Security Settings for MySQL 5.0.x in Linux

Open the/etc/my. cnf file and modify the following settings. If not, add it manually.

# Cancelling the external lock of the file system

Skip-locking

# Do not perform domain name anti-resolution, pay attention to the resulting permission/authorization issues

Skip-name-resolve

# Prohibit MySQL from using the "load data local infile" command. This command uses MySQL to read local files to the database, and then the user can obtain sensitive information illegally. Some attack methods circulating on the Internet are useful. It is also a method used by many new SQL Injection attacks!

Local-infile = 0

# Close the remote connection, that is, port 3306. This is the default listening port of MySQL. Because MySQL only serves local scripts, remote connection is not required. Although the built-in security mechanism of MySQL is very strict, listening to a TCP port is still dangerous, because if the MySQL program itself has problems, after unauthorized access, you can bypass the built-in security mechanism of MySQL. (Are you sure you do not need to connect to mysql remotely)

Skip-networking

After modifying my. cnf, you also need to adjust the mysql user name, account, and default database.

First, log on to mysql and enter/home/mysql/bin/mysql-u root-p in the terminal window.

Then, you will be prompted to enter the correct password. after entering the correct password, the mysql> prompt will appear.

Enter the following command:

Mysql> use mysql;

Mysql> update user set user = "CentOS" where user = "root"; (change the root user name of mysql to centos to prevent brute force cracking of the root password)

Mysql> select Host, User, Password, Select_priv, Grant_priv from user;

Mysql> delete from user where user = "; (delete user)

Mysql> delete from user where password = "; (delete user)

Mysql> delete from user where host = "; (delete user)

Mysql> drop database test; (delete the default test database)

Mysql> flush privileges; (refresh the mysql cache to make the preceding settings take effect immediately)

Mysql> quit;

To make the preceding optimization and security settings take effect, restart the Mysql service or Linux.