Cloud servers from $4/mo - Grab the Deal! Let’s start ->
English
Community
Sign In
Sign In

How to Create a MySQL Database Dump

How to Create a MySQL Database Dump
Hostman Team
Technical writer
MySQL
13.02.2025
Reading time: 12 min
Share

MySQL is the most popular relational database management system that performs various operations with tables, such as adding, deleting, searching, sorting, and outputting data based on user queries.

It's important to understand that MySQL controls databases but is not itself a database. Therefore, MySQL and the database are separate entities:

  • MySQL is a program that operates on information.
  • The database is the information recorded on a hard disk.

Based on this architecture, MySQL supports exporting information — creating a database dump.

This functionality allows several useful operations:

  1. Database Backup: Unexpected situations when using cloud (or local) servers can lead not only to system failures but also to data loss. Therefore, it’s important to regularly create database dumps, which can be stored on other secure storage devices.
  2. Database Transfer from One Server to Another: Manually copying database elements may be challenging or impossible when migrating from one server to another. A dump makes it possible to transfer data quickly.

A database dump is essentially a sequential set of SQL instructions that create an exact copy of the original database, including both its structure and content.

This guide will cover the primary methods for creating a database dump and importing it back into MySQL to restore data.

Preparing a Test Database

We will create a cloud database to test the examples in this guide. If you already have a MySQL database where you can test the dump creation function, you can skip this step.

In the Hostman panel, we will create a MySQL 8 database, leaving all other parameters as default.

You can connect to the cloud database via a terminal. The necessary command can be copied from the control panel.

314f205a E0e7 4653 Ae28 8ede4b2efad9

Let's connect to our database:

mysql -u USER -p'PASSWORD' -h HOST -P 3306 -D DATABASE

For example, a real connection command might look like this:

mysql -u gen_user -p'sU}NEyx#<2P~\e' -h 91.206.179.29 -P 3306 -D default_db

Next, we need to create a simple table consisting of three columns:

CREATE TABLE People (
    id INT,
    name VARCHAR(255) NOT NULL,
    bord DATE
);

And populate it with some values:

INSERT INTO People VALUES 
(120, 'Natalie', NOW()), 
(121, 'Meredith', NOW()), 
(122, 'James', NOW());

This fills the new database so that we can later create a dump from it.

By the way, on the Users tab of the database management page, there are buttons that open interfaces for graphical MySQL database administration tools — phpMyAdmin and Adminer.

Method 1: Console Terminal

A more traditional but less interactive way to create a MySQL database dump is by using the appropriate command in a console terminal.

To do this, you need to connect to MySQL via an SSH connection and then enter the dump creation command:

mysqldump -u USER -p'PASSWORD' -h ADDRESS -P PORT DATABASE > FILE

Let's break down each of the specified parameters:

  • USER: The username used to authenticate in MySQL.
  • PASSWORD: The password for the user to authenticate in MySQL.
  • ADDRESS: The IP address of the remote MySQL server.
  • PORT: The port of the remote MySQL server.
  • DATABASE: The name of the database to be dumped.
  • FILE: The name of the file where the database dump will be saved on the local machine.

There are two possible ways to create a dump via the console:

  1. Local MySQL: The dump is created from a database located on a local MySQL server. In this case, we don’t need to specify the ADDRESS and PORT parameters.

  2. Remote MySQL: The dump is created from a database located on a remote MySQL server. In this case, you need to specify ADDRESS and PORT.

Local MySQL dump command example:

mysqldump -u admin -p'qwerty123' default_db > just_dump.sql

Remote MySQL dump command example:

mysqldump -u admin -p'qwerty123' -h 91.206.179.29 -P 3306 default_db > just_dump.sql

In both cases, for security reasons, you can omit the explicit password specification — this way, the system will prompt you to enter the password manually:

mysqldump -u admin -p default_db > just_dump.sql
mysqldump -u admin -p -h 91.206.179.29 -P 3306 default_db > just_dump.sql

Warnings and Errors

After executing the command, several warnings and errors may appear in the console output. Let’s break down each message in detail.

Password Security Warning

The first warning from MySQL notifies you about the insecurity of using a password as an explicit parameter:

mysqldump: [Warning] Using a password on the command line interface can be insecure.

To suppress this warning, use the -p flag without specifying the password directly.

