Secure MySQL

Once you have created a new database and user for your application, connect to your MySQL server and follow these recommendations:

  • Disallow root login remotely:

    mysql> DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '', '::1');

    Don’t forget to reload the privileges tables to apply the changes:

  • Change your root user password.

  • It is strongly recommended that you do not have empty passwords for any user accounts when using the server for any production work.

The configuration adopted by the slaves when connecting to the master is set using the “CHANGE MASTER TO” syntax. Replication slaves store the password for the replication master in the master info repository. In case you receive the following warning message in the log file of MySQL you can use the “START SLAVE” syntax to specify credentials for connecting to the master.

IMPORTANT: Storing MySQL user name or password information in the master info repository is not secure and is therefore not recommended. Please consider using the USER and PASSWORD connection options for START SLAVE; see the ‘START SLAVE Syntax’ in the MySQL official documentation for more information.

Last modification October 21, 2020