This is a very real problem with some applications that are written poorly; it allows a remote user to send arbitrary SQL commands to the database server by manipulating data sent to the web server and piggy-backing the SQL commands against legitimate database queries executed by the web application, usually without any prior checking or sanitisation by the web application. To get one up on these flaws, GreenSQL is a "firewall" for MySQL databases. What it does is intercept SQL commands being sent to MySQL, checks them, and then either halts the query or passes it on to MySQL proper. Then it returns the query results to the calling application. GreenSQL provides binary packages for some Linux distributions. The greensql-console package provides a web interface that can be used to see what queries have been blocked, and you can also use it to configure what GreenSQL will block, what it should permit, and so forth. Untar the greensql-console tarball into your web tree, where it will live, and adjust config.php to suit your chosen GreenSQL username, password, and database name. As well, if you installed GreenSQL from source, you will want to ensure that GreenSQL will start at every system boot. Depending on your Linux distribution, it could be as easy as copying an initscript from the greensql-fw source tree or you may wish to add it to your local startup script.