Global Transaction Identifier (GTID) Warning

The next warning concerns the inclusion of the Global Transaction Identifier (GTID) in the resulting dump and suggests disabling it with the --set-gtid-purged=OFF flag:

Warning: A partial dump from a server that has GTIDs will by default include the GTIDs of all transactions, even those that changed suppressed parts of the database. If you don't want to restore GTIDs, pass --set-gtid-purged=OFF. To make a complete dump, pass --all-databases --triggers --routines --events.

GTID (Global Transaction Identifier) is a unique 128-bit identifier associated with each transaction, which improves overall data consistency.

Disabling GTID may lead to data inconsistency (for example, due to duplication of certain SQL statements).

Data Dump Consistency Warning

Another GTID-related warning indicates that the dump operation is not atomic:

Warning: A dump from a server that has GTIDs enabled will by default include the GTIDs of all transactions, even those that were executed during its extraction and might not be represented in the dumped data. This might result in an inconsistent data dump.
In order to ensure a consistent backup of the database, pass --single-transaction or --lock-all-tables or --master-data.

This means that database changes performed by other applications during the dump creation may be missing, leading to data inconsistency.

To avoid this issue, use one of the following flags:

  • --single-transaction to create the dump within a single transaction.
  • --lock-all-tables to block any other operations on the database during the dump.

Access Denied Error

You might encounter an error preventing the dump creation due to insufficient privileges:

mysqldump: Error: 'Access denied; you need (at least one of) the PROCESS privilege(s) for this operation' when trying to dump tablespaces

Even if the user specified in the command has all database privileges, they may lack the global PROCESS privilege.

To grant this privilege, execute the following command:

GRANT PROCESS ON *.* TO 'admin'@'localhost';

However, this is not the best solution from a security perspective. Instead of granting global privileges, it's better to use the --no-tablespaces flag during the dump command execution.

With all the additional flags, the dump creation command will look like this:

mysqldump -u admin -p'qwerty123' -h 91.206.179.29 -P 3306 default_db --no-tablespaces --set-gtid-purged=OFF --single-transaction > just_dump.sql

In this case, only one harmless warning will remain about explicitly specifying the password:

mysqldump: [Warning] Using a password on the command line interface can be insecure.

Non-existent Database Error

If you accidentally specify the name of a non-existent database, an unclear error will appear denying access to the database for the specified user:

ERROR 1044 (42000): Access denied for user 'admin'@'%' to database 'default_db'

This can cause confusion, so always double-check the accuracy of the database name specified in the command.

Dump File

After successfully executing the dump command, you can check the file system using:

ls

You should see the corresponding database dump file:

just_dump.sql  resize.log  snap

Although you can open this file in any text editor, its size may be quite large, especially if the original database contained a lot of information:

cat just_dump.sql

At the beginning of the file, there is information about the created dump, followed by SQL instructions:

-- MySQL dump 10.13  Distrib 8.0.40, for Linux (x86_64)
--
-- Host: 37.220.80.65    Database: default_db
-- ------------------------------------------------------
-- Server version       8.0.22-13

/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;

...

/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;

-- Dump completed on 2025-01-19  5:33:16

The output file doesn't have to be saved in the current directory; you can specify any other directory:

mysqldump -u admin -p'qwerty123' -h 91.206.179.29 -P 3306 default_db --no-tablespaces --set-gtid-purged=OFF --single-transaction > /tmp/just_dump.sql

In this case, we create the dump file just_dump.sql in the /tmp directory.

Dumping Multiple Databases

In real projects, MySQL often handles multiple databases. You can use a special flag to dump all existing databases:

mysqldump -u admin -p'qwerty123' -h 91.206.179.29 -P 3306 --all-databases --no-tablespaces --set-gtid-purged=OFF --single-transaction > just_dump.sql

This command differs from the previous one only in that the --all-databases flag is specified instead of a specific database name.

