installing and configuring mysql

To install MySQL database:

1. Install the MySQL database server only and select Server Machine as
the configuration type.
2. Select the option to run MySQL as a service.
3. Launch the MySQL Command-Line Client. To launch the client, enter the following
command in a Command Prompt window: mysql -u root -p

current and future versions of mysql

The MySQL 5.5 series is no longer current, but still supported in production. MySQL5.1
achieved General Availability (GA) status with MySQL ...

Getting Started with MySQL

Abstract
MySQL is the world's most popular open-source database. Despite its powerful features, MySQL
is simple to set up and easy to use. Below are some instructions to help you get MySQL up and
running in a few easy steps. We also explain how to perform some basic operations with MySQL
using the mysql client.

Troubleshooting your installation

Need a hand with your installation? Did you have trouble installing the product? This section
describes basic installation issues and provides troubleshooting information

IT-Security Guidelines
The Federal Office for Information Security (BSI) has been offering information and
assistance on all aspects of IT security for many years. The BSI's IT-Grundschutz has
become the most comprehensive standard work on IT security. It is used by numerous
companies and public bodies as the basis on which to build their own catalogues of
measures. In line with developments in information technology, the IT-Grundschutz has
become more complex and wider-ranging. Hence, small and medium-sized
 organisations, with limited financial and personnel resources, especially need an
introduction to the subject that is easy and fast to implement.

These guidelines are intended to satisfy this need, providing a compact overview of the
most important IT security measures that is intelligible to the non-expert. The focus is on
organisational safeguards and on illustrating threats through practical examples.
Technical details have deliberately been avoided.

Privilege-Granting Guidelines
1. FILE can be abused to read into a database table any files that the MySQLserver
can read on the server host. ...
2. GRANT OPTION enables users to give their privileges to other users. ...
3. ALTER may be used to subvert the privilege system by renaming tables.

How to Create a User and Grant Permissions in Oracle

1. CREATE USER books_admin IDENTIFIED BY MyPassword;
2. GRANT CONNECT TO books_admin;
3. GRANT CONNECT, RESOURCE, DBA TO books_admin;
4. GRANT CREATE SESSION GRANT ANY PRIVILEGE TO books_admin;
5. GRANT UNLIMITED TABLESPACE TO books_admin;
6. GRANT SELECT, INSERT, UPDATE, DELETE ON schema.books TO
books_admin;

Installing Apache

Go to the Apache Win32 download directory. You will need to download two
pieces of software in a temporary directory. The first is the new Microsoft MSI
package installer (MSIEXEC) instmsi.exe, standard in Windows Me and 2000,
recently made available by Microsoft for Windows NT and 95/98.

Current and Future Versions of Apache

The installation instructions in this chapter refer to Apache HTTPD

server version 2.0.47, which is the current production version of the
software. The Apache Software Foundation uses minor release numbers
for updates containing security enhancements or bug fixes. Minor
releases do not follow a set release schedule; when enhancements or
fixes are added to the code and thoroughly tested, the Apache Software
 Foundation will releases a new version, with a new minor version
number.

Apache-Related Commands
The Apache distribution includes several executables. This section covers only the server binary and
related scripts. Chapter 25, "Restricting Access to Your Applications," and Chapter 29, "Apache
Performance Tuning and Virtual Hosting," cover additional utilities included with the Apache distribution.

Manual Installation
1. Step 1: Download the files. Download the latest PHP 5 ZIP package from
www.php.net/downloads.php. ...
2. Step 2: Extract the files. ...
3. Step 3: Configure php.ini. ...
4. Step 4: Add C:\php to the path environment variable. ...
5. Step 5: Configure PHP as an Apache module. ...
6. Step 6: Test a PHP file.

Building PHP on Linux/Unix with Apache

In this section, we will look at one way of installing PHP with Apache on Linux/Unix. The process is more or
less the same for any Unix operating system. Although you might be able to find pre-built versions of PHP
for your system, compiling PHP from the source gives you greater control.

To download the PHP distribution files, go to the home of PHP, http://www.php.net/, and follow the link to
the Downloads section. Grab the latest version of the source code—for this example, we are using 4.3.3.
Your distribution will be named something similar to php-version.tar.gz, where version is the most

recent release number. This archive will be a compressed tar file, so you will need to unpack it:

Log Files
In order to effectively manage a web server, it is necessary to get feedback about
the activity and performance of the server as well as any problems that may be
occuring. The Apache HTTP Server provides very comprehensive and flexible
logging capabilities. This document describes how to configure its logging
capabilities, and how to understand what the logs contain.

