How To Secure Access To MySQL Database
What can I do to secure access to my MySQL database to stop it from getting compromised from hackers?
Is there any way I can restrict access to the MySQL database to my IP only?
The database is for an IPB 2.3.4 forum and the username/password are stored in a conf_global.php file that is CHMODed 0444.
View Complete Thread with Replies
Sponsored Links:
Related Forum Messages:
Copying (MySQL) Database Without Panel Access.
A customer would like to move his hosting from another host to me. But the other host does not want to cooperate and give me access to the panel or files. Threw the customer I did get the ftp information, and within the config file I have the database username and password. How is it possible to copy the database, without having the hosting panel access?
View Replies!
View Related
Where Is A Database Most Secure
I'm building an ASP.NET 2.0 web app on a shared hosting plan. It looks like I have two good places to store my database. One is the App_Data folder that my .NET training tells me is the place to store databases. However, like many shared hosting plans I have a directory above the publicly accessible webroot folder with serves as my application root. Right next to my webroot folder is a databases folder which my web host apparently sets up as a default location for databases. So which is more secure? My App_Data folder? Or a "sibling" folder to my webroot? If it matters, I have an Access .mdb, which I may upgrade to a SQL server .mdf.
View Replies!
View Related
Secure Employees SSH Access To Server
I'm thinking about creating a limited platform for my employees to access my hosting servers I wish they can create certain types of directories for users, set permissions on some directories, list users accounts, etc. but although I don't think they would want to abuse this kind of access, I not only like the Trust-No-One premisse, but I also find it not very unlikely that the computer they're using get compromised or something like that so I'd like to get technical ideas on how to develop this system and to know if anyone is interested and would like to contribute to the code what I've considered so far is that I should either create a special user for that which would be on all users group, or should give it "root" access... the latter seems more reasonable for me considering the implementation and compatibility between systems and control panels but with "root" access I mean "running MY INTERFACE to the employee as root"... this interface would have limited options like "create directory for user X", "list content of user X", etc. (taking a lot of care on input validation)... and would enforce some limits to prevent abuse (for example, can't list the content of more than 10 users per hour, or something like that... and alert me) my main doubt is how you think that should be implemented? as a special server or as a webservice? with webservice I have the advantage of being capable of using SSL in a simple way and I don't need a special client (since any browser is a client) then that could be PHP or Perl... but running as UID 0 (I don't even know if apache allows that, or if there's a workaround like SUID)
View Replies!
View Related
How Do I Secure Remote Access To Remote Access Products
I have windows servers that I'll be co-locating very soon. I have purchased a Dell 2161ds-2 and an APC remote boot power strip. Could someone please tell me the best way to secure remote access to these products. Do I put them on public IP's and allow them through the firewall or do I put them behind the firewall and access them after I authenticate through the firewall.
View Replies!
View Related
Open Database Access
I want to develop a desktop-based application for content management for a customer. The problem is that every host I have found has a firewall that blocks any server except the web server from accessing the database. On a programmatic level does anyone know of a way around this or, even better, a GOOD host that will allow me to do this? What are the real risks involved with direct database access? I'm looking for relatively cheap shared hosting and likely cannot afford dedicated hosting.
View Replies!
View Related
How To Secure /tmp,/dev/shm Without Access To OpenVZ Hardware Node?
I have recently picked up a CentOS5 server running on an OpenVZ box. Going thru various guides, I have seen repeatedly the importance of securing the /tmp partition. However, I am running into trouble when I try to follow the usual commands [1][2] For example: # mount -o nosuid,noexec /media/tmpFS /tmp mount: /media/tmpFS is not a block device (maybe try `-o loop'?) If I check for the presence of loop, it is missing: # ls -ltr /dev/loop* ls: /dev/loop*: No such file or directory If I try and create loop using /sbin/makedev loop and re-execute the mount command, I get a new error mount: no permission to look at loop The nearest I have found so far is this thread [3], which suggests using mount -t tmpfs tmpfs /tmp I believe the above will not persist across a reboot, so that defeat's the purpose. Can you advise on how to mount /tmp in noexec,nosuid mode within the VPS environment?
View Replies!
View Related
Secure MySQL Backup Script
Is there a method of running a back-up script,as root, using MySQL, without passing or storing the root password in the clear? I have tried OpenSSH with a nologin option using certificates, but I still have problems. I need to run it as a cron job every so often, (without specifics) securely. I understand I can use another user, other than root, with read-only, but I need to back up the whole db at once, not specific users db's.
View Replies!
View Related
Narrowing Down The Options-what To Do For Secure, Managed MySQL
We want to serve web pages and I think we're getting very close to picking a partner for that. But we also want to have a secure, HA mySQL instance to vend serial numbers to purchased products. This means two more servers at separate data centers behind a load balancer. HA web servers are pretty expensive, is there a mySQL only solution that would be cheaper?(Connectria?) The load would be very light....