Alternatively, you can list the databases you want to include in the dump:

mysqldump -u admin -p'qwerty123' -h 91.206.179.29 -P 3306 db_first db_second db_third --no-tablespaces --set-gtid-purged=OFF --single-transaction > just_dump.sql

Structure Without Data

You can create a dump containing only the database structure (table schemas) without any data by using the --no-data flag:

mysqldump -u admin -p'qwerty123' -h 91.206.179.29 -P 3306 default_db --no-data --no-tablespaces --set-gtid-purged=OFF --single-transaction > just_dump.sql

Specific Tables

Instead of dumping an entire MySQL database, you can dump only specific tables by listing their names after the database name:

mysqldump -u admin -p'qwerty123' -h 91.206.179.29 -P 3306 default_db table1 table2 --no-data --no-tablespaces --set-gtid-purged=OFF --single-transaction > just_dump.sql

On the other hand, you can dump a database excluding specific tables using the --ignore-table parameter:

mysqldump -u admin -p'qwerty123' -h 91.206.179.29 -P 3306 default_db --ignore-table=default_db.logs --no-data --no-tablespaces --set-gtid-purged=OFF --single-transaction > just_dump.sql

Note that the table name must always be preceded by the database name and separated by a dot.

To exclude multiple tables, list each one with the --ignore-table option:

mysqldump -u admin -p'qwerty123' -h 91.206.179.29 -P 3306 default_db --ignore-table=default_db.table1 --ignore-table=default_db.table2 --no-data --no-tablespaces --set-gtid-purged=OFF --single-transaction > just_dump.sql

Character Encoding

In some cases, it may be necessary to explicitly specify the character encoding for the dump:

mysqldump -u admin -p'qwerty123' -h 91.206.179.29 -P 3306 default_db --no-tablespaces --set-gtid-purged=OFF --single-transaction --default-character-set=utf8 > just_dump.sql

Typically, UTF-8 is the preferred character encoding.

Archiving the Dump

Sometimes it’s useful to compress the dump immediately after creation. You can do this by piping the mysqldump output into gzip, then saving the compressed archive:

mysqldump -u admin -p'qwerty123' -h 91.206.179.29 -P 3306 default_db --no-tablespaces --set-gtid-purged=OFF --single-transaction | gzip > just_dump.sql.gz

If you check the current directory with the ls command, you’ll see the compressed dump:

just_dump.sql  just_dump.sql.gz  resize.log  snap

Restoring Data

A database dump is usually created to restore data in the future, for example, in case of data loss or server migration.

To load the database dump into MySQL and restore data, use the following command:

mysql -u admin -p'qwerty123' -h 91.206.179.29 -P 3306 default_db < just_dump.sql

If the dump file size is too large, MySQL may have a default limit that prevents loading it.

To adjust the maximum allowed dump size, you can use the --max_allowed_packet flag:

mysql -u admin -p'qwerty123' -h 91.206.179.29 -P 3306 default_db --max_allowed_packet=64M < just_dump.sql

In this example, the maximum allowed dump size is set to 64 MB.

mysql -u admin -p'qwerty123' -h 91.206.179.29 -P 3306 default_db < just_dump.sql
mysqldump -u admin -p'qwerty123' -h 91.206.179.29 -P 3306 --all-databases --no-tablespaces --set-gtid-purged=OFF > just_dump.sql

Method 2: Using phpMyAdmin

If you're using phpMyAdmin, creating a database dump can be done through the graphical interface without manually executing commands — phpMyAdmin handles everything for you.

  1. Log In to phpMyAdmin. Open the phpMyAdmin interface and log in with your credentials. 
  2. Select the database. In the left sidebar, choose the database you want to export. This will open a page displaying the list of existing tables within the selected database.
  3. Configure the export. Click the Export button. It will take you to a dedicated page to configure the database export (dump).

You can also access the export page from the phpMyAdmin home page, but doing so may not display all databases available for export. It's better to first navigate to the specific database and then click Export.

Note that phpMyAdmin allows exporting only databases that contain tables. Empty databases cannot be exported.

There are two export options in phpMyAdmin:

  • Quick Export. It creates the dump using default export settings.
  • Custom Export. It Allows you to manually configure the export settings, such as excluding specific tables, changing character encoding, and adjusting format options.

phpMyAdmin supports exporting to various formats beyond just SQL, such as PDF, JSON, CSV, YAML, and others.

The configuration options for creating a dump in phpMyAdmin are more user-friendly and visually intuitive than command-line flags.

  1. Start the export. Once you've configured all the export parameters, scroll down and click the Export button. The dump file will be generated and downloaded through your browser.

Method 3: Using Adminer

Creating a database dump in Adminer is very similar to phpMyAdmin. In fact, Adminer’s graphical interface is even simpler.

