Select Page

How to secure database server

How to secure database server

From credit card details to health records, everything is stored in a database these days. For a hacker, a database is a gold mine. In fact, the purpose of a majority of cyber attacks is to get access to a database.

The security of a database server depends  a lot on operating system hardening, network security and physical security. It’s a big list, but since we’ve already covered it in a previous post, today, we’ll take a more focused look at how to secure database server.

Read : A complete list of how to secure a server

1. Enforce a strong password policy

Configure your database to REQUIRE a strong password while creating a user. Some servers like MSSQL has built-in password validation features, while others like MySQL requires you to install additional plugins (eg. validate_password plugin).

Enforce a password policy that sets a password length of 20+ characters, and blocks dictionary words.

how to secure database - strong password

There are utilities like “mkpassword” in Linux servers that can help you generate strong passwords

Read : How Bobcares achieves high uptime and security in Linux servers

2. Remove all default users and demo/test databases

Almost all database servers come with a few demo databases and users. These details are public information. So, anyone can login to your server using these details to collect database or user information.

Delete these users and databases as soon as you create your databases.

Read : How to detect un-authorized login using an Intrusion Detection System

3. Change the name of the admin user

If attackers know the administrator username, they only need to guess the password. For many database servers, the administrator username is set by default. For eg. for MySQL it’s “root”.

Change the admin username for additional security.

how to secure database - admin user name

Who said admin usernames have to be short? You should be using password managers anyway.

Read : How to detect vulnerabilities in your server using OpenVAS

NEXT PAGE >>

 

For as low as

$74.99/server/mo

Get full spectrum infrastructure management services – including setup, monitoring & maintenance.

Never again face a critical business downtime. We keep your servers secured, optimized and updated at all times. Our engineers monitor your servers 24/7 and fix issues before it can affect your customers.

SEE SUPPORT PLANS


Submit a Comment

Your email address will not be published. Required fields are marked *

Bobcares
Bobcares is a server management company that helps businesses deliver uninterrupted and secure online services. Our engineers manage close to 51,500 servers that include virtualized servers, cloud infrastructure, physical server clusters, and more.
MORE ABOUT BOBCARES

Privacy Preference Center

    Necessary

    Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

    PHPSESSID - Preserves user session state across page requests.

    gdpr[consent_types] - Used to store user consents.

    gdpr[allowed_cookies] - Used to store user allowed cookies.

    PHPSESSID, gdpr[consent_types], gdpr[allowed_cookies]
    PHPSESSID
    WHMCSpKDlPzh2chML

    Statistics

    Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

    _ga - Preserves user session state across page requests.

    _gat - Used by Google Analytics to throttle request rate

    _gid - Registers a unique ID that is used to generate statistical data on how you use the website.

    smartlookCookie - Used to collect user device and location information of the site visitors to improve the websites User Experience.

    _ga, _gat, _gid
    _ga, _gat, _gid
    smartlookCookie

    Marketing

    Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

    IDE - Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.

    test_cookie - Used to check if the user's browser supports cookies.

    1P_JAR - Google cookie. These cookies are used to collect website statistics and track conversion rates.

    NID - Registers a unique ID that identifies a returning user's device. The ID is used for serving ads that are most relevant to the user.

    DV - Google ad personalisation

    IDE, test_cookie, 1P_JAR, NID, DV, NID
    IDE, test_cookie
    1P_JAR, NID, DV
    NID