Reputation: 1091
Isolating php from accessing other mysql databases
I've discovered that apache2 is able to "isolate" php from accessing to other , not specified, directories using this rule in virtual host:
php_admin_value open_basedir /path/to/your/virtualroot:/some/other/path
Now i need to restrict also mysql access for that specific virtualhost to a specific database. I would avoid just user/password to protect them to avoid bruteforce.
Is there any solution for it?
Upvotes: 0
Views: 39
Answers (1)
Reputation: 21
No, you can only restrict it per user. For example you can restrict the access through the mysql user and use the specific user for the domain (/VirtualHost).
I usually create a mysql user and give it access to all databases that have that username as a prefix:
CREATE USER 'someuser'@'localhost' IDENTIFIED BY 'somepass';
GRANT ALL ON `someuser\_%`.* to `someuser`@`localhost`;
So someuser is going to have full access to all databases that start with: someuser_. (for example: someuser_wordpress, someuser_drupal, etc...). User only see the databases, they have permission to.
You can also restrict the access to a single database as well:
GRANT ALL ON `databasename`.* to `someuser`@`localhost`;
Upvotes: 2
Related Questions
- Export and Import all MySQL databases at once
- Deleting an element from an array in PHP
- PHP date() format when inserting into datetime in MySQL
- MySQL Error 1093 - Can't specify target table for update in FROM clause
- Returning JSON from a PHP Script
- How do I pass variables and data from PHP to JavaScript?
- Convert from MySQL datetime to another format with PHP