 Security Warning
 Error Log
 Access Log
 o Common Log Format
o Combined Log Format
o Multiple Access Logs
o Conditional Logging
 Log Rotation
 Piped Logs
 Virtual Hosts
 Other Log Files
o PID File
o Script Log
o Rewrite Log

Security Warning

Anyone who can write to the directory where Apache is writing a log file can
almost certainly gain access to the uid that the server is started as, which is
normally root. Do NOT give people write access to the directory the logs are stored
in without being aware of the consequences; see the security tips document for
details.

In addition, log files may contain information supplied directly by the client,
without escaping. Therefore, it is possible for malicious clients to insert control-
characters in the log files, so care must be taken in dealing with raw logs.

ErrorLog

The server error log, whose name and location is set by the ErrorLog directive, is
the most important log file. This is the place where Apache httpd will send
diagnostic information and record any errors that it encounters in processing
requests. It is the first place to look when a problem occurs with starting the server
or with the operation of the server, since it will often contain details of what went
wrong and how to fix it.

The error log is usually written to a file (typically error_log on unix systems
and error.log on Windows and OS/2). On unix systems it is also possible to have
the server send errors to syslog or pipe them to a program.

The format of the error log is relatively free-form and descriptive. But there is
certain information that is contained in most error log entries. For example, here is
a typical message.

Access Log
The server access log records all requests processed by the server. The location and
content of the access log are controlled by the CustomLog directive.
The LogFormat directive can be used to simplify the selection of the contents of
the logs. This section describes how to configure the server to record information
in the access log.

Of course, storing the information in the access log is only the start of log
management. The next step is to analyze this information to produce useful
statistics. Log analysis in general is beyond the scope of this document, and not
really part of the job of the web server itself. For more information about this topic,
and for applications which perform log analysis, check the Open
Directory or Yahoo.

Common Log Format

A typical configuration for the access log might look as follows.

LogFormat "%h %l %u %t \"%r\" %>s %b" common
CustomLog logs/access_log common

This defines the nickname common and associates it with a particular log format
string. The format string consists of percent directives, each of which tell the server
to log a particular piece of information. Literal characters may also be placed in the
format string and will be copied directly into the log output. The quote character
(") must be escaped by placing a back-slash before it to prevent it from being
interpreted as the end of the format string. The format string may also contain the
special control characters "\n" for new-line and "\t" for tab.

Multiple Access Logs

Multiple access logs can be created simply by specifying

multiple CustomLog directives in the configuration file. For example, the following
directives will create three access logs. The first contains the basic CLF
information, while the second and third contain referer and browser information.
The last two CustomLog lines show how to mimic the effects of
the ReferLog and AgentLog directives.
LogFormat "%h %l %u %t \"%r\" %>s %b" common
CustomLog logs/access_log common
CustomLog logs/referer_log "%{Referer}i -> %U"
CustomLog logs/agent_log "%{User-agent}i"

This example also shows that it is not necessary to define a nickname with
the LogFormat directive. Instead, the log format can be specified directly in
the CustomLog directive.
Script Log

In order to aid in debugging, the ScriptLog directive allows you to record the input
to and output from CGI scripts. This should only be used in testing - not for live
servers. More information is available in the mod_cgi documentation.

Basics of php.ini

php.ini is the configuration file of a PHP installation. Its location can depend on your web server’s
operating system and the method you used to install PHP.

It basically consists of key-value pairs. Any line starts with a ;(semicolon) is a comment. Except
comment and blank lines, all the others are active settings. You can open this file in a text editor.

Before changing any setting, it’s a good practice to backup your original php.ini file. Otherwise if
you made an error in the file (mistyped) then your whole PHP installation won’t work. After
making a change, to take effect that change, you will have to restart your web server.

short_open_tag
You know that any PHP code should reside between <?php and ?> tags. Making this setting
‘On’ allows you to put PHP code between <? and ?> omitting the ‘php’ part in the opening tag.

However using short open tags is a bad practice since in some PHP installations this might have
been disabled. Thus your application won’t work in those servers.

But default tags would work in any PHP installation. To make sure that you write portable code
from the begging, set the value of this setting to ‘Off’.