CentOS mysql listen on localhost only

From snippet wiki
Jump to navigation Jump to search

By default the mysql daemon listens on any interface and might be accessible from the internet. You can test this by running: 

# netstat -an|grep 3306
tcp        0      0 0.0.0.0:3306             0.0.0.0:*                   LISTEN

To secure that, edit the file in /etc/my.cnf and add to the [mysqld] section: 

bind-address = 127.0.0.1

And restart the service: 

# /etc/init.d/mysqld restart
Stopping mysqld:                                        [  OK  ]
Starting mysqld:                                        [  OK  ]

Have a new try on looking for the listening interface ports: 

# netstat -an|grep 3306
tcp        0      0 127.0.0.1:3306             0.0.0.0:*                   LISTEN

That is the result you want.

Retrieved from "http://snippet.wiki/w/index.php?title=CentOS_mysql_listen_on_localhost_only&oldid=536"