We need to setup MySQL root password. Please input password for MySQL root user.
Verify root password.
Securing MySQL Installation
We will secure the MySQL installation by running mysql_secure_installation.
Enter the root password that we set on installation:
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MySQL to secure it, we'll need the current
password for the root user. If you've just installed MySQL, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Since we already have the root password set, answer this part with n:
Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.
You already have a root password set, so you can safely answer 'n'.
Change the root password? [Y/n] n
Remove the anonymous user to improve security. This will make sure people or application have correct username and password to login to MySQL. Answer with Y
By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
Remove anonymous users? [Y/n] Y
We also want remove root login from remote machine. Answer with Y:
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] Y
Previously the test database created automatically by MySQL installation, but MySQL 5.6 does not create test database. We can still choose Y, it will throw error but that's fine.
By default, MySQL comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] Y
- Dropping test database...
ERROR 1008 (HY000) at line 1: Can't drop database 'test'; database doesn't exist
... Failed! Not critical, keep moving...
- Removing privileges on test database...
The last step is to reload MySQL privilege table.
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] Y
All done! If you've completed all of the above steps, your MySQL
installation should now be secure.
Thanks for using MySQL!
Create a Database for Espocrm
Now we have a secure MySQL installation, time to create database and user for espocrm itself.
Login to MySQL using root credential.
$ mysql -u root -p
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 58
Server version: 5.6.30-0ubuntu0.14.04.1 (Ubuntu)
Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
Create a new database named espocrm using the command below:
A secure connection is now a requirement for web application. Last step that we will do in this tutorial is changing the connection to only use https. We assume that you already have SSL certificate and private key.
Let's create new apache virtual host configuration on /etc/apache2/sites-available/espocrm-ssl.conf with contents below. Don't forget to change:
# Uncomment the following directive when using client certificate authentication
# HSTS (mod_headers is required) (15768000 seconds = 6 months)
Header always set Strict-Transport-Security "max-age=15768000"
# intermediate configuration, tweak to your needs
SSLProtocol all -SSLv2 -SSLv3
We will also disable espocrm http only virtual host and enable the new virtual host config.
Facebook0TwitterReddit0StumbleUpon0 Do you need to increase the memory limit in WordPress? Getting an error about memory Exhausted? The memory limit is one of the most common WordPress errors as the default limit of memory in WordPress is only set to 64mb! But there’s good news! The Memory Exhausted error is...
Facebook0TwitterReddit0StumbleUpon0 A vulnerability has been discovered in the “All In One WordPress Migration” WordPress plugin. All versions earlier than, and including 6.97 contain a vulnerability which allows Cross-Site Scripting (XSS).With over 2 million active installations, this vulnerability has the potential to be high impact, however, this is lessened by the...
Facebook0TwitterReddit0StumbleUpon0HostPresto will be launching a European point of presence in the coming weeks, specifically in Amsterdam. For customers needing their data located within the EU still please contact support to request migration to this location with ticket subject ‘EU Migration’. We will ensure this is actioned well before the Brexit...