MySQL security policy (MySQL security considerations) _mysql

Guide

MySQL is used in more and more business, in the key business of data security requirements are also higher, how to ensure MySQL data security?

Data security if only the MySQL application level is clearly not enough, it needs to be protected at multiple levels, including network, system, logic application layer, database layer and so on.
Here are some of the security policies we can draw on.

1, network, system level

There are a lot of things that can be done at this level, and we can put these security requirements into the automated installation solution as standard requirements for new system installations.

The server running MySQL in the intranet, do not enable public network;
Forced to enable public network, modify the sshd port to more than 10000;
Set firewall policy to allow only trusted servers to connect sshd and MySQL ports;

Modify Idrac/imm password, set grub password;

Set password security policy, such as requirements Pass_min_len not less than 8, in fact, it is best to use a complex password to do MD5 after the official password, 32-bit length of security is high enough bar;

The action log is logged into the syslog and sent to the remote log server, and cannot be stored locally;

In addition to the necessary account number, the other is set to no login permissions;

Try to separate the servers running MySQL from the Web server and app server. Must be put together, also set permissions to separate, do not allow Web server, app server process owners have direct access to the MySQL DataDir permissions;

Disables the AutoIndex configuration of the Web server layer;

If possible, use HTTPS instead of HTTP;

Key applications remain updated to avoid the risk of vulnerabilities in older versions;

Set the security policy of Nginx, PHP and other application services, disable the risk function, etc.

Can consider the purchase of some operators to provide security protection, scanners and other products;

Resolutely eliminate the two-force behavior, the key configuration files uploaded to the public network (such as the Company project code on the GitHub as a personal project, including intranet account password information).

2. Logic Application Layer

At this level, and so many are dependent on the operation and security awareness of developers, many of the low-level security vulnerabilities can be avoided can be completely dealt with at this level, such as the following mentioned in the XSS, CSRF, SQL injection and other vulnerabilities.
Try not to use open source on the public web CMS, blogs, forums and other systems, unless you have done code security audits, or a good security strategy in advance. Such systems are generally the focus of hackers research objects, it is easy to engage;

In the Web server layer, you can use some security modules, such as the Nginx WAF module;

In the app server layer, you can do code security audits, security scans, prevent XSS attacks, CSRF attacks, SQL injection, file upload attacks, bypassing cookie detection and other security vulnerabilities;

Applications involving account passwords such as the JDBC connection string configuration, as far as possible to encrypt the plaintext password storage, and then use the internal private decryption tool to decrypt and then use. Or you can let the application first use the middle account to connect the proxy layer, and then by proxy to connect MySQL, to avoid the application layer directly connected to MySQL;

The application tier enables critical logging, such as the transaction log, to facilitate subsequent reconciliation or something.

3. mysql Database layer

If the front layers are not safe enough, they are almost at risk on this floor. But we can still do something.

Enable the Safe-update option to avoid all table data being modified without a WHERE condition;

The preservation period of binlog will be lengthened to facilitate the subsequent audit and review;

Apply account only to select, UPDATE, insert permission, cancel delete permission. The logic that needs delete permission is changed to use update to realize, avoid physical deletion;

When a real deletion is required, the DBA will first back up and then physically delete it;

can be used Percona SQL Audit Plug-ins, it is said that there are macfee plug-ins;

You can also use triggers to do some ancillary functions, such as preventing hackers from maliciously tampering with data.

4, PostScript

Data security can do a lot of things, this article is only a list of some relatively simple to quickly implement the program. Each enterprise should have its own security policy norms, each participant should be in awe, and strive to comply with these necessary norms, not to make information security into empty talk.

The real data security, is to rely on the security of all people as a support, without this awareness by mechanism, system, tools are not reliable. In