Configure your MySQL/Mariadb server to accept local connections

So lets say that you have created a Database server, and you wanted to accept only connections from other servers using the internal/private IP, to be honest I found that the easy way is to do that via iptables, am not going to talk about how to save your iptables as I will assume that you know how to do so, if you dont search using

Lets assume that your private ip is and your public ip is so now you will have to execute the following commands :

First and before I explain the codes you will need to edit your my.cnf file and change the bind-address value from to

Lets explain each one :

1- Allow local host connections
iptables -A INPUT -i lo -j ACCEPT

2- Allow the current connections, so you wont kicked out.
iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT

3- Allow any connection to the internal IP on the port 3306 note that eth0 is my ethernet on the server, you should change it to the correct one on your server, you can use ifconfig  to know more about your server
iptables -A INPUT -i eth0 -d -p tcp --destination-port 3306 -j ACCEPT

4- Reject any connection to the public one
iptables -A INPUT -i eth0 -d -p tcp --destination-port 3306 -j REJECT

5- Drop all other connections
iptables -A INPUT -j DROP

thats all, now if you want to access your server remotely you will need to depend on SSH Tunneling not direct connections.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.