Select Page

How to secure database server

How to secure database server

From credit card details to health records, everything is stored in a database these days. For a hacker, a database is a gold mine. In fact, the purpose of a majority of cyber attacks is to get access to a database.

The security of a database server depends  a lot on operating system hardening, network security and physical security. It’s a big list, but since we’ve already covered it in a previous post, today, we’ll take a more focused look at how to secure database server.

Read : A complete list of how to secure a server

1. Enforce a strong password policy

Configure your database to REQUIRE a strong password while creating a user. Some servers like MSSQL has built-in password validation features, while others like MySQL requires you to install additional plugins (eg. validate_password plugin).

Enforce a password policy that sets a password length of 20+ characters, and blocks dictionary words.

how to secure database - strong password

There are utilities like “mkpassword” in Linux servers that can help you generate strong passwords

Read : How Bobcares achieves high uptime and security in Linux servers

2. Remove all default users and demo/test databases

Almost all database servers come with a few demo databases and users. These details are public information. So, anyone can login to your server using these details to collect database or user information.

Delete these users and databases as soon as you create your databases.

Read : How to detect un-authorized login using an Intrusion Detection System

3. Change the name of the admin user

If attackers know the administrator username, they only need to guess the password. For many database servers, the administrator username is set by default. For eg. for MySQL it’s “root”.

Change the admin username for additional security.

how to secure database - admin user name

Who said admin usernames have to be short? You should be using password managers anyway.

Read : How to detect vulnerabilities in your server using OpenVAS

NEXT PAGE >>

 

For as low as

$74.99/server/mo

Get full spectrum infrastructure management services – including setup, monitoring & maintenance.

Never again face a critical business downtime. We keep your servers secured, optimized and updated at all times. Our engineers monitor your servers 24/7 and fix issues before it can affect your customers.

SEE SUPPORT PLANS


Submit a Comment

Your email address will not be published. Required fields are marked *

Bobcares
Bobcares is a server management company that helps businesses deliver uninterrupted and secure online services. Our engineers manage close to 51,500 servers that include virtualized servers, cloud infrastructure, physical server clusters, and more.
MORE ABOUT BOBCARES