Hi,
Welcome to the world of Linux.
Generally, if you make any changes to Webservers like Apache, it is best to restart it anyway, so that it picks up your changed config. In almost all instances, webservers only read config changes at startup.
MySQL in the real world would most definitely have a password on it and most people on the forum would have done that straight away. Unfortunately that will cause some issues, because currently the Excito upgrade process via the GUI relies on their being no password in place. If you do decide to add a password, then you will need to manually apply upgrades for yourself from the SSH login using apt-get update and apt-get dist-upgrade, so that you can interactively type the password when required.
Excito are aware of this and are actively looking at options to fix this for future releases. Personally, I'm much happier just installing a password and running the upgrades from the SSH terminal, rather than leaving an insecure MySQL server theoretically vulnerable to an easy attack. With a password in place, any hacker would have to work just that little bit more to get at the data
]