Due to differing needs and requirements this is difficult to answer except on a case by case basis. The MySQL website has a section regarding general security of a MySQL database available here: http://dev.mysql.com/doc/refman/5.0/en/security.html
Additionally some good practices are:
- Verify your root MySQL account password is set
- the test account and database that were created during the initial installation
- Login to mysql as root, from the command prompt “shell> mysql –u root –p mysql” and enter the password when prompted
- mysql> drop database test;
- mysql> use mysql;
- mysql> delete from user where user=’test’;
- mysql> delete from user where user=”;
- mysql> flush privileges;
- Make sure that each account has a password set
- Do not grant global privileges unnecessarily
- Avoid using wildcards in the hostname value associated with accounts
- Periodically review users and databases that are setup in MySQL
- Do not use passwords on the command line. From the command line you can login to MySQL using “shell> mysql –u root –password=somepassword mysql” the problem with this is anyone on the server could view your password with a simple process list command “shell> ps”. The correct usage would be: “shell> mysql –u root –p mysql”, from this MySQL will prompt your for your password and it will not show up in the process list as plain text.
Note: There are many excellent articles available on the web for MySQL security. Go to your search engine of choice and search “securing mysql” and you should have reading for weeks.