  1. Log In to Adminer: Start by logging into Adminer, then navigate to the export page by clicking the Export link in the left sidebar.

  2. Configure the Export. Adminer does not have predefined export types, so the system immediately offers all configuration options.

You can select specific database tables to include in the dump.

The dump file can be either saved (in a specific format or as a GZIP archive) or opened in a new window for manual copying of SQL instructions.

Conclusion

The native way to create a MySQL database dump, without requiring additional tools, is by using the mysqldump command with additional parameters.

An alternative is to use visual database management tools with graphical interfaces. Utilities like phpMyAdmin or Adminer simplify database interactions by providing a user-friendly and interactive environment. This is particularly useful for those who are not well-versed in SQL syntax, turning tasks such as creating a dump into a series of simple mouse clicks.

MySQL
13.02.2025
Reading time: 12 min
Share

Similar

MySQL

How to Show Users in MySQL

MySQL stands as a widely recognized relational database system, extensively utilized for handling structured data. It provides administrators with robust utilities to oversee users' accounts effectively. Whether the goal is to retrieve a full user list, check access rights, or filter specific accounts, MySQL offers multiple ways to accomplish these tasks. Understanding these methods can help ensure better control over database security and access management. In this write-up, we’ll explore all possible approaches to show users in MySQL. Prerequisites Before proceeding, ensure you meet these prerequisites: MySQL is set up on your machine. Superuser permissions for MySQL (root or an account with sufficient rights). A MySQL interface (such as MySQL Shell, Workbench, or a command terminal with the MySQL CLI tool). Understanding MySQL Users In MySQL, accounts represent users who can interact with the database by executing tasks like reading, updating, or deleting data. Each account consists of a username and a host, which specifies the allowed connection source. For instance, 'user'@'localhost' restricts access to the same computer where MySQL is running, whereas 'user'@'%' allows access from any IP address(location). We can handle user accounts with simple commands, as illustrated below: Task Command Create User CREATE USER 'anees'@'localhost' IDENTIFIED BY 'password'; Grant Permissions GRANT ALL PRIVILEGES ON mydb.* TO 'anees'@'localhost'; See Existing Users SELECT user, host FROM mysql.user; Delete User DROP USER 'anees'@'localhost'; MySQL controls user access using privileges, ensuring that each account can execute only permitted actions, thereby maintaining database security. Different Methods to Show MySQL Users MySQL offers multiple ways to view user accounts, each designed for a particular need. Whether you require a basic user list, detailed account insights, or filtered results, MySQL offers flexible options to fetch user details. Common approaches include querying the mysql.user table, executing SHOW GRANTS to review privileges, and using SELECT statements with filtering conditions. These methods help database administrators effectively manage accounts, maintain secure access, and enforce proper control within the database. 1. Querying the mysql.user Table The mysql.user is MySQL's built-in system table that stores all user account details, including usernames, host specifications, authentication methods, and assigned privileges. Administrators can retrieve data from this table to gain a comprehensive view of all accounts and their respective access rights. It plays a crucial role in auditing permissions, checking authentication plugins, and filtering users based on defined parameters. However, accessing this table requires administrative rights, and the privilege data may appear intricate for those unfamiliar with its structure. Despite this, it remains one of the most detailed and effective tools for handling user accounts in MySQL. Here’s how to fetch all users using this table: SELECT User, Host FROM mysql.user; The User column depicts account names, while the Host column indicates the originating host that allows user connections: 2. Retrieving Unique Users with DISTINCT In MySQL, the DISTINCT clause can be applied within a SELECT statement on the mysql.user table to retrieve distinct user accounts. Since MySQL associates each account with both a username and a host, the same username may appear multiple times with varying host values. Utilizing DISTINCT removes redundant usernames, yielding a streamlined list of unique accounts. This approach is particularly beneficial for obtaining a summarized view of all database users, especially in environments where multiple hosts are involved: SELECT DISTINCT User FROM mysql.user; This technique is ideal when you require only the usernames without including host-related details. 