View Replies!
View Related
Reloading A Mysql Database
My server admin linked me to this: [url] I'm using a cpanel based server, but I can't get this to work. It requires I be in a directory I figure (this step isnt included) so I type cd /home/username/public_html/ And then i follow the commands. but it doesnt work. Basically i need to take a mysql database that I uploaded to my directory, and load it back into a database. :@
View Replies!
View Related
Get Mysql Database From Shell
I have a problem getting mysql to start, so I am planning to setup a new server and move all the mysql databases to a new server. The problem is I normally get mysql databases when mysql is running by using mysql command lines. Now that I cannot start mysql, I cannot use that method. Is there a mysql directory that contains all the mysql databases for me to tar it up and untar it on a different? If there is a directory that contains all the mysql databases, do I need to exclude some files/folders so it doesnt conflict with the files/folders on my new mysql server?
View Replies!
View Related
MySQL With Huge Database
ways to improve the database performance in the situation when I have to modify a large table (several million rows), by e.g. adding a column. Currently this would take several hours which is too slow. The bottleneck is disk I/O. I am considering either partitioning the table over several innodb files on several disks, or going to a RAID-5 or RAID-10, it this will give me better write performance. The database is 130GB large, and the problem table (which I make period changes to) is the largest table on the server. I cannot have downtime of 3 hours each time I make a change and adding blank fields (to be used later, when a new field is needed) is not an option. Each time I add a column, the cpu goes into high (80%) io wait state for about 3 hours. I have a hack which would allow me to split the large table into multiple smaller tables based on some criteria (for example, forumID or such). Here are a couple of things but would like to know which is best, and am open to new ideas. The ideas so far: 1. Split the table into 3 or 5 smaller tables each on it's own disk. The disk IO would then not be so bad, and it might only take 1 hour to perform the table change. But this might not work because the changes to the database (as in adding a column) might be serial, meaning only 1 disk is being written to at a time. (Then again, maybe it will work if I launch 3 different scripts, one to update each table at once). 2. Do RAID 5 or 10, and have 3 or 5 disks. This again might not help at all because of the above issue with MySQL writing serially. I am using latest MySQL 5.0.45 with InnoDB engine on Debian etch Linux
View Replies!
View Related
Big Mysql Database 4gb
i been trying to move my server.. But mysql database is quite big and restoring takes ages 10 12 hours.. is there anyway i can make it quick because database dump takes 10 15mins but restore takes 12hours and it should be a way to make that quick
View Replies!
View Related
Managed Database Hosting (Mysql)
if there are any recommendations on managed database hosting services. This will be used for a fairly large project running on Mysql DB. Due to the size and complexity of the database a lot of resources are being used, so I prefer to find a company which specializes in dB hosting.
View Replies!
View Related
[mySQL] Copy Colomn From 1 Database To Another
I'm trying to copy the contents of a column from 1 database to another. I need to do this as the contents in the current database have got messed up after an upgrade. The DB structure table forum_msgs It contains a column called "topic_id". Basically I need to copy over the topic ID fields from the "old" database into the "current" database into table forum_msg replacing any values that are currently in the column "topic_id" I tried this but it doesn't seem to work correctly. Any ideas how it should be done? insert current.forum_msgs ( topic_id ) select topic_id from old.forum_msgs
View Replies!
View Related
Alterntive Way For Downloading A MySQL Database
A friend of mine has an account with a hosting company that recently became unstable and he wants to move his site away. I downloaded the files, but it now seems impossible to download the databases in the conventional ways. I tried downloading them using their control panel (vDeck) but I get an error "File Permissions do not allow to download backup". Then I tried to export it using PHPMyAdmin but the files either doesn't download at all, or it downloads inccomplete with the last lines having something like the following: Cannot modify header information - headers already sent by (output started at /usr/local/apache/htdocs/phpMyAdmin-2.6.3/export.php:121 I tried to contact their support but they have no clue. Is there any way to download the database? I thought of creating a script that would manually itterate through the tables and create an export fie similar to what phpMyAdmin creates. I don't know if this is possible, and I hope there are better ways.
View Replies!
View Related
MySQL Cannot Connect To Database Via PHP
I got this weird problem with my VPS which has MySQL 4.1.22 running on it. Everything works fine for sometime and then out of a sudden, it stop recognizing the mysql users and refused to allow my PHP scripts to access the database. It seems that I needed to restart mySQL server to resolve the issue. Then out of the blues, the same problem occurs. I am running Cpanel on a VPS and there isn't any overloading as the database access is pretty light on my 512mb VPS. I contacted my web host about the issue and it seems like all they do is to restart the mySQL. This cannot be a solution as it happens at least once or twice a day depending on how soon I could catch the problem. All the time this problem occurs, the MYSQL Server is still active and working. I can even access it through PHPMyAdmin but not through the scripts. I just added an hourly crontab so as to restart the MySQL server as a stop gap.
