mysql_secure_installation

Start an interactive setup

$ mysql_secure_installation

$ mysql_secure_installation --host [host] --port [port]

$ mysql_secure_installation --help

mysql_secure_installation

N/A
    The script is interactive and does not accept command-line arguments. It presents a series of prompts to the user.

The mysql_secure_installation command is a script provided with MySQL and MariaDB that helps to improve the security of your database server. It guides you through a series of prompts to configure crucial security settings, such as setting a root password, removing anonymous user accounts, disallowing remote root login, and removing the test database. Running this script is highly recommended after installing MySQL or MariaDB to protect your database from unauthorized access and potential security vulnerabilities. It's an interactive tool, meaning it asks you questions and applies changes based on your answers. By addressing common weaknesses in default MySQL/MariaDB installations, it substantially reduces the risk of compromise. After running the command, you may need to restart the database server to apply all the changes.

This script modifies the MySQL/MariaDB configuration and user accounts directly. Back up your database before running.
If you've already performed these steps manually, this script might overwrite your existing configurations.

The script typically prompts for the following:
*Setting a password for root accounts.
*Removing anonymous user accounts.
*Disallowing remote root login.
*Removing the test database and access to it.

After running the script, it's advisable to log in to the MySQL/MariaDB server and verify that the changes have been applied correctly. This includes checking the root password, user accounts, and permissions.

Run this script immediately after installing MySQL or MariaDB, or after resetting the root password. Avoid running the script repeatedly without understanding the consequences, as it might revert previous manual configurations.

The mysql_secure_installation script has been a standard part of MySQL and MariaDB distributions for many years. It was introduced to address the common problem of insecure default configurations in new database server installations. Over time, the script has been updated to incorporate new security best practices and address emerging threats. Its primary purpose is to simplify the process of securing a MySQL or MariaDB server for administrators of all skill levels.

mysql(1), mariadb(1), mysqld(8)