MySQL / MariaDB on production servers

So apparently, after installing a MySQL or MariaDB server you are supposed to run mysql_secure_installation to adjust the default ease-of-use just-work defaults to a more adequate production server setup.

sudo apt-get update
sudo apt-get install mariadb-server
sudo mysql_secure_installation

Good to know this useful utility exists, and guides you through setting a root account password, removing the public, anonymous access account, the all-accessible test DB, and only allowing login to root from localhost.

It’s a shame you have to know about this command instead of having sane, safe defaults. I can understand the priorities though.

After installation, it’s supposed to just work and to try out – to please new users. I wonder if the Debian/Ubuntu package installation should be running this utility after installation though, rather than just asking for a root password. It could just ask whether this is a “test or development” installation, or a production installation and then guide you through further. That would probably make for a lot more, secure installations on the internet and elsewhere.