Suggestion for a slightly more secure MySQL

Running the Mediawiki 1.17.0 stack natively on Linux, I found out that MySQL listens on all IP addresses by default. Since this is not needed for normal operations, I have added the following configuration item to the [mysqld] section in the my.cnf file :

bind-address=127.0.0.1

Might I suggest this as a default?

mediawiki mysql

asked 27 Sep '11, 11:42

Kint
31●1●1●3
accept rate: 0%

edited 27 Sep '11, 12:41

One Answer:

oldest newest most voted

Thanks for your suggestion. By default you can not connect to the MYSQL database from an external machine. Take a look at http://wiki.bitnami.org/Components/MySQL#How_to_connect_to_the_MySQL_database_from_a_different_machine.3f. Also Virtual Machines and AMIs have a firewall running that do not let to connect to the database. In any case this is an improvement and we will considerer to include it.

link

answered 27 Sep '11, 12:45

Beltran Rueda ♦♦
5.1k●5●12●22
accept rate: 24%

Oh I'm aware that the MySQLd will not accept external connections but if you are in a corporate environment like I am and you have regular Vulnerability Scans running, having that port and its banner listed as "available" all over the place is far from ideal :)

Thanks for the update.

(27 Sep '11, 12:56) Kint

Your answer

toggle preview

community wiki

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

*italic* or _italic_
**bold** or __bold__
link:[text](http://url.com/ "title")
image?![alt text](/path/img.jpg "title")
numbered list: 1. Foo 2. Bar
to add a line break simply add two spaces to where you would like the new line to be.
basic HTML tags are also supported

learn more about Markdown

Tags:

mysql ×76
mediawiki ×25

Asked: 27 Sep '11, 11:42

Seen: 496 times

Last updated: 27 Sep '11, 13:26

Suggestion for a slightly more secure MySQL

Follow this question

Host BitNami in the Cloud

Learn more about BitNami

Related questions