Restricting MySQL connections from localhost to improve security

Question

I heard that anyone that knows my MySQL Username and Password can access it, Even if it\'s listening only to localhost.

Supposing my info is as following:

Answer 1

you can block direct access to MySQL at the firewall or within MySQL itself, but the most likely way you'd be hacked is through an insecure web application - in that situation the attacker would most likely be able to read your database login and connect from the server.

So keep your applications secure - keep everything updated, don't allow file uploads, use suPHP if you have multiple accounts etc.

If you restrict your mysql application follow this steps:

1.You could just block port 3306. If the site is on the same server then it will still be able to access the database using localhost as the hostname.

2.Just add "bind-address = 127.0.0.1" to the "[mysqld]" section of their my.cnf file to restrict access to localhost only.

Most of people use this type of restriction.