3. Extracting User Privileges with SHOW GRANTS The SHOW GRANTS statement in MySQL helps us extract the permissions granted to a particular user. SHOW GRANTS presents access rights in a structured format that mirrors the GRANT commands used to grant those privileges. This feature makes it an essential tool for reviewing user privileges and ensuring security compliance. Employ this command to fetch a particular user alongside its access rights: SHOW GRANTS FOR 'user'@'host'; Substitute the username and host with the relevant user information, as depicted in the snippet below: 4. Checking Users via MySQL Workbench This method offers a graphical interface (GUI) for handling MySQL user accounts, making it suitable for those who prefer a visual approach over command line operations (CLI). MySQL Workbench enables users to view existing accounts, assigned roles, and granted privileges via its Users and Privileges section. This structured view reduces the risk of errors compared to manually running SQL commands, making it beginner-friendly.  To view user accounts in MySQL Workbench, launch the application and establish a connection to your MySQL server: Next, in the Navigator panel, choose Administration, expand the Management section, and click the "Users and Privileges" to access the user management window: Within the Users tab, a list of existing MySQL user accounts alongside their corresponding hosts will be displayed: We can choose a user to review or modify its privileges, authentication method, and other settings. Fetching Logged-In User Details in MySQL The SELECT USER(); query in MySQL fetches the current session’s authenticated user, including the originating host. It’s a fast and efficient way to examine the active user without needing additional tools or administrative rights. This method works on all MySQL installations, including remote connections, and has minimal system overhead. However, it only exhibits the authenticated user and lacks information regarding roles or permissions: SELECT USER(); The resultant outcome demonstrates that root@localhost is currently logged in user on our system: Alternatively, we can employ the below-listed query to fetch the current user details: SELECT CURRENT_USER(); How Can We Check the Existence of a Particular User in MySQL? To confirm if a particular MySQL account is available, we can query the mysql.user table with the EXISTS clause. The succeeding command checks for a user’s presence: SELECT EXISTS(SELECT 1 FROM mysql.user WHERE user = 'username' AND host = 'host'); It returns one if the account is present and zero if not: If you are uncertain about the host, you may exclude the host condition or execute the command below: SELECT User, Host FROM mysql.user WHERE User = 'anees'; If the desired account is found, it depicts the username and hostname; otherwise, it shows "Empty Set": Effective Ways to Display MySQL Accounts Here are key guidelines to follow for efficient handling and presenting MySQL accounts to maintain security and streamline user administration: To efficiently handle MySQL accounts, ensure you have administrative privileges before running commands like retrieving data from the mysql.user table or utilizing SHOW GRANTS. Avoid revealing confidential details such as passwords by only selecting the necessary columns, like User and Host, rather than employing "SELECT *". When searching for certain user accounts, apply WHERE to refine the results and avoid fetching irrelevant data. To obtain a refined list of distinct accounts, apply DISTINCT, as MySQL records users with both their usernames and hosts. To depict a user's permissions in a clear format, execute SHOW GRANTS FOR 'username'@'hostname';.  If you're not comfortable with the command line interface, utilize MySQL Workbench, which provides a user-friendly interface to handle accounts. Ensure limited access to the mysql.user table to protect sensitive data, and periodically audit user accounts and privileges to maintain security. Conclusion Effectively handling MySQL users/accounts is crucial for enhancing security and proper access control within your database. Whether you're using SQL queries like SELECT and SHOW GRANTS, or MySQL Workbench for a more intuitive experience, multiple approaches are available for listing and managing accounts. It's important to consider optimal practices, such as using appropriate privileges, limiting data exposure, and regularly auditing user accounts, to ensure your MySQL setup remains secure. In this write-up, we explained how to confidently manage users, monitor permissions, and uphold the reliability of your database system.
13 February 2025 · 7 min to read
MySQL

