For the server itself, don't expose it to the Internet. For MySQL, ensure bind-address is either 127.0.0.1 (for standalone use) or your private IP address (if other machines will be accessing it), and make sure you have firewall rules set up to only allow trusted things to reach it. (The Linode "private" network is private to you and thousands of other random Linodes, so don't trust everything from there, either!)
Ensure that all connections to the database server require a password (or some other secure credential, NOT just a username and an IP address). Also make sure that each application/user has their own username, and that they only have access to the stuff they need. (If a program runs only SELECT queries on one database, just give it SELECT privileges to that database, and no access to other databases.)
Also, read about, and understand how to recognize and avoid,
SQL Injection Vulnerabilities,
especially if you are writing your own code.
NEVER do something like this with user input:
Code:
$offset = $argv[0]; // beware, no input validation!
$query = "SELECT id, name FROM products ORDER BY name LIMIT 20 OFFSET $offset;";
$result = pg_query($conn, $query);
(example borrowed from
here)
_________________
Code:
/* TODO: need to add signature to posts */
FAQ
Search
Members
Register
Login [ Anonymous ]
