Join the community today
Become a Member

MariaDB How do you protect your MariaDB?

Discussion in 'Centmin Mod Insights' started by Revenge, Feb 2, 2017.

  1. Revenge

    Revenge Active Member

    465
    93
    28
    Feb 21, 2016
    Portugal
    Ratings:
    +352
    Local Time:
    8:18 PM
    1.9.x
    10.1.x
    I was reading some groups that are hacking servers with MongoDB because in the default configuration it allows external connections without a password.

    So i was curious with how do you protect your MariaDB server from external connections(if you don't need them off course)?


    I use the mysql variable skip_networking. It will ignore tcp/ip connection and only accept unix sockets.

     
  2. pamamolf

    pamamolf Premium Member Premium Member

    3,952
    402
    83
    May 31, 2014
    Ratings:
    +782
    Local Time:
    10:18 PM
    Nginx-1.17.x
    MariaDB 10.3.x
    Using skip networking and block port 3306 at csf firewall i think is enough but let's wait for George's comment on this one as he is the expert :)

    Also i want to recommend you George to have the option skip-networking commented on the mycnf templates that you use so if anyone want to enable it to be there ready to go :)
     
  3. eva2000

    eva2000 Administrator Staff Member

    47,535
    10,787
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,772
    Local Time:
    6:18 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    Well skip-networking will trip up and cause issues for folks who have remote mysql servers. Your firewall i.e. CSF firewall properly configured by default blocks access too

    look at bind address in my.cnf too https://dev.mysql.com/doc/refman/5.7/en/server-options.html#option_mysqld_bind-address