Securing MySQL's Default Installation - Quick And Dirty Too!
I just stumbled upon a script that MySQL includes nowadays called mysqlsecureinstallation. It runs a series of steps to remove some of the default installation options that MySQL installs, like an anonymous user and a test database. When you run the script, it does for the following:
- Prompts you to change your MySQL root password, especially if you haven't set a root password yet.
- Removes anonymous access to your database server.
- Restricts root access to localhost only.
- Drops the 'test' table that's installed automatically.
- Flushes the privileges so that all changes are taken immediately without having to restart the database server.
Here's the output when running the mysqlsecureinstallation in one of my servers.
In all, it's something that I've been doing manually for a while. And I bet that there are many, many developers out there who, even on production servers, don't even bother to remove these things. Obviously, this isn't the "be-all and end-all" of MySQL security, but it's a big step away from the default installation. Go run this script now! Well, unless you're a security expert who already did this, either manually or with the script. If so, then I salute you.