Home arrow MySQL arrow Page 2 - MySQL Security Tips

Open port in your MySQL server - MySQL

If you are a web developer or administrator, aside from administering your web server, you should also be administering your MySQL database in terms of security. This database is open source and is commonly used with the PHP web server scripting language; tons of useful applications are being developed with this kind of setup. This is good, but it opens up issues, which we'll discuss here along with their solutions.

TABLE OF CONTENTS:
  1. MySQL Security Tips
  2. Open port in your MySQL server
  3. Weak MySQL password administration
  4. Properly assigned privileges
By: Codex-M
Rating: starstarstarstarstar / 5
November 05, 2009

print this article
SEARCH DEV SHED

TOOLS YOU CAN USE

advertisement

If you have configured your MySQL server to connect to the Internet, make sure it is behind a firewall to prevent remote attacks. If you are not protected, an attacker can initiate many attacks, including denial of service (DoS) attacks. If your server does not have proper authentication routines configured, they can even penetrate and compromise your server.

MySQL commonly uses port 3306. If you are running an Apache home-based server with MySQL in it, this port number might be exposed to the Internet. So make sure you have checked to see if this port is open, and that you only allow connections from trusted hosts. If not, you should close this port in a firewall, and open it only when it is highly necessary.

You can use this tool to scan your MySQL server for open ports.

Brute force attacks to your MySQL server

MySQL commonly asks for authentication if someone needs to log in to the server and access sensitive data. However, if you are using phpMyadmin to connect to the database, this is susceptible to brute force attacks.

To prevent brute force attacks, especially in a web -based interface using phpmyadmin, you need to add the patch mentioned in this update.

If you do not have full control of the phpmyadmin, which may be true in limited hosting accounts, then you cannot add that patch. Your only option is to contact your web host and ask if they have provided a layer of security to prevent brute force attacks, especially with the MySQL server. If they haven't, you can either ask them to upgrade, or switch to another hosting provider if you are really in need of brute force prevention.

The best way to provide brute force protection without changing phpMyadmin scripts or switching web hosts is by adding extremely strong passwords. In this case, any brute force attempts can take years before they succeed, if ever -- and most attackers will give up in that time.

Try to monitor your logs. If there is a series of failed login attempts, it is a sign that someone is planning to brute force the account. And then you can easily ban the IP using .htaccess or other methods.



 
 
>>> More MySQL Articles          >>> More By Codex-M
 

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort
   

MYSQL ARTICLES

- Oracle Unveils MySQL 5.6
- MySQL Vulnerabilities Threaten Databases
- MySQL Cloud Options Expand with Google Cloud...
- MySQL 5.6 Prepped to Handle Demanding Web Use
- ScaleBase Service Virtualizes MySQL Databases
- Oracle Unveils MySQL Conversion Tools
- Akiban Opens Database Software for MySQL Use...
- Oracle Fixes MySQL Bug
- MySQL Databases Vulnerable to Password Hack
- MySQL: Overview of the ALTER TABLE Statement
- MySQL: How to Use the GRANT Statement
- MySQL: Creating, Listing, and Removing Datab...
- MySQL: Create, Show, and Describe Database T...
- MySQL Data and Table Types
- McAfee Releases Audit Plugin for MySQL Users

Developer Shed Affiliates

 


Dev Shed Tutorial Topics: