Install MariaDB and secure it

MariaDB is my go-to database when I’m running Ubuntu. It’s easy to install and administrate. In this guide I’ll to trough how to install MariaDB and how to make it a little more secure.

Introduction

Validated on

This how-to have been tested and known to work, but not limited to the following versions

  • Ubuntu 24.04
  • Ubuntu 22.04

Prerequisite

  • Sudo or root access to your Ubuntu Server
  • SSH access to your Ubuntu Server
  • SSH software
    • macOS, you can use Terminal
    • Linux, you can use Terminal
    • Windows, I do recommend you to use PuTTY

Good to know

  • During this guide you need to replace some of the text with your unique name etc
    • DBUSERNAME = Username you want for the database user
    • DBPASSWORD = Password you want for the database user
    • DBNAME = Name you want for the database

Recommendation

  • If you haven’t secured SSH on your Ubuntu Server I do recommend you to read my guide about it

Install and secure

  • As always it’s a good idea to make sure your Ubuntu Server is up to date before we begin

    sudo apt update && sudo apt upgrade -y
    
  • Now let’s install MariaDB

    sudo apt install mariadb-server -y
    
  • After MariaDB have been installed we are going to make it a little more secure, when your asked for your password just press enter

    sudo mysql_secure_installation
    

  • When your asked if you want to use unix_socket it’s often OK to select n if your root account is protected

  • Now you can choose to change the root password or not, this is something you don’t need to do either if your root account is secure

  • We don’t want a anonymous user so let’s delete that user so select n

  • It’s not a good idea to let root user to access the database remotely so select n here

  • We don’t want the test database in production so make sure to select n here to delete it

  • Now to the last step, select n to reloading the privilege tables

  • Last thing to do is to start and enable mariadb.service

    sudo systemctl start mariadb && sudo systemctl enable mariadb
    

  • You can check status of MariaDB by entering this command

    sudo systemctl status mariadb
    

Create user and database

  • Let’s enter MariaDB so we can create a user and database

    sudo mariadb
    

  • Now we are going to create a user, remember that you should not name it with something that can point to the service you’re going to run on the server

    CREATE USER 'DBUSERNAME'@'localhost' IDENTIFIED BY 'DBPASSWORD';
    

  • Create the database and remember that you should not name it with something that can point to the service you’re going to run on the server

    CREATE DATABASE IF NOT EXISTS DBNAME;
    

  • Our database user doesn’t have permissions to the database yet so let’s give the user permission to the database

    GRANT ALL PRIVILEGES ON DBNAME.* TO 'DBUSERNAME'@'localhost';
    

  • It’s time to wrap things up so execute the following two command

    FLUSH PRIVILEGES;
    
    EXIT;
    

Conclusion

This guide was a basic guide how to install MariaDB and make it more secure than it is out of the box.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.