mysql>
REVOKE ALL ON test FROM ''@'%';Query OK, 0 rows affected (0.16 sec)
You might also want to remove the test database you’ll almost never need to use it,
and removing it leaves one less thing to worry about:
mysql>
DROP DATABASE test;Query OK, 0 rows affected (0.18 sec)
That’s the test issue dealt with.
The next step is to remove anonymous access. You can do this by deleting the accounts that have no username:
mysql>
DROP USER ''@'localhost';Query OK, 0 rows affected (0.27 sec)
mysql>
DROP USER ''@'host.domainQuery OK, 0 rows affected (0.00 sec)
Replace
host.domainwith the server’s fully qualified domain name, such as ruttle.invy home.com
Alternatively, you can manually update the grant tables:
mysql>
DELETE FROM mysql.user WHERE User = '';Query OK, 2 rows affected (0.26 sec)
mysql>
FLUSH PRIVILEGES;Query OK, 0 rows affected (0.20 sec)
We discuss managing privileges with SQL,
including the FLUSH PRIVILEGESsyntax, later in Managing Privileges with SQL.”
Instead of deleting the anonymous accounts, you can disable unauthenticated access to the server by setting passwords for these accounts:
mysql>
UPDATE mysql.user SET Password = PASSWORD('the_new_anonymous_user_password')-> WHERE User = '';mysql>
FLUSH PRIVILEGES;This
allows authenticated, minimally privileged access to the MySQL server from any host, allowing access to test databases but nothing else. It’s rare
for such a setup to be needed, so we recommend you simply remove any anonymous accounts.
The final step we recommend is to remove remote access unless you really need it.
Allowing only local connections is more secure. As we explained in Configuring Access to the MySQL Server you can increase security even further by telling the server to not accept incoming network connections, and to communicate with clients only through TCP sockets (Linux and Mac OS Xor named pipes (Windows).
Since we’ve
removed the anonymous user, the only remaining user is root we can remove remote access for root with:
Share with your friends: 
