If you don't forward ports 80, 443, or 3306 (http,https, and MySQL) on your router and your machine is not directly connected to internet, there are no securitry issues to button up really.
Generally you should have one MySQL user per 'type' of application. The 'root' user should be secured on all hosts. MySQL defines users in terms of host connections. So there is a 'root' @ 'localhost', which has a separate set of permissions/privileges from 'root' @ '%' any host (which should be narrower probably) or 'root' @ 'xxx.yy.zz.nn' or 'root' @ 'host.domain.tld' (meaning 'root' logging in FROM those hosts) EACH has its own entry in the mysql/user table - which means they are treated separately. 'pma' is a special user for phpMyAdmin. If you examine the 'Any' entries, you should see they have 'no' privileges.
GO to Database>mysql>table>user and you can browse what is going on...
- Code: Select all
SQL result
Host: localhost
Database: mysql
Generation Time: Nov 19, 2012 at 11:45 PM
Generated by: phpMyAdmin 3.5.2 / MySQL 5.5.25a
SQL query: SELECT * FROM `user` LIMIT 0, 30 ;
Rows: 7 Host User Password Select_priv Insert_priv Update_priv Delete_priv Create_priv Drop_priv Reload_priv Shutdown_priv Process_priv File_priv Grant_priv References_priv Index_priv Alter_priv Show_db_priv Super_priv Create_tmp_table_priv Lock_tables_priv Execute_priv Repl_slave_priv Repl_client_priv Create_view_priv Show_view_priv Create_routine_priv Alter_routine_priv Create_user_priv Event_priv Trigger_priv Create_tablespace_priv ssl_type ssl_cipher x509_issuer x509_subject max_questions max_updates max_connections max_user_connections plugin authentication_string
localhost root *1148F7B52BFDDB63C95CC73056410AD3A70F Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y [BLOB - 0 B] [BLOB - 0 B] [BLOB - 0 B] 0 0 0 0 [BLOB - 0 B]
linux root Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y [BLOB - 0 B] [BLOB - 0 B] [BLOB - 0 B] 0 0 0 0 [BLOB - 0 B]
localhost *61843C6664DA1312B5F4716ED62152FF4B20 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N [BLOB - 0 B] [BLOB - 0 B] [BLOB - 0 B] 0 0 0 0 [BLOB - 0 B]
linux N N N N N N N N N N N N N N N N N N N N N N N N N N N N N [BLOB - 0 B] [BLOB - 0 B] [BLOB - 0 B] 0 0 0 0 [BLOB - 0 B]
localhost pma N N N N N N N N N N N N N N N N N N N N N N N N N N N N N [BLOB - 0 B] [BLOB - 0 B] [BLOB - 0 B] 0 0 0 0 [BLOB - 0 B]
% jonb *05363F68CCCC3F775C0AF7541DA7E682E048 N N N N N N N N N N N N N N N N N N N N N N N N N N N N N [BLOB - 0 B] [BLOB - 0 B] [BLOB - 0 B] 0 0 0 0 [BLOB - 0 B]
localhost ODBC N N N N N N N N N N N N N N N N N N N N N N N N N N N N N [BLOB - 0 B] [BLOB - 0 B] [BLOB - 0 B] 0 0 0 0 [BLOB - 0 B]
You can also read what this guy
wrote other XAMPp security stuff:
http://bravo.newnetenterprises.com/word ... -security/Little has changed since I wrote that... But I see I should add a section on MySQL users.
Good Luck