Go Back   Web Server Hosting Forum by BODHost > Support > Tutorials and Documentation
http://www.bodhost.com/forum/Reload this Page How to secure MSSQL and MySQL
 

Reply
 
Thread Tools Display Modes
  #1 (permalink)  
Old 03-05-08, 04:44
BOD Member
  
Join Date: Feb 2008
Posts: 69
Default How to secure MSSQL and MySQL
You can easily secure your MSSQL and MySQL by using firewall.

You may wish to enable remote access to your MS SQL server or MySQL server. But it is strongly recommended that this service be firewalled and only your IP address allowed for remote access to this port.

You can easily do this by the following method:-

HTML Code:
Start > Control Panel > Windows Firewall > Exceptions >

Add Port > Name = MSSQL | Port = 1443 | TCP > Change Scope > Custom list > Your IP address as listed at http://whatisimyip.com
Add Port > Name = MySQL | Port = 3306| TCP > Change Scope > Custom list > Your IP address as listed at http://whatismyip.com
Reply With Quote
  #2 (permalink)  
Old 03-06-08, 03:53
BOD Member
  
Join Date: Nov 2005
Posts: 206
Default
Users accounts are only as secure as the passwords used to protect them.Therefore for this reason, the first thing you should remember to do is when you install MySQL is assign a password to the MySQL root account (empty by default). Once you've closed this gaping hole, the further step is to require that every user account must have a password and ensure that passwords do not use easily-recognizable

Note: Use the MySQL --secure-authentication option to prevent the use of older, less secure MySQL password formats.
Reply With Quote
  #3 (permalink)  
Old 03-09-08, 05:18
BOD Member
  
Join Date: Mar 2006
Location: Scotland
Posts: 201
Default
You must check the permissions of configuration files

It is always admired that to make server connections faster and more convenient, both users and server administrators store their user account passwords in their per-user MySQL options file.
However, this password is saved in plain-text within the file and can easily be read by others. Therefore, it is very important to ensure that such per-user configuration files are not viewable by other users of the system, and are stored in non-public locations.You would want the per-user configuration to be stored in the user's home directory with permissions 0600.
Reply With Quote
  #4 (permalink)  
Old 03-10-08, 05:05
BOD Member
  
Join Date: Nov 2005
Location: New Mexico
Posts: 273
Default
From many days I am using MySQL and jsp's on a linux server with tomcat apache, and a good firewall.the connection through my website to the database is also secured with custom made servlets, every request sent to the database needs to go through that servlet and thus i can secure certain tables depending on what user logged on.
Reply With Quote
Reply

« need help with server administration | Unable to access cPanel »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off
Forum Jump


All times are GMT -6. The time now is 02:15.

Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2012, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0
Copyright © 1999-2012, BODHost Ltd. All rights reserved.

Web Server Hosting   -   Contact Us   -     -   Members   -   Register   -   Calendar   -   Search   -   FAQ