Answering that question of database security

mysql -u root -p

be aware of prompts + finish with semicolon….     \c = cancel \q = quit

SHOW DATABASES;  use mysql; delete from user where User=”; \q

mysqlqdmin -u root -p reload    [now no more anonymous users]

[nb: make sure you also protect wp-config.php and .htaccess 644 + special entries in .htaccess]

for both files:
<files wp-config.php>
    order allow,deny
    deny from all
</files>
[note can also get plugin to change table prefix] + should also enter ‘salts’ whatever they are
Advertisements

About peterpragmatist

Passionate about people and improving communication. Love to relax playing basketball, listening to music or having a quiet chat with some friends.
Aside | This entry was posted in Uncategorized. Bookmark the permalink.

2 Responses to Answering that question of database security

  1. THIS STOPS Apache SERVING THE PAGES!!!! ..the problem is the above changes to htaccess + file permissions (i think especially because i have changed ownership of all the files to peter (instead of root) for using eclipse as peter… Query: do i fix this by chaning ownership? OR do I use suEXEC to allow apache to run as superuser????

  2. recommended?

    Root directory 0755
    wp-admin 0755
    wp-content 0755
    wp-includes 0755
    .htaccess 0640
    readme.html 0400
    wp-config.php 0644
    wp-admin/index.php 0644
    wp-admin/.htaccess 0640

    It is a security risk to have your files writable! Please make sure that after running this script, the wp-config.php file’s permissions are set to 0644 or to a more restrictive one.

    The suggested permissions are still secure but more permissive in order to not break some servers’ setups. If you’re existent file permissions are more restrictive, ex: 0750 instead of the suggested 0755 then you have no reason to change it to the suggested 0755 permissions.

    For Directories:

    find /path/to/your/wordpress/install/ -type d -exec chmod 755 {} \;

    For Files:

    find /path/to/your/wordpress/install/ -type f -exec chmod 644 {} \;

    Regarding Automatic Updates

    When you tell WordPress to perform an automatic update, all file operations are performed as the user that owns the files, not as the web server’s user. All files are set to 0644 and all directories are set to 0755, and writable by only the user and readable by everyone else, including the web server.
    [note: for ftp to work.. then ftp group needs write access to plugins (and possibly includes??)
    so change files recursivly to 664 or 660:
    find www/wp-content -type f -exec chmod 664 {} \;

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s