bobs
/
cms
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

secure mysql

Browse Source
main
Robert 2 years ago
parent 5de3fbb34e
commit 5e674fd2ba
1 changed files with 21 additions and 2 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 23
      protected/README.MD

23
protected/README.MD
Unescape View File

@ -3,9 +3,18 @@
Original Author: Matt Doyle <https://www.elated.com/cms-in-an-afternoon-php-mysql/> Original Author: Matt Doyle <https://www.elated.com/cms-in-an-afternoon-php-mysql/>
Updates: Robert S. Updates: Robert S.
```
Note: I use the hash sign # to note a comment, do not run it in the terminal.
Note: I use the dollar sign $ for the Linux prompt commands to run.
Note: I use the greater-than sign for > the MySQL prompt commands.
```
## Pull repo ## Pull repo
``` ```
# AS a normal user NOT Root, we will sudo or doas for that from time to time:
$ mkdir -p /var/www
$ sudo groupadd www-data
$ chgrp www-data /var/www
$ cd /var/www $ cd /var/www
$ git clone https://git.mysnippetsofcode.com/bobs/cms $ git clone https://git.mysnippetsofcode.com/bobs/cms
$ cd cms $ cd cms
@ -17,8 +26,12 @@ $ cd cms
$ sudo apt-get install mysql-server $ sudo apt-get install mysql-server
$ sudo systemctl start mysql $ sudo systemctl start mysql
$ sudo systemctl enable mysql $ sudo systemctl enable mysql
# The following script will prompt you to perform various security-related actions. Follow the prompts to set a root password, remove anonymous users, disallow root login remotely, remove the test database, and reload the privilege tables.
$ sudo mysql_secure_installation
# Change this password SJ6G*WyaV7PvvEts@vxjm used below! # Change this password SJ6G*WyaV7PvvEts@vxjm used below in a couple of places!
# Enter your password assigned during setup, create a new user for the app to use.
$ mysql -u root -p $ mysql -u root -p
> CREATE USER 'zoombox'@'localhost' IDENTIFIED BY 'SJ6G*WyaV7PvvEts@vxjm'; > CREATE USER 'zoombox'@'localhost' IDENTIFIED BY 'SJ6G*WyaV7PvvEts@vxjm';
> GRANT ALL ON cms.* TO 'zoombox'@'localhost'; > GRANT ALL ON cms.* TO 'zoombox'@'localhost';
@ -26,11 +39,16 @@ $ mysql -u root -p
``` ```
## Import the tables.sql file: ## Import the tables.sql file:
``` ```
$ pushd protected/src
$ pwd
# You should be in /var/www/cms/protected/src
# Do not use the root user for cms app!
$ mysql -u cms -p cms < tables.sql $ mysql -u cms -p cms < tables.sql
enter this password when prompted: SJ6G*WyaV7PvvEts@vxjm enter this password when prompted: SJ6G*WyaV7PvvEts@vxjm
$ popd
``` ```
The config.php file is in the protected/src folder. You may want to edit the config.php file which is in the protected/src folder.
``` ```
define( "BLOG_NAME", "Widgetz Newz" ); // Display Name for Titles define( "BLOG_NAME", "Widgetz Newz" ); // Display Name for Titles
``` ```
@ -39,6 +57,7 @@ define( "BLOG_NAME", "Widgetz Newz" ); // Display Name for Titles
``` ```
$ pwd $ pwd
# You should be in /var/www/cms # You should be in /var/www/cms
# DO NOT use the root user for cms app!
$ nano .env $ nano .env
DB_TYPE=mysql DB_TYPE=mysql
DB_HOST=127.0.0.1 DB_HOST=127.0.0.1

Write Preview
Loading…
Cancel
Save