Mysql – Which MySQL users are necessary

MySQLpermissionsusers

My MySQL server has a number of strange users which I did not add. Are these all necessary?

'root'@'127.0.0.1'
'root'@'localhost'
'root'@'SERVERNAME'
'root'@'::1'
''@'SERVERNAME'
''@'LOCALHOST'

If I remove all the root's except root@localhost, could I end up locking myself out of the database? And what is the purpose of the empty user names? They seem to just have the 'GRANT USAGE'??

Is there a difference between 127.0.0.1 as host and localhost? If I only have localhost and not 127.0.0.1, does that mean mysqlclient's that use TCP/IP instead of Unix sockets will not be able to connect?

Best Answer

These users seem to be the default users that were added when MySQL was installed. It is recommended that you run mysql_secure_installation after installing MySQL.
The empty usernames (''@'SERVERNAME') represent anonymous users. If you didn't run mysql_secure_installation or set the password, then anyone can gain access. If the anonymous user has GRANT USAGE privileges, then it basically means it has no privileges, but it's still a good idea to remove the anonymous login completely.
No, there's no big difference between localhost and 127.0.0.1. Whatever IP address the user is trying to login from must match the @[IP Address] part of the username. If your logging in from the same machine the MySQL server is on, then @localhost and @127.0.0.1 would match. As IVlint67 pointed out, in some installations having @localhost would not work so its better to go with @127.0.0.1.

Best Answer

Related Solutions

Mysql – Connecting to a new MySQL instance

MySQL Security – MySQL Log Shows 3 Root Users, 2 Without Passwords? Why?

Related Topic