Restrict general database access

MySQL's access control is very finely grained - you have got a great deal of control over who can do what, so you should take advantage of this to make sure you only allow in people you absolutely trust.

Be sure to remove the guest account, leaving only the root user plus any others you use. Secondly, if you are running your server locally and the PHP scripts are local also, you do not need to allow access to anyone from outside - disable accounts that do not have "localhost" as the host, and also consider blocking port 3306 (the MySQL port) on your firewall.


Want to learn PHP 7?

Hacking with PHP has been fully updated for PHP 7, and is now available as a downloadable PDF. Get over 1200 pages of hands-on PHP learning today!

If this was helpful, please take a moment to tell others about Hacking with PHP by tweeting about it!

Next chapter: Restrict PHP database access >>

Previous chapter: Hiding PHP

Jump to:


Home: Table of Contents

Copyright ©2015 Paul Hudson. Follow me: @twostraws.