How to Fix the Security Advisor MySQL Alert

The WHM Security Advisor scans for possible changes to harden your VPS security. Below we cover how to clear the following error for VPS users not using remote MySQL:

Security Advisor Scan

1. To check for the MySQL service warning, first Login WHM as root.
2. Select Security Advisor from the menu to start the scan.
   
3. Check for the MySQL service alert.
   

If the alert above does display, you can fix this using one, or both, of the following methods:

Edit Config File Close Port 3306

Note: This may prevent your VPS from using remote MySQL.

Edit Config File

1. SSH into your server as root.
2. Edit the

   /etc/my.cnf

   file and add

   bind-address=127.0.0.1

   to the file. To do so using nano editor:

   Type

   nano /etc/my.cnf

   and press

   Enter ⤶

   to open the file. Scroll to the bottom of the file using the

   Down

   arrow and add

   bind-address=127.0.0.1

   . Press

   Control

   and

   x

   for the save prompt before exiting. Press

   y

   , then

   Enter ⤶

   to save the file.
   
3. Afterwards, rescan with cPanel Security Advisor to ensure the error doesn’t recur.

Close Port 3306 using CSF

Another option is to close port 3306 using your firewall. Advanced Policy Firewall (APF) users can remove the port from the APF configuration file using SSH as root. ConfigServer & Firewall (CSF) users can do this within WHM as root using the steps below.

1. Select ConfigServer Security & Firewall from the WHM menu.
2. Under csf – ConfigServer Firewall select Firewall Configuration.
   
3. Under IPv4 Port Settings and Allow incoming TCP ports, remove “3306” from the text field.
   
4. Select Change at the bottom, then Restart csf+lfd.
   
5. Afterwards, rescan with cPanel Security Advisor to ensure the error doesn’t recur.

Congratulations. You’ve further enhanced your VPS security. APF users can upgrade to CSF using our installation guide or via verified email request.