10 Straight forward but proven ways to harden your LAMP servers.
Apr 14, 2009, 17:04 (0 Talkback[s])
[ Thanks to An Anonymous Reader for
this link. ]
"7. Secure MySQL by only allowing root logins from a
few management systems and not from localhost.
"This one sounds a bit strange, but by doing this it makes it
very hard for someone to root your mysql if all they have is a user
account on your LAMP server (hopefully some of you can see the
logic here)
"Say for example all your admins sit behind a nat box that has
the ip 123.123.123.123 then the commands for mysql to lock it down
would be like this : update user set host = '123.123.123.123' where
user="root"; that will leave the root passwords intact and only
allow logins from a single management IP, but NOT localhost."
Complete Story
Related Stories:
- Simple MySQL Developer Intro(Mar 15, 2009)
- Shining Light on Why Microsoft Loves LAMP to Death(Mar 13, 2009)
- Ubuntu Server Appliances Meet the Cloud(Mar 13, 2009)
- How to Upload Images Using PHP(Feb 24, 2009)
- Three Ways to Create Web-Accessible Calendars on Your Intranet(Dec 18, 2008)
- Turn Your Linux Machine into an Application Server in 10 Minutes(Dec 10, 2008)
- Creating an oBAMP Stack: OpenBSD, Apache, MySQL, and PHP(Dec 10, 2008)
- Protecting Your LAMP Site with a Robots.txt Honeypot(Nov 27, 2008)
