Securing MySQL (and other databases)

By Blane Warrene

In light of recent news of massive intrusions into enterprise database systems holding sensitive customer information – it is obvious reminders on hardening databases is not old news. Especially considering some of the compromises were executed only because customer data was not encrypted.

Starting with MySQL – I have assembled several links I have collected over time on securing various dbs to make compromise that much more difficult. Some information is basic fundamentals – which is great for those just starting to explore these systems – along with some links to further reading.

Something to remember (and many readers have suggested they do this already) – always use ssh when administering your remote database servers. If using a GUI tool for remote admin – be sure to select an application that supports port forwarding to a secure port.

MySQL’s site has some solid basics as well as a great Security Focus article on building a strong MySQL installation.

Tips and techniques on some other popular systems include:

IBM’s DB2 – http://www.informit.com/articles/article.asp?p=102226&rl=1

Microsoft SQL Server:
1) http://www.sqlsecurity.com/DesktopDefault.aspx
2) http://www.microsoft.com/sql/techinfo/administration/2000/security/securingsqlserver.asp

Oracle – http://www.orafaq.com/faqdbase.htm

PostgreSQL – http://www.postgresql.org/docs/8.0/interactive/admin.html

Free Guide:

7 Habits of Successful CTOs

"What makes a great CTO?" Engineering skills? Business savvy? An innate tendency to channel a mythical creature (ahem, unicorn)? All of the above? Discover the top traits of the most successful CTOs in this free guide.

  • Glasso

    Just Starting to use MySQL seriously. I timely post Blane …. Thanks

  • http://www.ajohnstone.com Andrew-J2000

    I ordered “High Performance MySQL” yesterday; however, i’m curious to know of any security tips for securing clustered enviroments for MySQL. Particuly replication…

  • danut

    I think taht mysql are one of the best part of web prgramming. Robust and also fragile.

    My opinion.

Because We Like You
Free Ebooks!

Grab SitePoint's top 10 web dev and design ebooks, completely free!

Get the latest in Front-end, once a week, for free.