The MySQL database package comes with an automated secure installation script called “mysql_secure_installation”. It’s advised to run this script soon after the installation of MySQL database, especially on a production machine. The obvious reason is, it improves security of the database.
By default MySQL,
- allows anonymous user logins
- ‘root’ user is not secured with a password
- ‘root’ user is allowed to connect from a remote machine
- during the installation, ‘test’ database is created with an access granted to every user.
Advantages of running ‘mysql_secure_installation’ script:
- Allows you to remove anonymous user logins
- Allows you to set a secure password for the ‘root’ user.
- Restricts ‘root’ user from connecting remotely
- Removes ‘test’ database created during the installation, as it does nothing in the production environment.
Execute ‘mysql_secure_installation’ after MySQL Installation
It’s simple and fast. All you need to do is, just run the command, read the steps carefully and hit enter!
# mysql_secure_installation
Enter current password for root (enter for none): Set root password? [Y/n] New password: Re-enter new password: Password updated successfully! Reloading privilege tables.. ... Success!
Remove anonymous users? [Y/n] Y ... Success!
Disallow root login remotely? [Y/n] Y ... Success!
Remove test database and access to it? [Y/n] Y - Dropping test database... ... Success! - Removing privileges on test database... ... Success!
Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? [Y/n] Y ... Success!
That’s it! You have taken a first step towards securing MySQL installation. Happy DBing!
