Hello, can someone point me in the right direction.

  1. do I need to release port 3306, if so it wouldn't affect the websites! also how it is done.
  2. to use my IP address?
  3. don't know how to use this one

So whichever solution, I would appreciate the help. Thanks

Solution:
1、If not necessary, remove the MySQL port release from the [Security] page
2、Restrict IP access to MySQL port through the [System firewall] plug-in to enhance security
3、Use [ Fail2ban ] plug-in to protect MySQL service

Good morning, Sir.

If you must open the public port access of MySQL, in addition to what you mentioned above, I would like to give you the following security advice, I hope it can help you.

  1. If you do not have to use 3306, please replace port 3306 with other port, such as 33356? Or some other port that's not so easy to guess.
  2. It is recommended that you only allow non-root users to access your MySQL through the public network. You may have a number of users running MySQL. It is recommended that you open only the users you need, not the root user running MySQL. This is quite dangerous.
  3. More complex passwords that are longer than 16 bits. Complex passwords are useful for all kinds of security.

Morning, Thanks for the reply, I appreciate your help! where I can change the port within aapanel, within the sys firewall?

    Thanks! ive blocked the port and also added fail2ban on that port as-well

    Hey,
    Sorry this may sound dumb, but is it fine to close public access to this port for Wordpress sites?
    I presume them being hosted on the server itself, they will have 'local' access anyway?

    Thanks! 🙂

      obbzy
      Hello, Sir
      The thing is, WordPress only uses the database account of its current site. It doesn't affect other accounts.
      If you disable its access, your website will not work properly.