...
| Code Block | ||
|---|---|---|
| ||
CREATE DATABASE wpkryptondbwpdailyplanetdb; GRANT ALL PRIVILEGES ON wpkryptondbwpdailyplanetdb.* TO 'wpkryptonuserwpdailyplanetuser'@'localhost' IDENTIFIED BY 'password'; FLUSH PRIVILEGES; |
Adjust the variables for your application.
wpkryptondb wpdailyplanetdb - Name of the database for the WordPress application instance. We use the domain name of the website.
wpkryptonuser wpdailyplanetuser - User account for accessing the database.
...
password - Change to password using algorithm based on name of the website domain, in this case kryptondailyplanet.
| Tip |
|---|
Database Admins will not like granting all privileges. After the initial setup is done we will restrict to more minimal privileges. |
...
| Field | Value | Comment |
|---|---|---|
| Database Name | wpkryptondbwpdailyplanetdb | |
| User Name | wpkryptonuserwpdailyplanetuser | |
| Password | This is the application password set during the wpkryptondb wpdailyplanetdb database creation step. | |
| Database Host | localhost | Address of the database server. In this example, the database is on the same server so use localhost. |
| Table Prefix | bf_ | The Bonsai Framework approach is to not share a single database instance. As such it is not technically necessary to change the table prefix. However, given the architecture of WordPress and popularity it is recommended to change the prefix to something other than wp_ to make the system less susceptible to attacks. |
...
| Field | Value | Comment |
|---|---|---|
| Site Title | Kryptondailyplanet | We like to reference our domain name. |
| Username | tempadmin | You probably do not want to use the default admin for username. WordPress (as of Sep 2012) out of the box, has no facilities to stop dictionary attacks against the administration system. Admin will be the first username guessed by automated attacks. Because the username put here will show up in the default site generated, this will be a temporary administrator account. |
| Password | As mentioned, WordPress has no facilities to stop dictionary attacks. On top of that, the default setup exposes your administrator account name on the Internet. Choose a very very long and complex password. (Anyone know of a good site that shows how quickly an entered password would be broken with a dictionary attack, put the link here) | |
| Your E-mail | Whatever email is chosen here, it will not be the final one used by the real administrator account. Keeping in mind that WordPress does not allow duplicate emails, in this example, the administrator will use a personal email and then use a proper email account when the real administrator account is created. | |
| Privacy | This depends on the purpose of your website. Unless this is a private site that should not show up on Google, leave it checked. |
...
| Field | Value | Comment |
|---|---|---|
| Site Title | Kryptondailyplanet | We like to reference our domain name. |
| Username | setupadmin | WordPress (as of Sep 2012) out of the box, has no facilities to stop dictionary attacks against the administration system. So pick something not that obvious. The example here is very obvious so don't use it. Consider using your server name. |
| Password | As mentioned, WordPress has no facilities to stop dictionary attacks. On top of that, the default setup exposes your administrator account name on the Internet. Choose a very very long and complex password. (Anyone know of a good site that shows how quickly an entered password would be broken with a dictionary attack, put the link here) | |
| Your E-mail | admin@bonsaiframework.com | If there is more than one administrator, you should have a general support email box that only administrators have access to. This email address will be used for password recovery purposes. |
...
| Code Block | ||
|---|---|---|
| ||
REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'wpkryptonuserwpdailyplanetuser'@'localhost'; GRANT SELECT, INSERT, UPDATE ON wpkryptondbwpdailyplanetdb.* TO 'wpkryptonuserwpdailyplanetuser'@'localhost' IDENTIFIED BY 'password'; FLUSH PRIVILEGES; EXIT |
Adjust the variables for your application.
wpkryptondb wpdailyplanetdb - Name of the database for the WordPress application instance. We use the domain name of the website.
wpkryptonuser wpdailyplanetuser - User account for accessing the database.
...
password - Change to password using algorithm based on name of the website domain, in this case kryptondailyplanet.
Verify the changes took effect,
| Code Block | ||
|---|---|---|
| ||
SHOW GRANTS FOR 'wpkryptonuserwpdailyplanetuser'@'localhost'; |
File Permissions
...