Linux Today: Linux News On Internet Time.

10 Straight forward but proven ways to harden your LAMP servers.

Apr 14, 2009, 17:04 (0 Talkback[s])

[ Thanks to An Anonymous Reader for this link. ]

"7. Secure MySQL by only allowing root logins from a few management systems and not from localhost.

"This one sounds a bit strange, but by doing this it makes it very hard for someone to root your mysql if all they have is a user account on your LAMP server (hopefully some of you can see the logic here)

"Say for example all your admins sit behind a nat box that has the ip then the commands for mysql to lock it down would be like this : update user set host = '' where user="root"; that will leave the root passwords intact and only allow logins from a single management IP, but NOT localhost."

Complete Story

Related Stories: