I am teaching myself to use mysql and php
I have installed MysqlAdmin which I have succesfully used to set up a test database 'houses' with approx 1200 records.
I am now anxious to make my setup 'secure', but am having some difficulties
I have set up mysql as follows:
host: 'localhost' user: 'admin' password: '*******' (full set of privileges)
This works OK for access via localhost, i.e. my password is required but
1) I can access mysql via MysqlMan with full privileges by logging on as
host:" *******.serve.co.uk" (my root host address) user: admin without the need for a password.
I edited the mySql user table via mySqlAdmin and deleted two rows containing hostname *******.serve.co.uk' but this did not stop me accessing mysql as above.
Q1: How do I password protect or disable access via host ******.serve.co.uk user 'admin'?
2) I set up a new user 'shakespeare' to access only the database shakespeare as follows:
shell> mysql --user=admin --password=****** mysql
mysql> GRANT USAGE ON shakespeare.* TO shakespeare@localhost
mysql> user/bin/mysqladmin -u shakespeare hamlet
This kind of worked, so that I can login to MysqlMan using username 'shakespeare' password 'hamlet'
But after logging in as shakespeare, I can read all the other databases on localhost including mysql. Shouldn't I only see db 'shakespeare'?
Also 'shakespeare' is not listed as a user in mysql user table viewed through MySqlMan
Q2: How do I restrict user shakespeare to only see database 'shakespeare'?
MySqlMan mysql.cfg is set up as follows:
# CONNECTION
# --------------------------------------------------------
# Mysqlman allows user to skip the login page and connect
# to a database directly. (On = 1, Off = 0)
direct_connect => 0,
# Database used.
direct_db => 'mysql',
# Host to connect to.
direct_host => 'localhost',
# Port. Standard port will be used if not specified.
direct_port => '',
# User name and password.
direct_user => 'root',
direct_pass => '*********',
I am a beginner at this and though I have looked at the Privileges section of the mysql user manual on the mysql website I am still a bit perplexed.
Any responses to Q1 and Q2 above would be helpful or perhaps I am missing something fundamental here.
Do I need to do anything else to 'root' ? I have password protected this
I have installed MysqlAdmin which I have succesfully used to set up a test database 'houses' with approx 1200 records.
I am now anxious to make my setup 'secure', but am having some difficulties
I have set up mysql as follows:
host: 'localhost' user: 'admin' password: '*******' (full set of privileges)
This works OK for access via localhost, i.e. my password is required but
1) I can access mysql via MysqlMan with full privileges by logging on as
host:" *******.serve.co.uk" (my root host address) user: admin without the need for a password.
I edited the mySql user table via mySqlAdmin and deleted two rows containing hostname *******.serve.co.uk' but this did not stop me accessing mysql as above.
Q1: How do I password protect or disable access via host ******.serve.co.uk user 'admin'?
2) I set up a new user 'shakespeare' to access only the database shakespeare as follows:
shell> mysql --user=admin --password=****** mysql
mysql> GRANT USAGE ON shakespeare.* TO shakespeare@localhost
mysql> user/bin/mysqladmin -u shakespeare hamlet
This kind of worked, so that I can login to MysqlMan using username 'shakespeare' password 'hamlet'
But after logging in as shakespeare, I can read all the other databases on localhost including mysql. Shouldn't I only see db 'shakespeare'?
Also 'shakespeare' is not listed as a user in mysql user table viewed through MySqlMan
Q2: How do I restrict user shakespeare to only see database 'shakespeare'?
MySqlMan mysql.cfg is set up as follows:
# CONNECTION
# --------------------------------------------------------
# Mysqlman allows user to skip the login page and connect
# to a database directly. (On = 1, Off = 0)
direct_connect => 0,
# Database used.
direct_db => 'mysql',
# Host to connect to.
direct_host => 'localhost',
# Port. Standard port will be used if not specified.
direct_port => '',
# User name and password.
direct_user => 'root',
direct_pass => '*********',
I am a beginner at this and though I have looked at the Privileges section of the mysql user manual on the mysql website I am still a bit perplexed.
Any responses to Q1 and Q2 above would be helpful or perhaps I am missing something fundamental here.
Do I need to do anything else to 'root' ? I have password protected this