Database Security & Admin Privileges

Protection Requirement:

OPTIONAL

Skills/Resources:

>Understanding of database privileges

THE THREAT
MySQL DROP, ALTER and GRANT database privileges can be used reek havoc if a site is compromised.

THE OBJECTIVE
Revoke database privileges not required for normal operation.

PROPOSED SOLUTION
Normal WordPress operation such as blog posting, commenting, uploading media, adding users and installing most plugins only require data read and data write privileges to the MySQL database; SELECT, INSERT, UPDATE and DELETE.

Database admin privileges, such as DROP, ALTER and GRANT can be revoked. Revoking such privileges will improve the containment in the event of the site being compromised.

WARNING

There are plugins, themes and some major WordPress updates that might require structural changes to the database such as adding new tables or changes to the scheme. You need to be aware of these before proceeding to install or update software, and temporarily allow the database user the required admin privileges.

If you attempt such updates without having these privileges, this can cause problems when database schema changes occur.

Unless you are sure you understand this and exactly what privileges are needed, it is NOT recommended to revoke these privileges.

If you still want to implement this security measure, we recommend that you have a solid backup plan in place first. This means regular whole database backups which you have tested and can be easily restored.

Generally only major WordPress updates will make changes to the schema. As a general rule miner ones do not. If you experience a failed database upgrade, this can usually be fixed by restoring the database back to the previous version, and by then granting the required permissions.

MORE ADVANCED
none

NEED HELP?
If you need help implementing this and other security measures then Virtual Webmaster Services can help. Visit Virtual Webmaster Services

RESOURCES
none