Simon Krenger

WordPress MySQL Permissions

, by Simon Krenger

Having security in mind, I had some concerns granting all privileges to the WordPress MySQL user (see the instructions from WordPress):

GRANT ALL PRIVILEGES ON databasename.* TO "wordpressusername" [..]

After all, with these privileges the WordPress user would be able to access other databases on this server and do whatever he likes. WordPress has become very popular and is a known target for exploits and the like (as a quick search on milw0rm.com will confirm). I didn’t like that idea.

So here is what I did:

GRANT SELECT, INSERT, UPDATE, CREATE, DELETE ON wordpress.* TO 'wordpress' IDENTIFIED BY 'mypass';

This works fine so far and I don’t think my WordPress installation needs more privileges. Note that the ALTER and DROP statements are missing from my list, which could interfere with future updates. But we’ll see…

Tags: , , , , ,

Hello world

My name is Simon Krenger, I am a Technical Account Manager (TAM) at Red Hat. I advise our customers in using Kubernetes, Containers, Linux and Open Source.

Blog Categories

  1. Kubernetes / OpenShift
  2. Linux
  3. MySQL
  4. Oracle
  5. Personal
  6. Windows

Elsewhere

  1. GitHub
  2. LinkedIn
  3. GitLab