469,590 Members | 2,171 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,590 developers. It's quick & easy.

how do you close MySQL port 3306 except to localhost?

I want to run MySQL on server but it only be accessible to programs on
localhost. I see that port 3306 is open on server so I need to close
it.

How do I do that while keeping it available to programs running on
localhost?

Oct 11 '06 #1
4 25758
I think you can do this with your firewall. If you don't allow traffic
on port 3306 nobody from the outside will be able to connect to the
MySQL server, but apps running on localhost will still have access.

I am running MySQL on OS 10.4 and changing the firewall settings is
realy easy. I don't have much experience with other operating systems.
I hope this helps.
Paul wrote:
I want to run MySQL on server but it only be accessible to programs on
localhost. I see that port 3306 is open on server so I need to close
it.

How do I do that while keeping it available to programs running on
localhost?
Oct 11 '06 #2

to*******@yahoo.com wrote:
I think you can do this with your firewall. If you don't allow traffic
on port 3306 nobody from the outside will be able to connect to the
MySQL server, but apps running on localhost will still have access.

I am running MySQL on OS 10.4 and changing the firewall settings is
realy easy. I don't have much experience with other operating systems.
I hope this helps.
So it's a firewall issue rather than a MySQL setting issue, right? I
remember seeing in one MySQL table configuration where the % user was
not allowed any access and localhost was allowed all access or a subset
thereof.

Many thanks torpecool!

Oct 11 '06 #3
Paul wrote:
I want to run MySQL on server but it only be accessible to programs on
localhost. I see that port 3306 is open on server so I need to close
it.

How do I do that while keeping it available to programs running on
localhost?
One solution is to enable the option in your my.cnf file:

bind-address=127.0.0.1

This means that only clients connecting from the specified IP address
are permitted to connect.

But this is not the same thing as closing port 3306 to the outside
world. A port-detection tool would still show the port as "open," even
though the application listening on the port (mysqld) will refuse all
connections unless they come from the local IP address.

So as torpedocool says, the better solution is to configure your
firewall rules in the way you want.

Regards,
Bill K.
Oct 11 '06 #4
Bill Karwin wrote:
Paul wrote:
I want to run MySQL on server but it only be accessible to programs on
localhost. I see that port 3306 is open on server so I need to close
it.

How do I do that while keeping it available to programs running on
localhost?

One solution is to enable the option in your my.cnf file:

bind-address=127.0.0.1

This means that only clients connecting from the specified IP address
are permitted to connect.

But this is not the same thing as closing port 3306 to the outside
world. A port-detection tool would still show the port as "open," even
though the application listening on the port (mysqld) will refuse all
connections unless they come from the local IP address.

So as torpedocool says, the better solution is to configure your
firewall rules in the way you want.

Regards,
Bill K.
I understand now and thanks for your reply. A day without learning
something is like a day without sunshine!

Oct 11 '06 #5

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

reply views Thread by Steve Carson-Rowland | last post: by
1 post views Thread by Reply-Via-Newsgroup Thanks | last post: by
1 post views Thread by Paul Muns | last post: by
reply views Thread by ryanmhuc | last post: by
reply views Thread by suresh191 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.