How Do I Secure My Mysql Database? | HackingTruths Blog

Posted on June 4, 2009 - by admin

How Do I Secure My Mysql Database?

I’m putting together a database (PHP/MYSQL) online, and I want to secure it from hackers.
I have heard of people hacking databases with “sql injection”, on mainstream CMSs like phpNuke.
Could those hackings be due to everyone knowing how the system works, and I would I be more safe because no one knows my database layout?
Any help or links would be great.

This entry was posted on Thursday, June 4th, 2009 at 5:41 am and is filed under SQl Injection. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

1 Comment

We'd love to hear yours!

Visit My Website

June 4, 2009

Permalink

Otto said:

There are some fundamental rules to follow:
1. Never use MySQL administrative accounts within your PHP code.
2. Create dedicated users. Let’s say that all requests which are read (and most of the requests you are going to run are going to be read only) have to be processes by a READ only MySQL user. And make sure this user only accesses needed databases and HAS NO ACCESS ON MySQL ADMINISTRATIVE DATABASES
3. Restrict MySQL user’s right to strict minimum (a bit like the above point)
4. Make sure the database is accessible with localhost only (or from specific users using specific IP addresses)
5. Hide PHP errors (they often give a lot of information on your system). Never let errors to be displayed on user’s end
6. Change password from time to time
7. Put a good firewall
8. Apply patches

Leave a Comment

Here's your chance to speak.

Mobile What Linux Hardware Email Have Without Work Hacking...? Injection There Software Account Yahoo Computer Find Anyone Hack Best With Iphone From Does Free Play Between Someone Vodafone Need Chip Phone AntiVirus Root Your Help Password Possible Games Into Internet That Which Where Know Good

Nokia N70 Picture Messaging Help.?

0800 Number From Mobile - Costs Anyone?

Psp: How Do You Mod Your Psp To Play Free Games Or Upgrade Your Firmware?

Anyone Know How To Mod A Verizon Wireless V3c So That The Home Keys Can Be Changed?

What Kind Of Hardware Do I Need To Buy For A Slingbox?

How Else Can I Get Firefox On Linux?

Is It Easy To Hack Into Someone's Personal Computer, (i.e. Email Accounts)? How Would You Know It Happened?

How Can I Hack A Yahoo Id Nowadays?,i Wanna Get The Password And The Offline Messages,is There A Site 4 It?

Nokia N73 - Need Advice On Emailing..?

Bes - Lotus/exchange Patch Needed?

Where Can I Find A Sims 2 Apartment Life Pregnancy Mod?

I Need A Mod To Play Baseball On The Sims 2?

I Need Opinions On Decorating My Kitchen. What Is The Best Color Or Metal For My Cabinet Hardware?

How Can I Copy A File In Linux?

Is It Illegal To Hack Someone's Email?

Yahoo Account Hacked And Mail Is Forwarded To Another Account?

Is Hacks 4 Sake The Real Deal Or A Fake Like Its Predecessor Hacking Services?

Bmw Professional Phone- Pls Help?

Setting Up Internet On My New Phone?? Se W980?

Iphone??????????????????

What Kind Of Mod Chip Should I Get For Region-free Games On My Ps2?

Sudo Command Not Supporting Useradd In Linux?

Is It Possible That Someone Can Add You As A Friend On Yahoo Messenger And Then Hack Into Your Stuff?

Problem Accessing Hashtables From Another Class?

Msn Not Working Due To 'keyport' Problem?

Is Their A Site That Shows You How To Mod Game Systems And Other Electronics?

How Do I Mod A Mongoose Into Halo 2?

What Is The Program/website That Tells You What Hardware Is On Your Computer?

How Do I Get Tftp Started In Linux 2.6.9? ?

If Someone Here Like The Guy 0101 Or Whatever User Name He Has, I Welcome Him To Hack My Yahoo Webcam If Hes?

I Want To Take A Mobile Phone To Cancun What Is The Best Way To Do This?

How To Connect My Pc To Residential Gateway?

Is It Possible To Play A Game That Has More Than One Mod Installed?

How Do I Get To Use Extra Features I've Downloaded For Gmod (garrys Mod)?

What Parts Of A Drum Set Are Considered The 'hardware'?

Linux Questions...?

How Do I Know My Email Is Hacked?

Hacking??????????????

Flash Player For Mobile Phone?

Please Help!!!!!!!!!!!!!!!!!!!!!! Huawei E220 Usb Modem!!?

Where Can I Buy A Xbox 360 Controller Center Button Led Mod That Isn't Off Ebay?

Iphone . . . . . . . . . . . . . . . . . . . .?

Where Can I Find The Hardware Needed For A Lightscribe To Work?

How To Get Apache To Run Linux Shell Commands?

My Friend's Myspace Got Hacked. The Hacker Changed The Pswrd And Email. My Friend Needs To Hack Back In, How?

How To Detect Who Hacked Your Yahoo Messenger?

Hacking......????????

Whats Happening To My Credit?

Would You Fill In My Questionaire?

What Are The Chances That The Iphone Becomes Available To Other Carriers?

What Is The Best Non-solder Xbox 360 Mod Chip Available?

Linux Questions?

Can Meebo, Ebuddy Or Any Of Those Msn Knock-offs Hack My Email?

How Can I Hack Into My Husband's Yahoo Messenger?

What Would Be The Best Unlimited Internet Mobile Sim / Contract?

Which Phone Is Better For Me To Get?

Is There Any Sims 2 Game Mod That Allows You To Bring Toddlers On Vacation?

Whats The Difference Between The Ipod Touch And The Iphone?

Where Can I Mod My Wii In New York City?

What Is The General Role Of Software And Hardware?

How To Mount Pen Drive In Linux Red Hat Without Logging In As Administraor?

Can U Find Out If Someone Is Try To Hack Ur Email Account From Another Computer Even If They Are Unsuccessful?

Can I Find The Ip Address Of A Person Who Is Hacking An Yahoo Im Account?

Which Colours Better; Black Or Red?

How Do You Download Stuff From Mod The Sims 2 On To Your Game?

How Do I Move Icons On Iphone From Page To Page?

Does Anyone Have The Naughty Shower Mod For The Sims 2?

What Steps Should I Take To Refinish Guitar Hardware?

I Need To Find A Hacker For Ssh On Linux?

Any Body Help Me To Get My Hacked Yahoo Email Password Back?

Hacking????????????????!?!!!!!…

Credit Card Declined?

Blackberry 8100 Pearl Scrollball Won't Scroll Up?

How Much Should I Charge To Mod A Psp Then Put Psp Tube On It?

What's The Difference Between An Iphone And An Ipod Touch?

What Kind Of Chip Do I Need To Mod My Wii?

How To Become A Computer Tech Working On Hardware?

I Need Linux To Send Email Automatocally Whenever A User Login To System?

Nokia N96 My Communities App?

I Need This Survey Filled Out For School. Please?

How Do I View Pictures I Have Taken On Garry's Mod?

How Do I Remove Contacts From Iphone That Have Already Been Deleted?

Have You Tried Installing Mod Chips In Your Car?

What Hardware Do I Need To Record Music On My Laptop?