MySQL / MariaDB security — CyberPanel - WebHosting Control Panel for OpenLiteSpeed
CyberHosting

MySQL / MariaDB security

It seems the default installation settings are used for MariaDB, including anonymous user access, remote IP access and a "test" database. That's fine for initial test deployment, but really bad for production.

MariaDB included a security script to address the issues called [mysql_secure_installation].

But CyberPanel doesn't run this script during the install process, and this can lead to very vulnerable servers. Yes, no, maybe?

Please advise.

Comments

  • OK, so there is no security issue here?
  • An answer from the development team should be appreciated.
  • The issue there is mysql_secure_installation was never intended to be automated so how do you include it in the install?

    The commands required can however be performed of which I have suggested to the dev.

    As far as security goes. It gives access to the test db and any db that has test_

    During your CP install a root password is set and firewall is enabled so your actual risk is very small.
    Cyberpanel Managed & Unmanaged Shared & VPS Hosting by Cyberpanel Experts.
    https://www.cyberhosting.org
    You can now earn with the Cyberhosting affiliate scheme. Join today
    https://www.cyberhosting.org/affiliates/
Sign In or Register to comment.
CyberPanel Discord

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!