> I also ran mysql_secure_installation on my Ghost server to harden up the MySQL... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		bsder on Jan 17, 2024 \| parent \| context \| favorite \| on: Molly White: Migrating from Substack to self-hoste... > I also ran mysql_secure_installation on my Ghost server to harden up the MySQL server. This does a couple of things to make it harder for people to compromise your SQL database (which is initially set up in a development mode), like disabling remote login as root. WTF! Why in the world aren't the defaults set to "secure by default"? Why in the world would DigitalOcean create a Ghost droplet that wasn't secured out the wazoo? And, looking at what she went through, self-hosting this stuff is still far, far too stupidly difficult.

Kluggy on Jan 17, 2024 [–]

Honestly, I wish more self hosted stuff defaulted to using sqlite purely to reduce the complexity for simple deployments.

ochronus on Jan 17, 2024 | [–]

Ghost started with sqlite back in the days, I'm not sure why they migrated away :/

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact