Need to migrate your e-mails to a new server? Free and paid versions of our online tool available.
Hero Image

Secure MySQL on Gentoo Linux

mysql gentoo mysql

Secure MySQL on Gentoo Linux

Step 1 – Run mysql_secure_installation

mysql_secure_installation

Set root password, remove anonymous users, disallow remote root login, remove test DB.

Step 2 – Bind to localhost

[mysqld]
bind-address = 127.0.0.1

Step 3 – Audit users

SELECT User, Host, plugin FROM mysql.user;
DELETE FROM mysql.user WHERE authentication_string = '' AND User != '';
FLUSH PRIVILEGES;

Step 4 – Require SSL for a user

ALTER USER 'appuser'@'%' REQUIRE SSL;
SHOW VARIABLES LIKE '%ssl%';

Step 5 – Firewall – allow MySQL only from trusted subnet

iptables -A INPUT -s 192.168.1.0/24 -p tcp --dport 3306 -j ACCEPT
Previous Post Next Post