Join the community today
Become a Member

MariaDB How do you protect your MariaDB?

Discussion in 'Centmin Mod Insights' started by Revenge, Feb 2, 2017.

  1. Revenge

    Revenge Active Member

    289
    64
    28
    Feb 21, 2016
    Portugal
    Ratings:
    +228
    Local Time:
    4:45 PM
    1.9.x
    10.1.x
    I was reading some groups that are hacking servers with MongoDB because in the default configuration it allows external connections without a password.

    So i was curious with how do you protect your MariaDB server from external connections(if you don't need them off course)?

    I use the mysql variable skip_networking. It will ignore tcp/ip connection and only accept unix sockets.


     
  2. pamamolf

    pamamolf Well-Known Member

    2,819
    251
    83
    May 31, 2014
    Ratings:
    +445
    Local Time:
    6:45 PM
    Nginx-1.13.x
    MariaDB 10.1.x
    Using skip networking and block port 3306 at csf firewall i think is enough but let's wait for George's comment on this one as he is the expert :)

    Also i want to recommend you George to have the option skip-networking commented on the mycnf templates that you use so if anyone want to enable it to be there ready to go :)
     
  3. eva2000

    eva2000 Administrator Staff Member

    30,927
    6,911
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,407
    Local Time:
    2:45 AM
    Nginx 1.13.x
    MariaDB 5.5
    Well skip-networking will trip up and cause issues for folks who have remote mysql servers. Your firewall i.e. CSF firewall properly configured by default blocks access too

    look at bind address in my.cnf too https://dev.mysql.com/doc/refman/5.7/en/server-options.html#option_mysqld_bind-address