Forced instance prefix for database
I'd like to have the ability to force a database-prefix of up to five characters for the plesk instance (alternative for a specific ext. databaseServer) for both databases and databaseUsers.
I use a MariaDB-cluster for my customers and there are multiple reasons I like to see such a feature:
- For security reasons: I don't like that the internal plesk-admin user has access to all databases - even if they do not belong to the instance domain's / customers. If the server would be hacked and somehow the mysql-admin-password extracted all my customers would be affected. With a prefix (e.g. w01) I could grant the plesk admin access to all databases with 'w01%' to limit the damage
- Easier administration: For me as a admin it comes handy if I can see from the db-cluster on which Plesk-instance I have to look to find the corresponding domain / subscription. Also for cluster-Backup creation and restores this comes handy
Timo Förster
shared this idea
This functionality is now available in the latest Plesk Obsidian 18.0.49 ("Added the ability to run Plesk with a centralized database"). The feature is currently in Beta. We encourage you to check the implementation and let us know what you think. All required information could be found in Plesk Documentation by the link https://docs.plesk.com/en-US/obsidian/deployment-guide/plesk-for-linux-plesk-installation-without-the-local-database.79703/ ("PLESK_DB_DSN_PREFIX")
We would appreciate hearing your feedback on the implementation of this functionality. Thanks in advance!
— AY
-
Aaron McHale
commented
In a shar ed hosting setup Plesk can force a subscription's database names and usernames t=o have a prefix.
The problem is the prefix used for the database name is often quite long as it is based on the domain name and so there are sometimes very limited characters for the actual database name. On top of that the database username prefix that is forced is often considerably shorter and so you end up with database names and usernames that are connected to the same database but are different making it harder to keep things organised. Additionally it becomes much more difficult to describe the database using the name and makes it harder to identify what application each database relates to.
I am proposing making it possible to use either the numeric domain, web space or subscription ID (whichever one makes most sense) as the prefix for both the database name and database username.
This would allow for much more characters to make sensible datrabase names and ensure that the database name and username can match, all making organisation much easier.