Port 3306 Open - Firewall not blocking port

[DrWizzle]

Good evening everyone. Reading a post earlier reminded me of a post I was supposed to make here a while ago but forgot. I rented a server from a well known European brand and went ahead and installed DA on it. Set it up, hardened the server and set the firewall up. Started using it and saw no problems.

I can't find the email, but it came from [email protected] and just seeing the email address made my heart sink thinking what the heck was wrong? So I opened it and it was from MySQL / MariaDB guys who scan datacentres for open ports and informed me my port 3306 was open. They emailed my providers abuse email address and forwarded it to me. I checked firewall and it was indeed not listed in firewall open rules but port was listed as open to the public by nmap which I didn't want.

So, DA installed itself, firewall (CSF - LFD) was setup to close port 3306 but port was still open. I had to fix this

in /etc/mysql/my.cnf - add at bottom

[mysqld]
bind-address = 127.0.0.1

#systemctl restart mysqld

This fixes the port issue, keeping databases local, if anyone else has this and doesn't want external access to their databases.

Check your ports and see if it's open as it's a potential security risk if you're not running external DB access.

 

[Richard G]

Doesn't DA add that automatically anymore nowadays?

Anyway it's always one of the todo things on my list when installing a new server.

 

[DrWizzle]

Doesn't DA add that automatically anymore nowadays?

Anyway it's always one of the todo things on my list when installing a new server.

It's also one of my to do things, along with little things like removing chaos records from BIND and changing port 22 to something random to try and make the attack surface smaller for bots. I just thought it would be blocked with CSF, but hey ho! No harm done, and every day's a school day

One thing I like about DA: They're always keeping you on your toes!