How to Fix the Security Advisor MySQL Alert

The WHM Security Advisor scans for possible changes to harden your VPS security. Below we cover how to clear the following error for VPS users not using remote MySQL:

Security Advisor Scan

  1. To check for the MySQL service warning, first Login WHM as root.
  2. Select Security Advisor from the menu to start the scan.
    Screenshot in WHM selecting Security Advisor

  3. Check for the MySQL service alert.
    MySQL port open Security Advisor alert

If the alert above does display, you can fix this using one, or both, of the following methods:

Edit Config File Close Port 3306

Note: This may prevent your VPS from using remote MySQL.

Edit Config File

  1. SSH into your server as root.
  2. Edit the
    /etc/my.cnf

    file and add

    bind-address=127.0.0.1

    to the file. To do so using nano editor:

    Type

    nano /etc/my.cnf

    and press

    Enter ⤶

    to open the file. Scroll to the bottom of the file using the

    Down

    arrow and add

    bind-address=127.0.0.1

    . Press

    Control

    and

    x

    for the save prompt before exiting. Press

    y

    , then

    Enter ⤶

    to save the file.
    Screenshot adding code to my.cnf

  3. Afterwards, rescan with cPanel Security Advisor to ensure the error doesn’t recur.

Close Port 3306 using CSF

Another option is to close port 3306 using your firewall. Advanced Policy Firewall (APF) users can remove the port from the APF configuration file using SSH as root. ConfigServer & Firewall (CSF) users can do this within WHM as root using the steps below.

  1. Select ConfigServer Security & Firewall from the WHM menu.
  2. Under csf – ConfigServer Firewall select Firewall Configuration.
    CSF selecting Firewall Configuration

  3. Under IPv4 Port Settings and Allow incoming TCP ports, remove “3306” from the text field.
    Removing port 3306

  4. Select Change at the bottom, then Restart csf+lfd.
    Restarting CSF and LFD

  5. Afterwards, rescan with cPanel Security Advisor to ensure the error doesn’t recur.

Congratulations. You’ve further enhanced your VPS security. APF users can upgrade to CSF using our installation guide or via verified email request.

Thoughts on “How to Fix the Security Advisor MySQL Alert

Leave a Reply