Should you add a database user to wp-config with least priveleages

  • Resolved AM77

    (@andy277)


    10 years, 9 months ago

    I have read lots of articles about securing wordpress. I read somewhere for best security, add a database user with least privileges, and not the database admin user. So I assume that means going to cpanel creating a new user for the wordpress database, and untick all the user privileges, then add that new database user to the wp-config.

    I haven’t heard or read this anywhere else so just checking if anyone does this? and does it improve security?

Viewing 3 replies - 1 through 3 (of 3 total)
  • Moderator James Huff

    (@macmanx)

    No, don’t do that. ??

    The database user in wp-config is what reads from and writes to the database, creates tables as plugins need to, etc. If you give it a database user with no privileges, you don’t have a working installation.

    So, you could say that it does improve security, because having no WordPress is probably the most secure you could ever make WordPress, but you probably do want WordPress. ??

    Follow this guide for the official security recommendations: https://codex.www.ads-software.com/Hardening_WordPress

    Thread Starter AM77

    (@andy277)

    Good point, I’d prefer not to secure wordpress so much to the point it becomes unusable

    Thanks for the advice (°?°)b

    Moderator James Huff

    (@macmanx)

    You’re welcome!

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Should you add a database user to wp-config with least priveleages’ is closed to new replies.