Z controller MySQL Tab
|Uniform Server 5.6-Nano.
Installing third party applications that use the MySQL server is easy. Uniform Server places no restrictions and allows you to install using the root user account..
For a test server this is fine however for a production server it is already compromised! The root user is known, both name and password is set to root.
As a first line of defence you must change the MySQL root user password using Apanel. You can install all applications using this root user and new password.
For a production server using the root user account even with a new password is high risk. Should this root user account become compromised a malious user can delete all databases and data. The root user is all-powerful and can run any task on the MySQL server.
After installing an application create a restricted user on the MySQL server and edit the application’s configuration file. Replacing the root user with this restricted user account.
Every application shall have a unique restricted user. If this user becomes compromised hopefully any damage is confined only to that application.
A restricted user has a unique name and password with minimum privileges assigned to a specific database. This user has no global privileges further restricting server access.
Assign only minimum privileges required for the application to run.
Privileges: SELECT, INSERT, UPDATE, DELETE
These privileges are referring what that user can perform on tables within that database assigned. For example assign the first three these are safe only assign delete if required by a n application.
Using phpMyAdmin to create a restricted user is covered on the MySQL Security page.
It’s worth reading to appreciate the convenience of using the MySQL tab
MySQL Tab intro
The MySQL tab was added in V56_ZCON_1_1 it contains three buttons you generally use in the following order.
Each button opens a pop-up window as shown below.
Add or Delete Database
This pop-up window allows you to create or delete a database.
Create a database:
Delete a database:
Add restricted user
To creating a restricted user fill in the form
Note 1: If user exists you will be requested to enter a new user. A User must be unique.
Note 2: If a database does not exist you can still assign it to a user and create the database later.
This pop-up allows you to change a restricted users password and privileges.
Tabs group functionality and expose Uniform Servers’s features.
Main drop down menus take a slightly different approach generally they target a single feature by name. However a pop-up window that opens as a result of a selection may contain a common group of related features.
Each drop down menu is covered on a separate page they have an identical name as the menu.
First menu to be covered is the File menu.