How to Import and Export Databases in MySQL or MariaDB

Database management is a crucial aspect of Linux server and web application administration. Importing and exporting databases are essential tasks for DevOps and system administrators. At a minimum, developers should know how to back up databases and transfer them between servers. This guide explains how to import and export database dumps in MySQL or MariaDB on a Linux server (using Ubuntu as an example). Working with Databases MySQL and MariaDB are popular relational database management systems (RDBMS) used for storing data in large applications. MariaDB is a fork of MySQL developed by its original creators due to licensing concerns following Oracle's acquisition of MySQL. Both MariaDB and MySQL share identical or similar APIs and operating mechanisms. Creating a Database Connect to MySQL or MariaDB with root privileges: For MySQL: mysql -u root -p   For MariaDB: mariadb -u root -p   Create a database (if it doesn't already exist): CREATE DATABASE IF NOT EXISTS <database_name>; Viewing Databases To see the list of available databases: SHOW DATABASES; Switching Databases To switch to a specific database: USE <database_name>; Viewing Tables To list all tables in the selected database: SHOW TABLES; Common SQL Commands Creating a table: CREATE TABLE IF NOT EXISTS users (  user_id INT NOT NULL PRIMARY KEY AUTO_INCREMENT,  username VARCHAR(100) NOT NULL); This creates a table named users with fields user_id and username. Inserting data into the table: INSERT INTO users (username) VALUES ('John Doe'); This adds a new row to the users table. Selecting all rows from the table: SELECT * FROM users; Monitoring MySQL/MariaDB status To check the server's global status and statistics: SHOW GLOBAL STATUS; Exporting Databases Exporting data from MySQL or MariaDB can be efficiently done using the mysqldump CLI utility or third-party tools like phpMyAdmin. The mysqldump utility allows you to save your database as an SQL dump, which contains the necessary commands for creating columns and populating them with data. This dump file can be easily managed, imported, or transferred. You will need: A database you want to export. User credentials with at least read access to the database. In the terminal, run the following command: mysqldump -u <username> -p<password> <database_name> > db_dump.SQL Where: -p<password>: Password for the database user (you can omit the password and simply use -p to prompt for it manually). db_dump.SQL: The name of the output dump file. <username>: The privileged user with read access. <database_name>: The name of the database you are exporting. To create dumps from a remote server, add the -h flag: mysqldump -h <ip-address> -u <username> -p<password> <database_name> > db_dump.SQL If the MySQL server uses a non-standard port, specify it with the -P flag: mysqldump -h <ip-address> -P <port> -u <username> -p<password> <database_name> > db_dump.SQL While the default export format is SQL, mysqldump also supports exporting data as CSV, XML, and other formats by configuring additional parameters. The SQL dump typically includes: Information about the RDBMS (MySQL or MariaDB) Commands for creating the required tables and their columns Data to populate those columns By default, it provides a comprehensive snapshot of the database structure and contents, making it an essential tool for database backups and migrations. Importing Data into MySQL or MariaDB To import a database dump, you don’t need mysqldump; a direct call to MySQL will suffice. Run the following command in your terminal: mysql -u <username> -p<password> <new_database_name> < db_dump.SQL Where: -p<password>: The user's password (use -p without the password to be prompted manually). db_dump.SQL: The dump file containing your database data. <username>: A privileged user with write access. <new_database_name>: The name of the target database to which you are importing the dump. If the process completes successfully, there will be no output. If any errors or warnings occur, MySQL or MariaDB will display them. You can check if the import was successful with these commands: SHOW DATABASES;  -- Lists all databasesUSE <database_name>;  -- Selects the target databaseSHOW TABLES;  -- Lists all tables within the selected database By executing these commands, you can confirm that the database structure and data have been imported correctly. Creating a systemd Service for Backup