View Replies!
View Related
Backup BIG MySQL Database
What is the recommended method of backing up big MySQL database of size 2 GB ? Quote: # mysqldump gallery > gallery.sql mysqldump: Got error: 1017: Can't find file: './gallery/10tir_user_group.frm' (errno: 24) when using LOCK TABLES # I checked the table, it is fine, but can't do the backup. Quote: mysql> check table 10tir_user_group; +-------------------------+-------+----------+----------+ | Table | Op | Msg_type | Msg_text | +-------------------------+-------+----------+----------+ | gallery.10tir_user_group | check | status | OK | +-------------------------+-------+----------+----------+ 1 row in set (0.07 sec) mysql>
View Replies!
View Related
Exporting Mysql Database From Helm
i have a fren who wants to transfer a hosting ..for a site made in php and hosted in helm...windows server... the site uses mysql datbase but i could see no database in the database setting(of helm)...and says no database created.. in host i could see server.mysql in php database config files i want to export database...to linux server i have not used helm much.. where actually is database located and how can it be exported?
View Replies!
View Related
Fetch Admin Password From MySQL Database
I have forgot the admin password for one of our application. All the users and passwords are stored in database table "users", is there any way I can get the password from the database.. any MySQL query that will fetch the admin password from that database table.
View Replies!
View Related
Apache: Load Vhosts From MySQL Database
if it was possible to load vhosts from a MySQL database and the only solutions i found didnt work for me. Im running Apache on Windows. Has anyone seen anything that would work with Windows? The only alternative i can think of is to read the database info using PHP and output it to a vhosts config file. I dont want to do that though because it means restarting the server to load the new config and i hear that a lot of vhosts slows the server down
View Replies!
View Related
Mysql Database Dump (150mb) Utf8
recently I had problems with backing up my ~150mb database through PHP. And I know some people are backing their databases to a dump file through terminal. My database contains UTF-8 and other characters. I have tried simply dumping with mysqldump but I doesn't seem to work, when restoring all the characters are messed up. Is there any command to tell that the database is UTF-8?
View Replies!
View Related
MySQL Database Service Stops From Running
I have a phpBB forum, which uses MySQl database. For the last two months the forum has been going down every couple of days because the database service has been continuously stoped running on the server with no reason. What can cause such a frequent database failures? Can someone attack the forum/database/server in a way that will cause the above problem? (there is a good reason I consider this possibility very seriously) How can I prevent futher database failures?
View Replies!
View Related
Trying To Import Mysql Database Via CLI In Ubuntu Linux
I have ubuntu 6 server version running. I am trying to import a database I have however I cannot get it working for the last 2 hours! I have tried various commands like logging into mysql entering the "use" command to use a database and then variations of the "source" command but my db.sql file doesn't run. Also tried the full command mysql -uroot -pMYPASS MYDBNAME < /var/www/site/db.sql Neither seem to do anything. PHPMYADMIN shows no database tables at all. Running mySQL 5.
View Replies!
View Related
MySQL DB Access Allowed? Are There Any?
For window hosting are there any that offers sql db external access without ip limit? I've seriously requested thought the forums and actually signed up with few but all of em are either offered it but not anymore(security issue) or not even offering at all. If you have any experience with hosting company that actually does offer sql db external access please share please! vps nor dedicated servers are not my choice unfortunatley and i don't think there's any free hosting that offers this. 99% freehostings use localhost
View Replies!
View Related
Mysql Access Denied
I've setup a mysql user and assigned a password for it. When I try logging in to it with Quote: mysql -u USERNAME -p and then providing the password I get an error: Quote: ERROR 1045 (28000): Access denied for user 'USERNAME'@'localhost' (using password: YES) I don't have trouble logging in as root and when I check the user table there, the password assigned to the user is same as the value the mysql function PASSWORD gives me. Really driving me nuts here, why is it telling me the password is wrong when it's not? I've tried: Restarting mysql setting new password changing username Using mysql server 5.1.34
View Replies!
View Related
Mysql Account Access
I run a shared hosting OS:centos with whm/cpanel and would like to restrict access to mysql database example: username:user1 created database:user1_db1,user1_db2 etc.. and can only access his own databases so user2 can't access user1_db1.db2 etc.. and user1 can't access user2_db1,db2 etc..
View Replies!
View Related
|
TRACKER
