The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

change mysql default port

Discussion in 'General Discussion' started by jcorreia, Apr 3, 2007.

  1. jcorreia

    jcorreia Well-Known Member

    Joined:
    Apr 25, 2005
    Messages:
    53
    Likes Received:
    0
    Trophy Points:
    6
    Hi,
    I´ve seen that my mysql server is having a lot of refused connections. I don´t know how to check if this is normal or hacks attempts.
    I´ve checked this using MONyog from http://www.webyog.com/.
    I thought that I could change the default port in my.cnf but I don´t know if cpanel will put that in the default after some update.

    Can you help me in the best way for doing this ? Thanks..
     
  2. jayh38

    jayh38 Well-Known Member

    Joined:
    Mar 3, 2006
    Messages:
    1,215
    Likes Received:
    0
    Trophy Points:
    36
    The easiest way to accomplish this is to first run a good firewall and ruleset.
    with that done, simply disable public connections to mysql by adding this
    into /etc/my.cnf

    skip-networking

    this will allow localhost connections only without changing the port.
     
  3. jcorreia

    jcorreia Well-Known Member

    Joined:
    Apr 25, 2005
    Messages:
    53
    Likes Received:
    0
    Trophy Points:
    6
    I don´t have a firewall and I´m a litle bit afraid of breaking it now..I think I have to think of it more seriously..
    as for skip-networking I already have that but I don´t like people hammering at my door ;)
    Is there any log where we can check who is trying to enter ?
    Thanks for your reply.
     
  4. jayh38

    jayh38 Well-Known Member

    Joined:
    Mar 3, 2006
    Messages:
    1,215
    Likes Received:
    0
    Trophy Points:
    36
    Your main concern would/should be a firewall. You are worried about taking a bullet in the heart but nothing else is protected. Get your server locked down. As far as everyone knocking on your door for port 3306, they will do that regardless if they see that port or not. You are not connectible to addresses outside the localhost even if someone did have your mysql root password, so its not a concern
     
  5. yash

    yash Member

    Joined:
    Aug 28, 2006
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    1
    and if you want to see who is trying to enter check your logs!

    /var/log
     
  6. jcorreia

    jcorreia Well-Known Member

    Joined:
    Apr 25, 2005
    Messages:
    53
    Likes Received:
    0
    Trophy Points:
    6
    thanks you both,
    there are a lot of logs in there. Which one should I check ? messages, secure ?
     
Loading...

Share This Page