Checks whether the current server's MySQL port is secure

aaP_daniel.azeredo

hello, after installing and configuring aaPAnel, I have this security alert that I can't resolve.

Test type: MySQL securityRisk level: Medium risk
Risk detail: 当前 MySQL 端口: 3306 ，可被任意服务器访问，这可能导致 MySQL 被暴力破解，存在安全隐患
Solution: 1 、 If not necessary, remove the MySQL port release from the [Security] page
2 、 Restrict IP access to MySQL port through the [System firewall] plug-in to enhance security
3 、 Use [Fail2ban] plug-in to protect MySQL service

This port is not open on the firewall and when I try to block on Fail2ban I get the following error message:

[/www/server/data/vps1.localdomain.err] The log file does not exist and cannot be created

How can I solve this problem? If port 3306 is not open, this alert should not appear.

aapanel_sniper

Good afternoon, Sir.
This warning will appear if you open port 3306 for external network access.

You can ignore it, or take security measures, but here are my suggestions:

Replace port 3306 with other less commonly used port, e.g. 33560?
If you do not need external network access to 3306, please close it;
Set a password with high complexity, which can have symbols, uppercase letters, numbers, etc.;
Do not enable root to log in remotely.