MySQL Setup and Security

Installing MySQL:

apt-get install mysql-server

The above command installs MySQL server and its related components. you will be asked to setup a password for the root account.

Post Installation Measures:

Exposing MYSQL to External Applications:

Edit /etc/mysql/my.cnf and comment the line

bind-address =  127.0.0.1

you can change the port to some no standard ports by changing

port  =  3306 ----> any port you like

Restart Mysql server with

service mysql restart

This will expose your database, but there are no users that can connect to it. create a database and assign a user to it.

create database test;
grant all privileges on test.l* to test-user@"%" identified by "<some-secret-password>";

This way test-user can connect to database test from any PC.

Few Security tips:

1. If only applications are meant to be connected setup firewall rules to specific IP Addresses to connect to that port.
2. you can change location and encrypt mysql MySQL
3. change admin username from root.

The article was originally published at MicroPyramid blog.