Securing your new MySQL installation with /usr/bin/mysql_secure_installation

After you install MySQL you need to secure it. By default MySQL’s account for ‘root’ does not have a password associated for it, and the server also includes a demo database and all the permissions associated with it. If this server is going to be public or used for anything remotely serious we need to beef up security a bit.

And thats where mysql_secure_installation comes in.

Let’s begin!

After MySQL is installed it will prompt you to run the following command, so that is what we are going to do now!

/usr/bin/mysql_secure_installation

Then you should be greeted by a message asking you to enter the current root password, as there is no current root password we can just hit enter!

Next it will ask us if we want to set a password for root, to this we should say yes!

Now it will ask us for a new password, and then ask us to confirm it, go ahead!

Great now you should see the following success messages and then it should ask us if we want to remove anonymous users, yes we do!

Next it will ask us if we want to allow or disallow root to login remotely, ideally you shouldn’t allow this but there are circumstances where you may want to allow it. In this tutorial we’re going to say we don’t want root to be able to login from anywhere other than localhost, but if your preference is otherwise please google up some information about the subject first! 🙂

Next it will ask us if we want to delete the test database and associated permissions – yes we want to do this!

Lastly it will ask if we want to reload the privilage table, which means our settings will come into immediate effect, to this we will again say yes!

And you’re done! You should see the following message:

This means your server is now post install secure, congrats!

Xavier

Xavier is an AWS Certified Developer (Assoc), AWS Certified Systems Architect (Assoc), AWS Certified SysOps Administrator (Assoc), a MCSD Certified Professional and a general mad scientist without the sciency qualifications.

Leave a Reply

Your email address will not be published. Required fields are marked *