Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Restricting MySQL access by port

Discussion in 'Database Discussion' started by GoWilkes, Jan 21, 2016.

  1. GoWilkes

    GoWilkes Well-Known Member

    Sep 26, 2006
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator
    I'm almost embarrassed to ask this because it feels like a day 1 noob question.

    I noticed my MySQL error log has a lot of failed access attempts, which I assume are robots trying to brute force access.

    I don't have any remote servers that need to access any of my servers databases anymore, so I think I can restrict access by port. The plan is to:

    1. In CSF, block port 3306; and

    2. In my.cnf, add "bind-address="

    Here's the stupid question. By doing this, I'll JUST be blocking remote servers from logging in to MySQL, right? Scripts on the same server as MySQL would still be able to access it normally and show content as usual?

    I was about to make these changes, then suddenly panicked that I would be blocking myself out of the server :-O Or worse, blocking everyone from seeing scripts that use MySQL content and not realize it.
  2. dalem

    dalem Well-Known Member

    Oct 24, 2003
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    DataCenter Provider
    It will run just fine you local connections should be connecting via localhost. You do not need the " In my.cnf, add "bind-address=" and if you need remote access later you just add the ip of the remote machine the the csf.allow
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Apr 11, 2011
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator
    Hello :)

    MySQL will still function for local connections, but you will need to whitelist IP addresses for users that connect to their databases from external servers.

    Thank you.
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice