It has been our constant endeavour to make continuous improvements to our infrastructure in terms of stability and security. For the next step in this process, we are planning to upgrade the MySQL version from v5.5 to the latest stable version supported by cPanel on all our shared linux hosting servers. This will help us to improve the performance, enable new features and enhance the security of the server.
What is the impact? The older version of MySQL stores password in a 16 byte format. However, post MySQL upgrade the password will be stored in a 41 byte format which provides better security and reduces the risk of password sniffing.
What has to be done? To prevent service disruption, we request you to reset your existing MySQL user password from cPanel. Doing so will automatically store the new password in a 41 byte format and ensure that you do not face any issues post the upgrade process.
Steps to reset the password of a MySQL database user : https://documentation.cpanel.net/display/ALD/MySQL+Databases#MySQLDatabases-CurrentUsers
Once the password has been reset, you need to update the configuration files of the database driven websites with the new password.
Note: You can also reset the password using your existing password itself. Eg, if your existing password is “pass@123” and while resetting you enter the new password as “pass@123”, you do not need to update your connection strings but the password format will change from the current 16 byte hash to 41 byte hash.
When do you need to change? We are planning to schedule the MySQL upgrade at the earliest. Hence, we request you to reset the password of all MySQL database users under your account by 15th November, 2017.
For any further clarifications, please contact our Support Helpdesk.
Wednesday, September 13, 2017