We come to building security by continuing out to the next ring. All the protection inside the server won't do us any good if the server decides to take a walk at three in the morning. Just as we secure the inside of the server, we need to secure the outside too.
Firstly, where is the server located? Is it in a common area where anyone in the office could get to it? This could be bad on a number of levels, the first being that someone could accidentally or on purpose disconnect the power supply to it. We can mitigate external power outages to some extent by installing battery backup units and such, but someone with physical access to the machine can easily get around that and cut the power supply to our servers. To its credit, MariaDB — when we use a transactional or crash safe storage engine—guards against losing or corrupting data in such cases, but at the very least, a surprise power outage will disrupt every application that needs to talk to that database server. If the server is in a locked room, we should find out who has access to the room.
Also consider the building. Most businesses and offices close at night—the building or office is locked at closing time and opens again in the morning—however, this is not true for all businesses. For example, what if the server is located in the manager's office of a 24-hour supermarket and the door to that office is always open or unlocked? If so, then we need to think about locking that door (automatically if people keep forgetting to lock it), or getting a small lockable server cage installed which is bolted to the wall or floor, or come up with some other way of securing the server.
An easy analogy is to treat a server like money. We use database servers to either save money, generate income, or both. If we would feel comfortable leaving a large stack of money in the location our server is in, then it is probably a pretty good place for our server (assuming there is power and adequate cooling).
The best place for a server is usually with other servers in a dedicated server room. Preferably, this should be a room that is secure and where access is controlled with well-defined security policies and procedures. These could range from a locked closet (that only a few chosen people can access and which has a server sitting on a shelf) to a locked server cage at a large data center (that has raised floor cooling, 24 x 7 on-site security, and everything in surplus). There is no one particular location that is right for every situation, but we need to evaluate ours and make sure that our server is physically protected.