Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum
Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. WordPress (Developer)
  3. MySql Grant All Permissions - remove those unnecessary

MySql Grant All Permissions - remove those unnecessary

Scheduled Pinned Locked Moved WordPress (Developer)
5 Posts 4 Posters 765 Views 4 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • marcusquinnM Offline
    marcusquinnM Offline
    marcusquinn
    wrote on last edited by
    #1
    • https://hidemywpghost.com/how-to-grant-and-revoke-permissions-to-database-using-phpmyadmin/

    For WordPress website, you can leave only the following permissions enabled:

    SELECT
INSERT
UPDATE
DELETE
ALTER (for updates)
CREATE TABLE
DROP TABLE
INDEX

    Web Design https://www.evergreen.je
    Development https://brandlight.org
    Life https://marcusquinn.com

    humptydumptyH JOduMonTJ 2 Replies Last reply
    1
    • marcusquinnM marcusquinn
      • https://hidemywpghost.com/how-to-grant-and-revoke-permissions-to-database-using-phpmyadmin/

      For WordPress website, you can leave only the following permissions enabled:

      SELECT
INSERT
UPDATE
DELETE
ALTER (for updates)
CREATE TABLE
DROP TABLE
INDEX
      humptydumptyH Offline
      humptydumptyH Offline
      humptydumpty
      wrote on last edited by
      #2

      @marcusquinn Cool stuff! Does this also apply to WooCommerce sites?

      marcusquinnM 1 Reply Last reply
      0
      • humptydumptyH humptydumpty

        @marcusquinn Cool stuff! Does this also apply to WooCommerce sites?

        marcusquinnM Offline
        marcusquinnM Offline
        marcusquinn
        wrote on last edited by
        #3

        @humptydumpty Yes. Minor risk, but a risk all the same. Doesn't do any harm to harden to best practice and minimising permissions.

        Web Design https://www.evergreen.je
        Development https://brandlight.org
        Life https://marcusquinn.com

        1 Reply Last reply
        1
        • marcusquinnM marcusquinn
          • https://hidemywpghost.com/how-to-grant-and-revoke-permissions-to-database-using-phpmyadmin/

          For WordPress website, you can leave only the following permissions enabled:

          SELECT
INSERT
UPDATE
DELETE
ALTER (for updates)
CREATE TABLE
DROP TABLE
INDEX
          JOduMonTJ Offline
          JOduMonTJ Offline
          JOduMonT
          wrote on last edited by
          #4

          @marcusquinn while it may cause issue with fee plugins, it is also possible to remove even more rights
          by adding a specific user for update
          https://wordpress.stackexchange.com/questions/6424/mysql-database-user-which-privileges-are-needed

          1 Reply Last reply
          0
          • girishG Offline
            girishG Offline
            girish
            Staff
            wrote on last edited by
            #5

            It's mostly this way already. The credentials given to an app do not allow the app to operate outside the scope of the database. The app cannot drop the database as well. But it's allowed to do whatever it wants inside it's own database.

            1 Reply Last reply
            0
            • P p44 referenced this topic on
            Reply
            • Reply as topic
            Log in to reply
            • Oldest to Newest
            • Newest to Oldest
            • Most Votes

            • Login
            • Don't have an account? Register
            • Login or register to search.
            • First post
              Last post
            0
            • Categories
            • Recent
            • Tags
            • Popular
            • Bookmarks
            • Search