Secure MariaDB
Once you have created a new database and user for your application, connect to your MariaDB server and follow these recommendations:
-
Disallow root login remotely:
IMPORTANT: Please ensure the mysql.user table includes a ‘root’@‘localhost’ entry. Otherwise, you will lose admin access to the database when running the next command
MariaDB> DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');
Don’t forget to reload the privileges tables to apply the changes:
MariaDB> FLUSH PRIVILEGES;
-
It is strongly recommended that you do not have empty passwords for any user accounts when using the server for any production work.
The configuration adopted by the replica nodes when connecting to the the primary is set using the “CHANGE MASTER TO” syntax. Replication nodes store the password for the replication in the primary info repository. In case you receive the following warning message in the log file of MariaDB you can use the “START SLAVE” syntax to specify credentials for connecting to the primary node.
IMPORTANT: Storing MariaDB user name or password information in the primary info repository is not secure and is therefore not recommended. Please consider using the USER and PASSWORD connection options for START REPLICA; see the “START SLAVE Syntax” in the MariaDB official documentation for more information.