use, secure and effective, open license, and multi-platform. What's more, it works perfectly with PHP, one of the three major Web languages.

However, unfortunately, a default and secure MySQL server will be vulnerable to overflow due to an empty root password and a program vulnerability, making the MySQL server frequently attacked. More seriously, the database is often damaged after being attacked, which may cause disastrous consequences. The following describes how to protect data.

Environment requirements

1. system environment

There is a Red Hat Linux 9.0 custom installation server. The system has installed GCC and some software packages, such as Apache and PHP. The first thing after installing the system is to upgrade the system software package. As a Web server, the system accepts requests from PHP scripts, and PHP uses the MySQL database to be installed below as the contact for dynamic release.

The requirements for partitioning are similar to those for General Systems. The only difference is that the/chroot and/tmp created later must be in the same partition.

2. security requirements

(1) MySQL runs in an independent (Chroot) environment;
(2) the mysqld process runs in an independent user/user group. The user and user group have no root directory, Shell, or other programs;
(3) modify the root account of MySQL and use a complex password;
(4) only allow local connection to MySQL. The network connection is disabled when MySQL is started;
(5) ensure that the nobody account used to connect to MySQL is disabled;
(6) delete the test database.

Install MySQL

1. installation preparation

Before installing MySQL, create a user and group to start MySQL according to the preceding security requirements.

# Groupadd mysql
# Useradd mysql-c "start mysqld's account"-d/dev/null-g mysql-s/sbin/nologin

2. Compile and install

Download the MySQL source code package:

# Wget


# Tar-zxvf mysql-4.0.16.tar.gz

Generally, MySQL is installed in/usr/local/mysql. you can adjust it if you have special requirements. However, this is of little significance, because Chrooting will be used later, and then only the customer tools here will be used, such as mysql, mysqladmin, and mysqldump. Compile and install the SDK.

#./Configure -- prefix =/usr/local/mysql
-- With-mysqld-user = mysql
-- With-unix-socket-path =/tmp/mysql. sock
-- With-mysqld-ldflags =-all-static
# Make & make install
# Strip/usr/local/mysql/libexec/mysqld
# Scripts/mysql_install_db
# Chown-R root/usr/local/mysql
# Chown-R mysql/usr/local/mysql/var
# Chgrp-R mysql/usr/local/mysql

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.