Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


Top White Papers

More on LinuxToday


10 Straight forward but proven ways to harden your LAMP servers.

Apr 14, 2009, 17:04 (0 Talkback[s])

[ Thanks to An Anonymous Reader for this link. ]

"7. Secure MySQL by only allowing root logins from a few management systems and not from localhost.

"This one sounds a bit strange, but by doing this it makes it very hard for someone to root your mysql if all they have is a user account on your LAMP server (hopefully some of you can see the logic here)

"Say for example all your admins sit behind a nat box that has the ip 123.123.123.123 then the commands for mysql to lock it down would be like this : update user set host = '123.123.123.123' where user="root"; that will leave the root passwords intact and only allow logins from a single management IP, but NOT localhost."

Complete Story

Related Stories: