MySQL Security: Difference between revisions
Jump to navigation
Jump to search
m
Reverted edits by Upazixorys (Talk); changed back to last version by BobS
Upazixorys (talk | contribs) No edit summary |
m (Reverted edits by Upazixorys (Talk); changed back to last version by BobS) |
||
Line 1: | Line 1: | ||
<span id="top"></span> | |||
< | {| cellpadding="2" | ||
</ | |||
{| cellpadding= | |||
|__TOC__||'''MySQL Security''' | |__TOC__||'''MySQL Security''' | ||
|} | |} | ||
Line 50: | Line 42: | ||
{| | {| | ||
|- | |- | ||
|valign= | |valign="top"| | ||
'''''Change MySQL password''''' | '''''Change MySQL password''''' | ||
# Start UniTray: Navigate to folder '''UniServer''' and double click on '''Start.exe''' | # Start UniTray: Navigate to folder '''UniServer''' and double click on '''Start.exe''' | ||
# Start Uniform Server: Left click UniTray | # Start Uniform Server: Left click UniTray > Click Start UniServer '''A) B)''' | ||
# Run Apanel: Left click UniTray | # Run Apanel: Left click UniTray > Click Admin Panel '''C)''' | ||
# Apanel left menu click '''MySQL Server Configuration''' '''D)''' | # Apanel left menu click '''MySQL Server Configuration''' '''D)''' | ||
# Enter '''new MySQL Password''' (for example fred123) choose a secure one '''E)''' | # Enter '''new MySQL Password''' (for example fred123) choose a secure one '''E)''' | ||
Line 63: | Line 55: | ||
|} | |} | ||
=== Install an application === | === Install an application === | ||
# Install application as per instructions. | # Install application as per instructions.<br />Note: From the above MySQL server host is '''localhost''' user name '''root''' password '''fred123'''<br />Use the password you configured.<br /><br /> | ||
# For the remainder of this example, I will assume you are using the MediaWiki plugin '''V55_MediaWiki_1_15_1.exe''' | # For the remainder of this example, I will assume you are using the MediaWiki plugin '''V55_MediaWiki_1_15_1.exe'''<br />Note: This is pre-configured and uses user name '''root''' and password '''root''' | ||
Line 70: | Line 62: | ||
{| | {| | ||
|- | |- | ||
|valign= | |valign="top"| | ||
'''''Change MySQL password''''' | '''''Change MySQL password''''' | ||
# Start Uniform Server: Left click UniTray | # Start Uniform Server: Left click UniTray > Click Start UniServer '''A) B)''' | ||
# Run phpMyAdmin: Left click UniTray | # Run phpMyAdmin: Left click UniTray > Click phpMyAdmin '''G)''' | ||
# phpMyAdmin page is displayed. From the top menu click on '''privileges''' '''H)''' | # phpMyAdmin page is displayed. From the top menu click on '''privileges''' '''H)'''<br />This opens a new page displaying all users | ||
'''''Note'':''' A user in this context is the name of a MySQL user that is allowed to connect to the MySQL server. This name has no relationship to any application's users. | '''''Note'':''' A user in this context is the name of a MySQL user that is allowed to connect to the MySQL server. This name has no relationship to any application's users. | ||
# Click on '''Add a new User I)''' This opens the Add a new user page | # Click on '''Add a new User I)''' This opens the Add a new user page<br /><br /><br /> | ||
# Enter required user name (example: WikiUser) '''J)''' | # Enter required user name (example: WikiUser) '''J)''' | ||
# Select Host from drop down menu. Select '''localhost''' to restrict access '''K)''' | # Select Host from drop down menu. Select '''localhost''' to restrict access '''K)''' | ||
# Enter password (from drop down menu, select '''Use Text Field''') '''L)''' | # Enter password (from drop down menu, select '''Use Text Field''') '''L)''' | ||
# Confirm password '''M)''' | # Confirm password '''M)'''<br />Note: for this example I entered '''user123'''<br /><br />'''''Note'':''' The Add new User pages allows you to set global privileges for the user. This user is being created with absolute minimum privileges, so no global privileges are set. Ensure all privileges are unchecked.<br /><br /> | ||
# Scroll down page and click '''Go''' '''N)''' | # Scroll down page and click '''Go''' '''N)'''<br /><br /><br /><br /><br /><br /><br /> | ||
# Our new user is created and confirmation provided at the top of the page. A new section is automatically added to the current page named '''Database Specific Privileges'''; scroll to this section. | # Our new user is created and confirmation provided at the top of the page. A new section is automatically added to the current page named '''Database Specific Privileges'''; scroll to this section.<br /><br />Note: You can assign more than one database to a user, however for this user we are limiting access to a single database.<br /><br /> | ||
# From the drop down menu, select '''wikidb''' '''O)''' | # From the drop down menu, select '''wikidb''' '''O)'''<br /> This automatically opens a new page where you can assign privileges to the user that are specific to the Wiki database '''wikidb'''<br /><br /><br /><br /> | ||
# When assigning privileges, assign the absolute minimum possible to allow an application to run. If the application fails, you can always go back and edit user privileges and enable more as required. | # When assigning privileges, assign the absolute minimum possible to allow an application to run. If the application fails, you can always go back and edit user privileges and enable more as required.<br /><br /> For MediaWiki the minimum is shown; see section '''Data P)''' | ||
# Scroll down page and click '''Go Q)''' | # Scroll down page and click '''Go Q)''' | ||
Line 109: | Line 101: | ||
|'''Locate this section:''' | |'''Locate this section:''' | ||
|- | |- | ||
| | |<pre> | ||
## Database settings | ## Database settings | ||
$wgDBtype = | $wgDBtype = "mysql"; | ||
$wgDBserver = | $wgDBserver = "localhost"; | ||
$wgDBname = | $wgDBname = "wikidb"; | ||
$wgDBuser = | $wgDBuser = "root"; | ||
$wgDBpassword = | $wgDBpassword = "root"; | ||
</pre> | |||
|} | |} | ||
| | | | ||
Line 123: | Line 115: | ||
|Change '''$wgDBuser''' and '''$wgDBpassword''' as shown below: | |Change '''$wgDBuser''' and '''$wgDBpassword''' as shown below: | ||
|- | |- | ||
| | |<pre> | ||
## Database settings | ## Database settings | ||
$wgDBtype = | $wgDBtype = "mysql"; | ||
$wgDBserver = | $wgDBserver = "localhost"; | ||
$wgDBname = | $wgDBname = "wikidb"; | ||
$wgDBuser = | $wgDBuser = "WikiUser"; | ||
$wgDBpassword = | $wgDBpassword = "user123"; | ||
</pre> | |||
|} | |} | ||
|} | |} | ||
Line 140: | Line 132: | ||
'''''For Firefox'':''' | '''''For Firefox'':''' | ||
* Tools | * Tools > Options > Click Privacy > Click Show cookies button > Click Remove all cookies | ||
* Tools | * Tools > Options > Click Advanced > Click Clear Now | ||
== Conclusion == | == Conclusion == |