Securing MySQL (and other databases)

By Blane Warrene

In light of recent news of massive intrusions into enterprise database systems holding sensitive customer information – it is obvious reminders on hardening databases is not old news. Especially considering some of the compromises were executed only because customer data was not encrypted.

Starting with MySQL – I have assembled several links I have collected over time on securing various dbs to make compromise that much more difficult. Some information is basic fundamentals – which is great for those just starting to explore these systems – along with some links to further reading.

Something to remember (and many readers have suggested they do this already) – always use ssh when administering your remote database servers. If using a GUI tool for remote admin – be sure to select an application that supports port forwarding to a secure port.

MySQL’s site has some solid basics as well as a great Security Focus article on building a strong MySQL installation.

Tips and techniques on some other popular systems include:

IBM’s DB2 – http://www.informit.com/articles/article.asp?p=102226&rl=1

Microsoft SQL Server:
1) http://www.sqlsecurity.com/DesktopDefault.aspx
2) http://www.microsoft.com/sql/techinfo/administration/2000/security/securingsqlserver.asp

Oracle – http://www.orafaq.com/faqdbase.htm

PostgreSQL – http://www.postgresql.org/docs/8.0/interactive/admin.html

  • Glasso

    Just Starting to use MySQL seriously. I timely post Blane …. Thanks

  • http://www.ajohnstone.com Andrew-J2000

    I ordered “High Performance MySQL” yesterday; however, i’m curious to know of any security tips for securing clustered enviroments for MySQL. Particuly replication…

  • danut

    I think taht mysql are one of the best part of web prgramming. Robust and also fragile.

    My opinion.



Learn Coding Online
Learn Web Development

Start learning web development and design for free with SitePoint Premium!

Instant Website Review

Use Woorank to analyze and optimize your website to improve your website to improve your ranking!

Run a review to see how your site can improve across 70+ metrics!

Get the latest in Front-end, once a week, for free.