What is the most secure way to set up the MySQL user in WPMU?

I am setting up Subdomain based MU on my domain.Everything is hosted by me running on one CentOS/Webmin VPS. Will I be better off setting the MySQL user’s domain as localhost, 127.0.0.1 or with a wildcard %.mydomain.com? Which is more secure? Is localhost === 127.0.0.1? If not what is the difference?

Also, what is my domain from MySQL’s or WordPress’ pov when I am connected by ssh terminal? How about When I connect by Webmin or Usermin? I know that does not appear directly WordPress related, but My Usermin users will be power bloggers who need Superuser privileges, so I need to provide a clean interface. I am thinking about providing a plugin.

Read More

Any MySQL gurus out there?

Related posts

Leave a Reply

1 comment

  1. I am setting up Subdomain based MU on my domain.

    Just remember, what used to be called “WordPress MU” is now “WordPress Multisite.” It’s not a separate application, just a configuration setting you use within WordPress.

    Will I be better off setting the MySQL user’s domain as localhost, 127.0.0.1 or with a wildcard %.mydomain.com? Which is more secure?

    In terms of security, you’re best sticking with something local. You don’t want the outside world to be able to talk to MySQL at all. I’d recommend either localhost or whatever the local domain might be.

    Is localhost === 127.0.0.1? If not what is the difference?

    Typically, yes. Well, that is the default anyway. In some (very rare) instances I’ve seen localhost set to a different IP address, but if you’ve got a fresh install of CentOS, then localhost and 127.0.0.1 are essentially interchangable.

    Also, what is my domain from MySQL’s or WordPress’ pov when I am connected by ssh terminal?

    As far as WordPress is concerned it will be localhost if MySQL is running on the same machine. As far as ssh is concerned, you don’t really need to use a domain … just type mysql from the command line to interact with it.

    How about When I connect by Webmin or Usermin? I know that does not appear directly WP related, but My Usermin users will be power bloggers who need Superuser privileges, so I need to provide a clean interface. I am thinking about providing a plugin.

    Even if your users are superusers, I would strongly recommend against giving them any kind of direct access to the database. You can seriously mess up your DB if you start running random queries on it, and the relational parts of the DB (i.e. post meta) are best used directly through WordPress’ API.

    So don’t create DB users for your actual physical users. Instead, create a DB user for WordPress and provide individual (perhaps Administrator?) accounts within WordPress to your individual users.