Suppose you want to automate the database backup (export) process. In this guide, we will create a service-timer that will trigger a script for backing up data. A Timer is a mechanism used to schedule the execution of a specific service at a given time or through certain intervals. Follow these steps to set it up: First, connect to the server and create the directory for backup scripts: mkdir -p /usr/bin/backup_scripts  # Create directory for backup scripts Create and open the file /usr/bin/backup_scripts/mysql_backup.sh in any text editor (e.g., nano): nano /usr/bin/backup_scripts/mysql_backup.sh Inside the file, add the following script: TIMESTAMP=$(date +'%F') # Get the current date BACKUP_DIR='<path_to_backup_directory>' MYSQL_USER='<username>' MYSQL_PASSWORD='<password>' DATABASE_NAME='<database_name>' mkdir -p "$BACKUP_DIR/$TIMESTAMP" # Create directory for this date mysqldump -u $MYSQL_USER -p$MYSQL_PASSWORD $DATABASE_NAME > "$BACKUP_DIR/$TIMESTAMP/$DATABASE_NAME-$TIMESTAMP.sql" # Create dump find "$BACKUP_DIR" -type d -mtime +28 -exec rm -rf {} \; # Delete backups older than 28 days Replace the placeholder variables with the actual backup directory path, MySQL user credentials, and the database name. Grant execution permissions to the script: chmod +x /usr/bin/backup_scripts/mysql_backup.sh Create the service file /etc/systemd/system/mysql-backup.service: sudo nano /etc/systemd/system/mysql-backup.service Add the following content: [Unit] Description=MySQL Database Backup Service [Service] Type=oneshot ExecStart=/usr/bin/backup_scripts/mysql_backup.sh [Install] WantedBy=multi-user.target Create the timer file: sudo nano /etc/systemd/system/mysql-backup.timer Add this content to schedule the backup: [Unit] Description=Run MySQL Backup Service Weekly [Timer] OnCalendar=weekly Persistent=true [Install] WantedBy=timers.target Reload the systemd configuration, enable the timer for autostart, and start it: systemctl daemon-reload  # Reload systemd configurationsystemctl enable mysql-backup.timer  # Enable timer to start automaticallysystemctl start mysql-backup.timer  # Start the timer Check the status of the timer and ensure it is working: systemctl status mysql-backup.timersystemctl list-timers  # Lists active timers Now, your system will automatically create a backup of the specified database every week. Export and Import via phpMyAdmin You can perform database imports and exports not only through command-line utilities but also through the phpMyAdmin web interface. This method is typically more convenient when the dump size is small (less than 1GB). This section will cover the basic process of importing and exporting databases. Export To export a database: Go to the phpMyAdmin interface and select the desired database from the left-hand panel. Click on the Export tab. Choose export method: Quick Export: Select this if you want a basic export with default settings. Custom Export: Choose this for more specific export options, such as selecting certain tables, formats, or compression methods. Click Export. To export specific tables: Click on the database name in the left sidebar to view its tables. Select the tables you want to export by checking the boxes next to their names. At the bottom of the page, choose Export from the list of actions. On the next page, verify the export format and options, then click Go to save the dump to your local machine. Import The process of importing a database is very similar to exporting. Follow these steps: Open phpMyAdmin and navigate to the database you want to import into. If the database doesn't exist, create it by clicking Create Database from the left sidebar. Inside the database, click on the Import tab. Click the Choose File button to browse for and select the SQL dump file from your device. Choose the necessary options like file encoding, format (typically default settings are fine), and other options as needed. Click Go to start the import process. Once the process is complete, you will see the imported files and their contents listed in the left sidebar. You can also modify them if needed. Conclusion The choice of method depends on your needs: phpMyAdmin is ideal for manually creating backups or for quick access to a database. It’s user-friendly and simple for small-scale tasks. Using command-line utilities would be more efficient and flexible for automation or if you’re transferring infrastructure.
10 February 2025 · 8 min to read
MySQL

