The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

mySQL Security Question

Discussion in 'Database Discussions' started by Belaird, Apr 20, 2011.

  1. Belaird

    Belaird Well-Known Member

    Joined:
    Jun 24, 2004
    Messages:
    59
    Likes Received:
    0
    Trophy Points:
    6
    I was browsing my server's databases from WHM > phpmyadmin and looked the privileges for a particular database, and found entries I did not expect
    belairda 24.30.36.128 wildcard: belairda\_% ALL PRIVILEGES No Edit Privileges
    database-specific ALL PRIVILEGES No Edit Privileges
    belairda 62.44.82.10 wildcard: belairda\_% ALL PRIVILEGES No Edit Privileges
    database-specific ALL PRIVILEGES No Edit Privileges
    belairda 62.44.82.100 wildcard: belairda\_% ALL PRIVILEGES No Edit Privileges
    database-specific ALL PRIVILEGES No Edit Privileges
    belairda 71.198.90.169 wildcard: belairda\_% ALL PRIVILEGES No Edit Privileges
    database-specific ALL PRIVILEGES No Edit Privileges
    belairda bikerides.no-ip.org wildcard: belairda\_% ALL PRIVILEGES No Edit Privileges
    and
    root server.flx.com.au global ALL PRIVILEGES Yes

    I assume these were created by some sort of exploit n the past and not suppose to be there. More recently create db's don't have these privileges.

    So my question is can I remove these safely and how?
     
  2. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Do you have database prefixing on or off on your machine in WHM > Disable Database Prefix area? If you have database prefixing enabled, then you'll get grants similar to the following for any cPanel username accounts upon creation:

    I just tested this by adding a user to get the grants that exist for that user.

    If you have database prefixing disabled, then you'll get grants similar to the following upon adding a cPanel account user:

     
  3. Belaird

    Belaird Well-Known Member

    Joined:
    Jun 24, 2004
    Messages:
    59
    Likes Received:
    0
    Trophy Points:
    6
    I have prefixing on, what are the consequences to existing databases if I turn it off?

    And should it be off?
     
    #3 Belaird, Apr 22, 2011
    Last edited: Apr 22, 2011
  4. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    There are no consequences to existing databases if you turn it off. Those databases should continue to function normally. If you turn it off, users will no longer be required to have their username at the beginning of each database name or each database user's name.

    As for whether it should be off, that would be your choice. Most people do not turn off database prefixing unless they are going to migrate from another control panel besides cPanel. If they will be migrating accounts to their machine that do not have prefixing for the database names, it makes sense to turn off database prefixing. If that isn't the case for your machine(s), then you probably wouldn't need turn it off.

    We have a white paper that talks further about database prefixing at the following location:

    http://www.cpanel.net/DBMappingWhitePaper_r10.pdf
     
  5. smithseo

    smithseo Registered

    Joined:
    Apr 26, 2011
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Thanks to providing me such kind of awareness on Mysql security
     
Loading...

Share This Page