Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


More on LinuxToday


10 Straight forward but proven ways to harden your LAMP servers.

Apr 14, 2009, 17:04 (0 Talkback[s])

[ Thanks to An Anonymous Reader for this link. ]

"7. Secure MySQL by only allowing root logins from a few management systems and not from localhost.

"This one sounds a bit strange, but by doing this it makes it very hard for someone to root your mysql if all they have is a user account on your LAMP server (hopefully some of you can see the logic here)

"Say for example all your admins sit behind a nat box that has the ip 123.123.123.123 then the commands for mysql to lock it down would be like this : update user set host = '123.123.123.123' where user="root"; that will leave the root passwords intact and only allow logins from a single management IP, but NOT localhost."

Complete Story

Related Stories: