从本地主机限制MySQL连接以提高安全性 [英] Restricting MySQL connections from localhost to improve security

问题描述

我听说任何知道我的MySQL用户名和密码的人都可以访问它，即使它只侦听 localhost 。

I heard that anyone that knows my MySQL Username and Password can access it, Even if it's listening only to localhost.

信息如下：

USER: root
PASS: 123456
Host: LOCALHOST (only)

任何人（本地）都可以访问它吗？

How is it possible that anyone out there (local) can access it?

推荐答案

如果您限制从远程主机访问您的用户名和密码，那么某人将无法从外部访问该数据库。

If you restrict access from remote hosts to your usernames and passwords then someone won't be able to access the database externally.

您还可以将防火墙配置为只允许来自本地主机的流量到3306（MySQL默认端口）。

You could also configure your firewall to only allow traffic to 3306 (MySQL Default Port) from the localhost machine.

/ strong>

Update

要设置您的用户，以便他们只能通过LOCALHOST访问：

To setup your user so they can only access through LOCALHOST use:

GRANT ALL PRIVILEGES ON *.* TO db_user @'localhost' IDENTIFIED BY 'db_passwd';
GRANT ALL PRIVILEGES ON *.* TO db_user @'127.0.0.1' IDENTIFIED BY 'db_passwd';

此外，将MySQL服务器绑定到本地地址。您可以通过编辑 my.cnf 的 [mysqld] 部分执行此操作：

Also, bind your MySQL server to the local address. You can do this by editing the [mysqld] section of my.cnf:

[mysqld]
bind-address = 127.0.0.1

这篇关于从本地主机限制MySQL连接以提高安全性的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！