M
M
mprog542021-01-15 09:41:19
MySQL
mprog54, 2021-01-15 09:41:19

Prohibition on row editing in Mysql by ID?

Good afternoon!
There is a wp_settings table in the database, it has a row with ID siteurl and sitehome. These fields contain a link to the root of the site on Wordpress. Something constantly changes these links to their own, as a result, viral redirects appear on the site. When I change the link to the real site link, it works fine.
You need to lock these lines for editing in MySQL (MairiaDB) so that you can not change the url to any other

Answer the question

In order to leave comments, you need to log in

3 answer(s)
V
Vasily Bannikov, 2021-01-15
@vabka

Something constantly changes these links to their own, as a result, viral redirects appear on the site. When I change the link to the real site link, it works fine.

I dare to suggest that it will be more reliable to find something that replaces links and delete it, at the same time take care of the security of the site.

M
Miron, 2021-01-17
@Miron11

remove the privileges of the users currently created in the database. Leave them to read. Pay special attention to administrative accounts such as root. In my experience, I have not had to secure MySQL specifically, so I don't know if it's possible to change the root username, if you can, do so, changing its password of course.
Make a special login that has permission to change data. Remember this user's password and store it in a safe. Hang the key to the safe around your neck and do not give it to anyone.
Make sure that this user's password login has separate access to the database. So that it does not have to be displayed somewhere in the configuration of the program that ensures the operation of the site. Log in to this account with a password through a secure application so that no one can see your password or read it through any devices, in particular those that listen to what is transmitted over the network. In principle, all modern programs that come with the product protect the login password. But the details can be significant, read the documentation if in doubt. There, as a rule, it is described whether the process of attaching to the database by one or another device is well protected.
And finally, protect the machine on which the database and the site are installed with the same approach.
In the end, if the first attempt does not work out, and someone continues to "disgrace", repeat the cycle, only now with some experience from the previous training.
As you work on this area, sooner or later you will come across the fact that either a person or some process installed either on the machine or in the site application itself performs the substitution of address pointers, or by noticing this process and comparing the timestamps of the records - their changes, or by noticing that someone has joined the database without the permission of a highly privileged user. You can also detect this by setting triggers on tables that capture changes, including the time the account name was recorded and the value of the field before and after the change. The problem is that your database is currently being misused by some third party, and this person can distort these trace records as well,

S
Slava Rozhnev, 2021-01-15
@rozhnev

First of all, change the passwords to the database. The second is to set up a firewall so that no one can connect to the database. Turn on full logging to understand who changes what. and so on down the list...

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question