Brett Powell Brett Powell - 2 months ago 7
MySQL Question

Disabling MySQL remote access to root

I have a MySQL Installation which has recently been compromised. Unfortunately this was due to another person leaving the 'root' account remotely accessible. I am currently trying to create an admin account which is locked down to specific IP Addresses and revoke the remote access on root.

Problems:


  • Custom admin account has specific IP Addresses set under "Host" but
    currently is permitting connections from any IP Address.


    • Root user still allows remote logins despite Host being set to "127.0.0.1", "::1" and "localhost".




I have flushed the privileges after making the changes shown in the following screenshot, where I am at a loss. Can anyone please let me know what I am doing wrong?

enter image description here

Answer

Run the following SQL script, to remove all access from remote hosts for the ‘root’ user

DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');

After this perform FLUSH PRIVILEGES;