I have this setup in Phpmyadmin:
USER HOST PASSW PRIVILEGES GRANT
debian-sys-maint localhost Yes ALL PRIVILEGES YES
phpmyadmin localhost Yes USAGE NO
root 127.0.0.1 Yes ALL PRIVILEGES YES
root localhost Yes ALL PRIVILEGES YES
root my_hostname Yes ALL PRIVILEGES YES
username localhost Yes ALL PRIVILEGES YES
Where "username" is my username and "my_hostname" is my hostname.
I am currently only logging in as the last one (username, localhost). Also, I have php which also uses the last ones login details.
Should I disable the other ones?
And, what other security measures should I take?
BTW: My server is Linux and I have root access.
Thanks
Short answer: yes
This goes for SQL, but also for SSH and any other service attacked regularly from port scanning bots.
You should create your own user with sufficient rights (and users for other sysadmins) with strong password and disable root from logging to phpmyadmin and remotely to SQL.
You do not have to delete the root account. That is not preferable. This does not apply to a server where SSH access to shell (or port forwarding) is given to unsecure users. in such case it is better to increase the strength of the password to a point in which such attacks are useless even from localhost.
If you're not using one, delete it (Don't delete the three root logins, they will allow you to get super user access to fix something if something goes wrong)...
However, I'd suggest "limited permission" users. Grant each user access only to the data it needs to modify. That way you limit the damage an attacker can do. Using one login for everything is just as bad as using root in production...
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With