MYSQL wordpress user PRIVILEGES – using ONLY the necessary privileges to increase SECURITY

Hey guys, so I’m new to WP and been playing around with it hosting multiple wp sites on a raspberry pi, simulating Im manually installing WP on a linux server.

I’ve been reading about “privileges” that are given to Mysql users that connect to the wp website, and that ONLY give the necessary privileges and to NEVER use the root user.

QUESTIONS:

1. An article said that the new Mysql user (the user we include in wp-config.php) should ONLY require “Data Read” and “Data Write”. Is this correct?
2. Also, they say to always create and use a different MYSQL user for each wordpress site, meaning each database will have it’s own user with lmited privileges. Is this a must when you are the ONLY person with the server credentials? Can I use just 1 limited user for all 5 websites (5 databases)?
3. What are some security best practices you use when building wordpress sites and configuring the server settings?

Thanks.

1 Comment
  1. In general it is considered best practice to limit the permissions of any system to the minimum necessary: https://en.wikipedia.org/wiki/Principle_of_least_privilege

    That said – the wp db user needs all privileges.

    From wp.org: https://wordpress.org/support/article/creating-database-for-wordpress/#using-the-mysql-client

    From wpse: https://wordpress.stackexchange.com/a/8603

    It is possible to lock things down a bit more, but it is likely to break the site (for example with new plugin installation or just an update) and require some troubleshooting: https://wordpress.org/support/article/hardening-wordpress/#restricting-database-user-privileges

    And as for security best practices – start by reading the rest of the “hardening wordpress” page linked above.

 

This site will teach you how to build a WordPress website for beginners. We will cover everything from installing WordPress to adding pages, posts, and images to your site. You will learn how to customize your site with themes and plugins, as well as how to market your site online.

Your Advertisement Here