On a Ubuntu 'Perfect' server with MariaDB under ISPconfig, if the database name, user and password is known then any local domain can access any local database even if the databases are specifically configured not to allow remote access. This has very serious security implications if one either knows the credentials for one of the other domain's databases ( or can guess /hack them ) or can get hold of an account on shared server that has hosts the victim's database. Is there a configuration that prevents this 'feature' ? I would like to lock down the database such that sql can only be run from the named domain that owns that particular database and not from ANY other domain whether on the local server or via remote access. I stumbled on this when I restored a website to a fresh tld on the same server only to find the clone logged itself into the original database !