Installing the Software Vulnerability Manager On-Premises Edition in Dual Mode

If the Software Vulnerability Manager On-Premises Edition is installed in dual mode - one to host Apache, PHP and Software Vulnerability Manager and the second server for MySQL - you should create a database user with the appropriate privileges to allow remote access to the database from the Software Vulnerability Manager Server.

The following query needs to be executed on the MySQL server:

•

Example user name "csi"

•

Example password "Sekret1"

GRANT EXECUTE, PROCESS, SELECT, SHOW DATABASES, SHOW VIEW, ALTER, CREATE, CREATE TEMPORARY TABLES, CREATE VIEW, DELETE, DROP, INDEX, INSERT, UPDATE, CREATE USER, FILE, LOCK TABLES, RELOAD, SUPER ON *.* TO 'csi'@'%' IDENTIFIED BY 'Sekret1' WITH GRANT OPTION;

GRANT USAGE ON *.* TO 'csi'@'%';

FLUSH PRIVILEGES;

When ‘csi’@’%’ is used, it creates a user named csi that can connect remotely from any host ‘%’. To lock-down the host, it can connect from/to the Software Vulnerability Manager App Server when you create the access grants (instead of %) for the host name and IP address as follows:

Example host name "csi7server.network.local" 

… ON *.* TO 'csi'@'csi7server.network.local' IDENTIFIED BY 'Sekret1' WITH GRANT OPTION;

Example IP address "10.0.0.127" 

… ON *.* TO 'csi'@'10.0.0.127' IDENTIFIED BY 'Sekret1' WITH GRANT OPTION;

Executing the grant twice, once for host name, once for IP, will allow the App server to connect if it is recognized by either host name or IP address.