Photo by Campaign Creators on Unsplash
In the pantheon of open source heavyweights, few technologies are as ubiquitous as the MySQL RDBMS. Integral to popular software packages like WordPress and server stacks like LAMP, MySQL is the foundational data platform for most websites and cloud services on the internet today. Unfortunately, its popularity translates to more commonly known attack vectors and security exploits — the following are 11 ways to shore up MySQL security and protect your data more effectively.
10 Ways to Improve MySQL Security
1. Drop the Test Database
The test database installed by the MySQL Server package as part of the mysql_install_db process can be fully accessed by all users by default, making it a common target for attackers. It should therefore be removed during post-installation hardening.
2. Remove All Anonymous Accounts
MySQL, by default, creates several anonymous users that essentially serve no purpose after installation. These accounts should therefore be removed, as their presence on the system gives attackers an entry point in the database.
3. Obfuscate the Root Account
Changing the MySQL root user account to a hard-to-guess name adds another layer of security, as attackers must determine the new account name before attempting to brute force the password values.
4. Disable Remote Logins
If local applications only use the MySQL database, remote access to the server should be disabled. This is done by opening up the /etc/my.cnf file and adding a skip-networking entry under the [mysqld] section. Configuring MySQL to stop listening on all TCP/IP ports, including 127.0.0.1, will effectively restrict database access to local, MySQL socket-based communications.
5. Change Default Port Mappings
MySQL, by default, runs on port 3306. This should be changed after installation to obfuscate what critical services are running on which ports, as attackers will initially attempt to exploit default values.
6. Remove and Disable the MySQL History File
Like the Test database, the MySQL history file located at ~/.mysql_history is created by default during installation. This file should be deleted, as it contains historical details regarding installation and configuration steps performed. This could potentially result in the accidental exposure of passwords for critical database users. A weak link for the .mysql_history file to the null device should be created to stop logging into the file.
7. Do Not Run MySQL With Root Level Privileges
MySQL should be run under a specific, newly-created user account with the necessary permissions to run the service instead of directly as the root user. This adds some auditing and logging benefits while preventing attackers from gaining access by hijacking the root user account.
8. Alter Which Hosts Have Access to MySQL
If set up as a standalone server (i.e., application and web servers query the database from another server), the MySQL instance should be configured only to allow access to permitted hosts. This can be accomplished by making the appropriate changes in the hosts. deny and hosts.allow files.
9. Limit or Disable SHOW DATABASES
Again, stripping remote attackers of their information gathering capabilities is critical to a secure security posture. For this reason, the SHOW DATABASES command should be limited or removed entirely by adding skip-show-database to the [mysqld] section of the MySQL configuration file at /etc/my.cnf.
10. Disable the Use of LOAD DATA LOCAL INFILE Command
The LOAD DATA LOCAL INFILE command allows users to read local files and even access other files on the operating system, which could be exploited by attackers using methods such as SQL injection. The command should therefore be disabled by inserting set-variable=local-infile=0 to the [mysqld] section of my.cnf.
