Brett Powell Brett Powell - 1 month ago 4
MySQL Question

Disabling MySQL remote access to root

I have a MySQL Installation which has recently been compromised. Unfortunately this was due to another person leaving the 'root' account remotely accessible. I am currently trying to create an admin account which is locked down to specific IP Addresses and revoke the remote access on root.


  • Custom admin account has specific IP Addresses set under "Host" but
    currently is permitting connections from any IP Address.

    • Root user still allows remote logins despite Host being set to "", "::1" and "localhost".

I have flushed the privileges after making the changes shown in the following screenshot, where I am at a loss. Can anyone please let me know what I am doing wrong?

enter image description here


Run the following SQL script, to remove all access from remote hosts for the ‘root’ user

DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '', '::1');

After this perform FLUSH PRIVILEGES;