![]() ![]() WordPress Professional Security Services and Consultancy Once the WordPress plugin or WordPress theme is installed, and the required changes to the MySQL database have been applied, you can revert back to data read and data write only permissions. Ideally you should refer to the WordPress Plugin or Theme documentation, or contact the developer to see what MySQL WordPress database privileges the MySQL user needs to install such components. In this case the above configured database permissions (data read and write only) need to be altered for such WordPress plugins and themes to be installed. Special MySQL user database privileges to install plugins and themesĪlthough it is not so common, some WordPress plugins and WordPress themes might need to alter the WordPress MySQL database structure and objects, such as add tables, routines or views. Once the upgrade is successful, you can revert back the changes. In this case it is safe to grant all structure related privileges to the MySQL user being used by WordPress during the WordPress upgrade process only. ![]() When upgrading a WordPress installation, the upgrade process might need to change the WordPress MySQL database structure. MySQL user database privileges for updating WordPress Once ready click on Make Changes button at the bottom of the privileges table to apply the changes. As usual, allow only Select, Insert, Update and Delete as shown in the below screenshot. Once the list of MySQL databases and usernames accessing such databases loads up, click on the username being used to access the WordPress MySQL database to proceed and change the user database privileges. Once you login to your web hosting provider Cpanel, scroll down to the Databases section and click on MySQL databases. Assign READ and WRITE ONLY user privileges using Cpanel * TO with the database name, with the MySQL username and with the host, typically localhost. GRANT SELECT, INSERT, UPDATE, DELETE ON ``. the user specified in the WordPress wp-config.php file. If you are using MySQL command line, you can use the below SQL syntax to assign data read and data write only privileges to the user which WordPress will be using to access the MySQL database, i.e. Assign MySQL user privileges using MySQL command line Once you assign the required privileges, click on the Go button to apply the privileges. ![]() ![]() So in this case only allow the below list of permissions under the data column, as seen in the below screenshot: In the below example the WordPress MySQL database is ‘pr34r8ijf21’.Īssign the user privileges to the WordPress MySQL databaseįor normal WordPress operation the MySQL user only needs to read and write data from and to the database. Once in the users’s privileges window, scroll down to the section Database-Specific privileges and from the drop down menu select the WordPress MySQL database. Select the WordPress MySQL database to assign privileges to the user Once logged in to the MySQL phpMyAdmin web interface (accessible via most hosting providers Cpanel), click on the Users tab and then on the Edit Privileges of the MySQL user you are using to access the WordPress MySQL database as highlighted in the below screenshot. How to assign DATA READ and WRITE only database privileges Edit database privileges of the MySQL user with phpMyAdmin The MySQL user does not need to alter the database structure or any type of administrative permissions on the database, such as Grant. Secure WordPress MySQL database user privilegesįor normal WordPress blog or website operations, such as posting blog posts, uploading media files, posting comments, creating new WordPress users and installing WordPress plugins, the MySQL user used from WordPress to connect to the MySQL database only needs DATA READ and DATA WRITE access to the MySQL databases. Though this should be just a temporary measure until the WordPress installation creates all the necessary tables and other database objects in the MySQL database for WordPress to function. It is acceptable to allow ALL database privileges to the MySQL user you will be using in the WordPress wp-config.php file during installation. the user specified in WordPress wp-config.php file. As seen in Why minimum MySQL user WordPress database privileges improve security, it is very important to assign the minimum required database privileges to the MySQL user being used by WordPress to access the MySQL WordPress database, i.e. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |