The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Restricting MySQL access by port

Discussion in 'Database Discussions' started by GoWilkes, Jan 21, 2016.

  1. GoWilkes

    GoWilkes Well-Known Member

    Joined:
    Sep 26, 2006
    Messages:
    367
    Likes Received:
    1
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    I'm almost embarrassed to ask this because it feels like a day 1 noob question.

    I noticed my MySQL error log has a lot of failed access attempts, which I assume are robots trying to brute force access.

    I don't have any remote servers that need to access any of my servers databases anymore, so I think I can restrict access by port. The plan is to:

    1. In CSF, block port 3306; and

    2. In my.cnf, add "bind-address=127.0.0.1"

    Here's the stupid question. By doing this, I'll JUST be blocking remote servers from logging in to MySQL, right? Scripts on the same server as MySQL would still be able to access it normally and show content as usual?

    I was about to make these changes, then suddenly panicked that I would be blocking myself out of the server :-O Or worse, blocking everyone from seeing scripts that use MySQL content and not realize it.
     
  2. dalem

    dalem Well-Known Member
    PartnerNOC

    Joined:
    Oct 24, 2003
    Messages:
    2,577
    Likes Received:
    40
    Trophy Points:
    48
    Location:
    SLC
    cPanel Access Level:
    DataCenter Provider
    It will run just fine you local connections should be connecting via localhost. You do not need the " In my.cnf, add "bind-address=127.0.0.1" and if you need remote access later you just add the ip of the remote machine the the csf.allow
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    MySQL will still function for local connections, but you will need to whitelist IP addresses for users that connect to their databases from external servers.

    Thank you.
     
Loading...

Share This Page