mysql and mysqldump –defaults-file without a password

MySQL has an amazing option called –defaults-file. It can be used to store credentials in configuration file as it shown in example below:


Make sure you did not store such configration files anywhere inside public_html accessible via HTTP or HTTPS on your website. It is real security breach. Do not do it. Consider to change –defaults-file ../some_secure_path_outside_www/ permissions as low as 600 only accessible to user to read/write it. Nobody other should have access to it. Store such files outside of any virtual host htdocs, www or public_html folders.

With such configation files you can skip authorization when using mysql, mysqldump commands.
Example commands are:
1. To make db backup you can run command like:

# mysqldump --defaults-file=../some_secure_path_outside_www/ db1 > db1.sql

2. To restore db from SQL dump file you can execute command below:

# mysql --defaults-file=../some_secure_path_outside_wwwpath/ db1 < db1.sql

You could also use my PHP cli scripts to generate such .cnf configuration files automatically from a popular CMS and frameworks at:

Example usage of command below:

# php get_create_my_cnf.php /home/taras/public_html >../some_secure_path_outside_www/

Please, also look at documentation for more details:

Leave a Reply

Your email address will not be published. Required fields are marked *