提升MySQL數據庫的安全性

1. 更改默認端口（默認3306）

　　能夠從必定程度上防止端口掃描工具的掃描

 

2. 刪除掉test數據庫

drop database test;

 

3. 密碼改的複雜些

# 1 

set password for root@localhost=password('test'); 

# 2
use mysql; 
update user set password=password('test') where user='root'; 
flush privileges; 

4. 刪除默認的用戶

use mysql; 
delete from db; 
delete from user where not(host="localhost" and user="root"); 
flush privileges; 

5. 改變默認mysql管理員的名稱

use mysql;
update user set user="admin" where user="root"; 
flush privileges; 

6. 禁止遠程鏈接mysql
a. 設置賬號不容許從遠程登錄，只能在localhost

use mysql; 
update user set host = '%' where user = 'admin';
select host, user from user; 

 

b. 受權某個特定的用戶能夠從遠程登陸mysql
(1) 設定任務主機，均可以根據某個用戶名|密碼，登陸mysql服務的全部數據庫

grant all privileges on *.* to 'myuser'@'%' identified by 'mypassword' with grant option; 
flush privileges;

 

(2) 設定特定IP的主機，根據某個用戶名|密碼，登陸mysql服務的全部數據庫

grant all privileges on *.* to 'myuser'@'192.168.1.3' identified by 'mypassword' with grant option; 
flush privileges;

 

(3) 設定特定IP的主機，根據用某個戶名|密碼，登陸指定的數據庫(dk--數據庫名)

grant all privileges on dk.* to 'myuser'@'192.168.1.3' identified by 'mypassword' with grant option; 
flush privileges;