MySQL App User Privileges

Here is a basic MySQL tip regarding application users:

When building applications that use MySQL, it is a best practice to create a MySQL application user that is dedicated to your app and has privileges to access only the database it is assigned.

With the latest version of phpMyAdmin, you can do this all in one step in the Add New User screen. Look for this fieldset and check the “Create database with same name and grant all privileges” box:

Database for user

You can then retract privileges from the given database, i.e. like if the app is only going to need SELECT and you are uploading tables manually, then you can uncheck everything except the SELECT box. Or maybe the user needs only standard CRUD operations, in which you can assign it SELECT, INSERT, UPDATE, and DELETE. As a best practice, you want your user to only have the minimum amount of privileges it needs for the app to function.

Leave a Reply

Your email address will not be published. Required fields are marked *