限制来自本地主机的 MySQL 连接以提高安全性
我听说任何知道我的 MySQL 用户名和密码的人都可以访问它,即使它只监听 localhost.
I heard that anyone that knows my MySQL Username and Password can access it, Even if it's listening only to localhost.
假设我的信息如下:
USER: root
PASS: 123456
Host: LOCALHOST (only)
那里的任何人(本地)怎么可能访问它?
How is it possible that anyone out there (local) can access it?
推荐答案
如果您将远程主机的访问限制为您的用户名和密码,那么其他人将无法从外部访问数据库.
If you restrict access from remote hosts to your usernames and passwords then someone won't be able to access the database externally.
您还可以将防火墙配置为仅允许从 localhost 机器到 3306(MySQL 默认端口)的流量.
You could also configure your firewall to only allow traffic to 3306 (MySQL Default Port) from the localhost machine.
更新
设置您的用户,使他们只能通过 LOCALHOST 使用:
To setup your user so they can only access through LOCALHOST use:
GRANT ALL PRIVILEGES ON *.* TO db_user @'localhost' IDENTIFIED BY 'db_passwd';
GRANT ALL PRIVILEGES ON *.* TO db_user @'127.0.0.1' IDENTIFIED BY 'db_passwd';
另外,将您的 MySQL 服务器绑定到本地地址.您可以通过编辑 my.cnf 的 [mysqld] 部分来做到这一点:
Also, bind your MySQL server to the local address. You can do this by editing the [mysqld] section of my.cnf:
[mysqld]
bind-address = 127.0.0.1
相关文章