How to Secure MySQL Server

MySQL is the best choice for relational database management, but its widespread use also makes it an appealing target for potential attackers. This tutorial outlines essential steps to fortify your MySQL server, protecting your data from unauthorized access and activities that are malicious. Prerequisites Prior to diving into security configurations, ensure the prerequisites mentioned below: MySQL is Installed and Running: Consider reading the official MySQL documentation if needed.  Access to Administrator Privileges: sudo or root access is required for many steps. Familiarity with MySQL Commands: Basic command-line knowledge will be helpful. Understanding Threat Landscape MySQL databases face various threats, including:   Unauthorized Logins: Weak credentials or misconfigurations can allow attackers to access your data.   SQL Injection Attacks: Unvalidated inputs in applications can expose your database to manipulation.   Insufficient Network Security: Open ports and weak firewalls leave the server vulnerable.   Proactively securing the database reduces the likelihood of such incidents. Step 1: Update the Server and MySQL As new updates provide new security features and also fixes bugs, it is highly important that your system stays updated because if will fix known vulnerabilities and leverage latest security enhancements.  Utilize the commands mentioned below to update both the operating system and MySQL. sudo apt updatesudo apt upgrade -y Verify the current MySQL version: mysql --version Keep an eye on official release notes to understand updates and security patches. Step 2: Secure Initial Configuration   The mysql_secure_installation script is an essential tool for strengthening the security of your MySQL server's. It streamlines sensitive tasks such as: Setting a root password Removing anonymous user accounts Disabling remote root logins Deleting the test database To run the script: sudo mysql_secure_installation Follow the prompts to implement the recommended security measures. Step 3: Configure User Authentication   Effective user management is essential for database security.   Use Unique Users for Applications Create separate users for each application, and assign only the permissions they need. For example:   CREATE USER 'app_user'@'localhost' IDENTIFIED BY 'StrongPassword123!';GRANT SELECT, INSERT ON app_database.* TO 'app_user'@'localhost';FLUSH PRIVILEGES; This ensures that a breach in one application doesn’t compromise the entire database.   Enable Authentication Plugins MySQL provides plugins like caching_sha2_password for secure authentication. To enable it:   ALTER USER 'root'@'localhost' IDENTIFIED WITH 'caching_sha2_password' BY 'SecurePassword!'; Step 4: Enforce Password Policies   If passwords are strong then the possibility of brute force attacks may not be of any help for the hackers. Install the password validation plugin if it isn’t already enabled: INSTALL PLUGIN validate_password SONAME 'validate_password.so'; Configure password strength rules in the MySQL configuration file: validate_password_policy=STRONGvalidate_password_length=12 These settings enforce strong, hard-to-guess passwords. Step 5: Restrict Remote Access   Unnecessary remote access exposes the database to risks. Disable Remote Root Access By default, MySQL allows root logins from remote systems. Disable this feature by editing the MySQL configuration file: sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf Set the bind address to localhost: bind-address = 127.0.0.1 Restart the MySQL service:   sudo systemctl restart mysql Use Firewalls for Remote Connections If remote access is necessary then configure firewalls. This will only allow traffic from trusted IPs. sudo ufw allow from <trusted_ip> to any port 3306sudo ufw enable Step 6: Secure Data Transmission   Encryption will make sure that data transferred between the client and server is safe from eavesdropping. Enable SSL/TLS Certificates for MySQL are generated automatically at the time of installation.  Add the following lines to /etc/mysql/mysql.conf.d/mysqld.cnf:   [mysqld]ssl-ca=/var/lib/mysql/ca.pemssl-cert=/var/lib/mysql/server-cert.pemssl-key=/var/lib/mysql/server-key.pemrequire_secure_transport = ON Restart MySQL to apply changes. Use tools like OpenSSL to verify encrypted connections. Step 7: Audit and Monitor Database Activity   Monitoring user activity can help detect unauthorized actions. Enable Logs Activate general logs and error logs in the configuration file:   general_log=1log_error=/var/log/mysql/error.log Analyze Access Patterns Periodically review logs to identify anomalies or suspicious activity. Use automated tools like Percona Monitoring and Management for advanced analytics. Step 8: Protect Against SQL Injection   SQL injection is a common attack vector for web-based MySQL applications. Mitigate this risk by: Using Parameterized Queries: This prevents attackers from injecting malicious SQL commands Validating User Inputs: Sanitize and validate inputs at the application level. Implementing a Web Application Firewall (WAF): Tools like ModSecurity can block malicious queries. Step 9: Regular Backups and Disaster Recovery   Prepare for the unexpected by setting up automated backups. Full Database Backups Use mysqldump to create complete backups:   mysqldump -u root -p --all-databases > backup.sql Incremental Backups For large databases, consider incremental backups using tools like Percona XtraBackup. Step 10: Disable Unused Features   Reducing the database’s attack surface is crucial.   Disable Unused Plugins Run the following command to list active plugins:   SHOW PLUGINS; Unload any unnecessary plugins UNINSTALL PLUGIN plugin_name; Remove Sample Databases Delete test databases that come pre-installed with MySQL:   DROP DATABASE test; Step 11: Use Security Updates and Best Practices   Regularly update MySQL to address vulnerabilities and ensure you’re using the most secure version. Stay connected with the MySQL Community for updates, news, and security alerts. Advance Practices: Segmentation Isolate your database server from other services using network segmentation to reduce the risk of unauthorized access. Intrusion Detection Systems (IDS). Use tools like Snort to monitor for unusual activity and detect potential intrusions in real-time. Two-Factor Authentication (2FA). Enable 2FA for administrative accounts to add an extra layer of protection against unauthorized access. Conclusion Securing a MySQL server requires a comprehensive approach, combining careful configuration, continuous monitoring, and proactive management. If you utilize these practices then your database can be safeguarded very effectively, protecting sensitive data as well as mitigating the chance of unauthorized access. You must evaluate and update the security measures regularly so that you can stay prepared for emerging threats.
24 January 2025 · 6 min to read

Do you have questions,
comments, or concerns?

Our professionals are available to assist you at any moment,
whether you need help or are just unsure of where to start.
Email us
Hostman's Support