Secure MariaDB

Once you have created a new database and user for your application, connect to your MariaDB server and follow these recommendations:

  • Remove anonymous users:

      MariaDB> DELETE FROM mysql.user WHERE User='';
  • Remove the test database and access to it:

      MariaDB> DROP DATABASE test;
      MariaDB> DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%';
  • Disallow root login remotely:

    IMPORTANT: Please ensure the mysql.user table includes a ‘root’@‘localhost’ entry. Otherwise, you will lose admin access to the database when running the next command

      MariaDB> DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '', '::1');

    Don’t forget to reload the privileges tables to apply the changes:

  • Change your root user password.

  • It is strongly recommended that you do not have empty passwords for any user accounts when using the server for any production work.

  • If you don’t need remote access, uncomment the line


    in the MariaDB configuration file to only listen for connections on the local machine. Restart the server once done.

Last modification December 21, 2022