mysql security question

Discussion in 'General' started by clark61, Apr 9, 2009.

  1. clark61

    clark61 New Member

    Hi all,
    a question about security
    during the setup we comment bind_address in /etc/mysql/
    Why we want that mysql listen on all addresess?
    Isn't a risk for possibles attaks mysql injection?
    Many thanks
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    It need sto listen on all addresses if you want to use a multiserver setup or if your clients shall be able to access it from outside. If you dont want tit to be accessible from outside you can also block it by enabling the firewall.

    No. Mysql injection attacks are done trough vulnerabble scripts on your server as these scripts are already logged into the server. These scripts are connectiong to anyway so this makes no difference.

Share This Page