Reputation: 2019
I have created a home Apache server with MySQL and PHP. I have just created a website that I want to be publicly accessible, majorly for my experimenting. However I just realized that my MySQL server that is running on port 3306, usually my PHP connects to the database on localhost with a username and no password. Can't any other remote PHP script connect to my database and siphon off all the stored data? Does it not put my website in jeopardy? How do I stop remote connections to my database server? I only want the applications on my server(or those that I approve of), to access my database. Forgive me if the wording is bad, I couldn't find any helpful articles on Google.
Upvotes: 0
Views: 350
Reputation: 4905
You can restrict your MySQL server to listen only for localhost connections with bind-address = 127.0.0.1
configuration option as it was suggested in the comments.
If you want to make changes only for this particular user you can check the grants with the following query:
SHOW GRANTS FOR CURRENT_USER;
If it is not restricted only to localhost
you can restrict it:
GRANT ALL PRIVILEGES ON *.* TO <username> @'localhost' IDENTIFIED BY '<password>';
GRANT ALL PRIVILEGES ON *.* TO <username> @'127.0.0.1' IDENTIFIED BY '<password>';
In general, I would recommend adding a password because you can make some other configuration changes in future or run other apps using the same MySQL server. It is better to be safe than sorry.
Upvotes: 1