Security Advisor in WHM shows the following warning.
The MySQL service is currently configured to listen on a public address: (bind-address=*)
Configure bind-address=127.0.0.1 in /etc/my.cnf or use the server’s firewall to restrict access to TCP port “3306”.
A malicious actor could take advantage of the server when unrestricted access is allowed to TCP port 3306. The MySQL service should only listen on the loopback address unless needed for a specific external connection.
- Access the server's command line as the 'root' user via SSH or the "Terminal" application in WHM.
- Edit /etc/my.cnf with your preferred text editor.
- Change the bind-address value to 127.0.0.1.
- Save the changes and exit the text editor.
- Restart the MySQL service using the following command.