Home >Operation and Maintenance >Linux Operation and Maintenance >How to protect data in CentOS servers using secure database access control

How to protect data in CentOS servers using secure database access control

WBOY
WBOYOriginal
2023-07-05 14:53:571069browse

How to use secure database access control to protect data in CentOS servers

With the development of the information age, data security and protection are becoming more and more important. CentOS, as a popular operating system, is widely used for the management of enterprise servers and databases. This article will introduce how to use secure database access control to protect data in CentOS servers.

1. Install and configure the database

First, we need to install the database. Here we take MySQL as an example.

1. Install the MySQL database
In the CentOS server, use the following command to install the MySQL database:

sudo yum install mysql-server

2. Start the MySQL database
Use the following command to start the MySQL database service:

sudo systemctl start mysqld

3. Configure MySQL database
Execute the following command to configure the MySQL database, set the root user password and other necessary settings:

sudo mysql_secure_installation

2. Create database and user

In MySQL, we need to create the database and user and grant the appropriate permissions to the user.

1. Log in to MySQL
Use the following command to log in to the MySQL database:

mysql -u root -p

Enter the password of the root user and press Enter to log in.

2.Create database
Use the following command to create a new database:

CREATE DATABASE mydatabase;

3.Create user
Use the following command to create a new user and set the settings for the user Password:

CREATE USER 'myuser'@'localhost' IDENTIFIED BY 'mypassword';

4.Grant permissions
Use the following command to grant the user access to the database:

GRANT ALL PRIVILEGES ON mydatabase.* TO 'myuser'@'localhost';

5.Refresh permissions
Execute the following command to ensure that the changes take effect:

FLUSH PRIVILEGES;

3. Use access control rules to protect the database

In addition to the basic settings of the database, we can also use access control rules to enhance the security of the database.

1. Disable remote access
If you only allow local access to the database, you can disable remote access by editing the MySQL configuration file.

Find and open the MySQL configuration file:

sudo vi /etc/my.cnf

Add the comment symbol "#" to the following line to make it a comment line:

# bind-address = 127.0.0.1

Save and close the file.

2. Set password policy
You can set a password policy by modifying the MySQL configuration file to require users to use strong passwords and change passwords regularly.

Locate and open the MySQL configuration file:

sudo vi /etc/my.cnf

Add the following lines under the [mysqld] section:

validate_password_policy=STRONG
validate_password_length=8

Save and close the file.

3. Enable logging
MySQL's logging function can record database operations and access logs for auditing and security analysis.

Locate and open the MySQL configuration file:

sudo vi /etc/my.cnf

Add the following lines under the [mysqld] section:

general_log=1
general_log_file=/var/log/mysql/query.log

Save and close the file.

Restart the MySQL service for the changes to take effect:

sudo systemctl restart mysqld

4. Summary

By installing and configuring secure database access control, we can protect the data security in the CentOS server. In addition to setting up databases and users, you can also disable remote access, set password policies, and enable logging to enhance database security. At the same time, regularly upgrading and updating the operating system and database software are also important steps in maintaining server security. I hope this article is helpful to you, thank you for reading!

The above is the detailed content of How to protect data in CentOS servers using secure database access control. For more information, please follow other related articles on the PHP Chinese website!

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn