Skip to main content

Security Advisor shows the warning: "The MySQL service is currently configured to listen on all interfaces"

cPanelAaronH
  • Updated

Symptoms

Security Advisor in WHM shows the following warning:

CONFIG_TEXT: The MySQL service is currently configured to listen on a public address: (bind-address=*)
Configure bind-address=127.0.0.1 in /etc/my.cnf or use the server’s firewall to restrict access to TCP port “3306”.

 

Cause

A malicious actor could take advantage of the server when unrestricted access is allowed to TCP port 3306. The MySQL service should only listen on the loopback address unless needed for a specific external connection.

 

Solution

  1. Access the server's command line as the 'root' user via SSH or the Terminal application in WHM.
  2. Edit /etc/my.cnf with your preferred text editor.

  3. Change the bind-address value to 127.0.0.1 under the [mysqld] section:

    CONFIG_TEXT: bind-address=127.0.0.1

  4. Save the changes and exit the text editor.

  5. Restart the MySQL service using the following command:

    # /scripts/restartsrv_mysql

 

Additional Resources

Terminal in WHM | cPanel & WHM Documentation

Related articles

Comments

0 comments

Article is closed for comments.