Vesta 2.0 is coming soon! See our progress update: https://vestacp.com/docs/vesta-2-update
Security mysql remote user
-
thebuilder
- Posts: 3
- Joined: Sun Sep 04, 2016 7:11 pm
Security mysql remote user
Vesta adds mysql user with both host "localhost" and "%". This means every mysql user is exposed to remote login from every host. The vestacp version is 0.9.8-16
To me this sounds as a security risk. Remote access from any host should be avoided. Other control panels do allow this to be configured. For vesta it is currently hard coded to open all users for remote access.
I can edit func/db.sh to remove the creation of user with host "%" however probably it will be overwritten by vestacp updates.
To me this sounds as a security risk. Remote access from any host should be avoided. Other control panels do allow this to be configured. For vesta it is currently hard coded to open all users for remote access.
I can edit func/db.sh to remove the creation of user with host "%" however probably it will be overwritten by vestacp updates.
Re: Security mysql remote user
You can suspend ACCEPT rule for DB in firewall settings
or add
skip-networking
bind-address = 127.0.0.1
to [mysqld] section of my.cnf
or add
skip-networking
bind-address = 127.0.0.1
to [mysqld] section of my.cnf