Mysql password can't contain "&"

servisys / ispconfig_setup

ISPConfig autoinstaller and setup

GNU General Public License v3.0

507 stars 257 forks source link

Mysql password can't contain "&" #212

Open ghost opened 6 years ago

ghost commented 6 years ago

If the mysql password contains a "&" it gets messed up. My password was 6rfbQBV5Rq06S&fI and it was saved as 6rfbQBV5Rq06Spassword =fI in /etc/mysql/debian.cnf.

JOduMonT commented 6 years ago

I forgot Special Caracters when I define a password through bash script but you could try to put it inside quote like this :

'6rfbQBV5Rq06S&fI'
"6rfbQBV5Rq06S&fI"

or put the escape caracters () before your Specials Caracters

6rfbQBV5Rq06S\&fI

You will find more info here

JOduMonT commented 6 years ago

@fbg13 anyway most of the time unsolicited access to the database will come from a misconfiguration in a APPS

If you always define custom Username, custom Database and custom Table Prefix you will reduce the attack surface aka being protected from most botnet.

I'll recommend you to be explicit about which IP could access your SQL. As I said IP not Nameserver for a good reason; it's harder to spoof an IP than a server name.

Neustradamus commented 5 years ago

It is resolved?