This is a 3 part blog series:
You can now grant CREATE USER so that your web apps would be able to use multiple accounts without you risking the end user hijacking the database by changing your root credentials for example. …
Facebook Twitter Google+ LinkedIn
Python 2 reaches EOL on 2020-01-01 and one of its commonly used third-party packages is MySQL-python. If you have not yet migrated away from both of these, since MySQL-python does not support Python 3, then you may have come across some issues if you are using more recent versions of MySQL and are enforcing a secured installation. This post will look at two specific issues that you may come across (caching_sha2_password in MySQL 8.0 and TLSv1.2 with MySQL >=5.7.10 when using OpenSSL) that will prevent you from connecting to a MySQL database and buy …
[Read more]Some time ago, we decided to run KeyChest on a database cluster. Once we actually did it, I started doubting wisdom of this decision and it took a few months to get beyond the stability of a single-node MySQL database. I’ve written a blog post that the encryption should be just as simple as databases
The post MYSQL8 and InnoDB Cluster appeared first on Magic of Security.
MariaDB Server 10.4 came with a whole lot of Security related changes. Some of them are merely optimizations (like MDEV-15649), some improve existing features to be more robust (MDEV-15473, MDEV-7598) or convenient (MDEV-12835, MDEV-16266). Some are MySQL compatibility features, requested by our users (MDEV-7597, MDEV-13095). But the first thing any MariaDB Server user, whether an […]
The post Authentication in MariaDB 10.4 — Understanding the Changes appeared first on MariaDB.org.
MySQL Enterprise Data Masking and De-Identification hides sensitive information by replacing real values with substitutes in order to protect sensitive data while they are still look real and consistent.
Please join Percona’s Information Security Architect, David Bubsy, as he presents his talk Web Application Security – Why You Should Review Yours on March 14th, 2019 at 6:00 AM PDT (UTC-7) / 9:00 AM EDT (UTC-4).
In this talk, we take a look at the whole stack and I don’t just mean LAMP.
We’ll cover what an attack surface is and some areas you may look to in order to ensure that you can reduce it.
For instance, what’s an attack surface?
Acronym Hell, what do they mean?
…
[Read more]Join Percona Support Engineer, Vinicius Grippa, as he presents his talk Enhancing MySQL Security on Thursday, March 7th, 2019 at 7:00 AM PST (UTC-8) / 10:00 AM EST (UTC-5).
Security is always a challenge when it comes to data. What’s more, regulations like GDPR add a whole new layer on top of it, with rules more and more restrictive to access and manipulate data. Join us in this presentation to check security best practices, as well as traditional and new features available for MySQL including features coming with the new …
[Read more]The latest enhancement in ProxySQL v2.0.0 is the native support of Galera Cluster. No more need to use an external script within the scheduler like explained also in this post of ours.
This document will cover how to take an advantage of the new feature and integrate ProxySQL with Percona XtraDB Cluster to monitor galera node status and read-write split performed by ProxySQL. To illustrate we will use a cluster of 3 nodes, below are the details:
| IP address | Hostname |
|---|---|
172.16.1.112
|
db-node01
|
172.16.1.113
|
db-node02
|
| … |
As I discussed in some of my recent talks at conferences (at the
DOAG for example), MySQL 8 came out with new
features which bring lots of improvements in terms of
security.
“At-Rest” encryption has been existing from some releases by
now:
– InnoDB Tablespace Encryption: by 5.7.11
– Redo and Undo Log Data Encryption: by 8.0.1
Now starting from version 8.0.14, you can also encrypt binary and
relay log files. In this blog post we will see how to configure
that and we will do some tests.
Case 1: Binary log files are not encrypted
Binary log files encryption is disables by default:
mysql> show variables like 'binlog_encryption'; +-------------------+-------+ | Variable_name | Value | +-------------------+-------+ | binlog_encryption | OFF | …[Read more]
As I discussed in some of my recent talks at conferences (at the
DOAG for example), MySQL 8 came out with new
features which bring lots of improvements in terms of
security.
“At-Rest” encryption has been existing from some releases by
now:
– InnoDB Tablespace Encryption: by 5.7.11
– Redo and Undo Log Data Encryption: by 8.0.1
Now starting from version 8.0.14, you can also encrypt binary and
relay log files. In this blog post we will see how to configure
that and we will do some tests.
Case 1: Binary log files are not encrypted
Binary log files encryption is disables by default:
mysql> show variables like 'binlog_encryption'; +-------------------+-------+ | Variable_name | Value | +-------------------+-------+ | binlog_encryption | OFF | …[Read more]
